We will configure Tor to log messages to /var/log/tor/notices.log and then add a new section at the bottom of the configuration file to configure it to listen for transparent proxy connections on port 8086 and DNS requests on port 53. Mixmaster torbrowser-launcher socat tor-arm apparmor-utils obfsproxyĠ upgraded, 2 newly installed, 0 to remove and 2 not upgraded.Īfter this operation, 4221 kB of additional disk space will be used.Ĭreated symlink /etc/systemd/system//tor.service # apt-get install tor -no-install-recommends Note – DHCP requests use UDP and as the clients may not yet have an IP addresses you can’t specify the source address range either. The next thing to do is to configure the firewall to deny any incoming connections by default, and then allow incoming SSH connections to allow you to connect to the proxy and manage it using SSH if required, as well as incoming DHCP requests so clients can obtain an IP address.
Python3 python3-minimal python3.5 python3.5-minimal ufwĠ upgraded, 15 newly installed, 0 to remove and 2 not upgraded.Īfter this operation, 25.3 MB of additional disk space will be used.Ĭreating config file /etc/ufw/les with new versionĬreating config file /etc/ufw/les with new versionĬreating config file /etc/ufw/les with new versionĬreating config file /etc/ufw/les with new versionĬreated symlink /etc/systemd/system//ufw.service
Python3.5-doc binutils binfmt-support rsyslog
Libdpkg-perl python3-doc python3-tk python3-venv python3.5-venv Python3 python3-minimal python3.5 python3.5-minimal Libpython3.5-minimal libpython3.5-stdlib libxtables12 mime-support # apt-get install ufw -no-install-recommendsĭh-python iptables libip6tc0 libiptc0 libmpdec2 libpython3-stdlib We need to configure it with the name of the interface and the DHCP range to use, obviously the DHCP range must be in the same subnet that we used when assigning the static IP address to the interface earlier. The following NEW packages will be installed:ĭnsmasq dnsmasq-base libgmp10 libhogweed4 libnetfilter-conntrack3Ġ upgraded, 7 newly installed, 0 to remove and 2 not upgraded.Īfter this operation, 2037 kB of additional disk space will be used. The following additional packages will be installed:ĭnsmasq-base libgmp10 libhogweed4 libnetfilter-conntrack3 libnettle6 If you are going to use a LAN connection then you just need to configure the second interface with a static IP address, skip the steps that configure a wireless access point, and then remember to substitute the right interface name in the place of wireless interface name in the subsequent steps. If you are using a wireless connection then need to begin by installing the firmware and configuring the wireless network to assign a static IP address to the interface you will be connecting to. The examples below show the commands I used on a Raspberry Pi with a USB Wireless adapter, but I have also set up a transparent proxy on an old desktop machine with a couple of network cards. It is also not necessarily that difficult to establish a link between your web browsing activity and you use of other cloud based services (such as Dropbox, iCloud and Spotify for example) that can be used to identify you. You also need to remember that one of the consequences of using a proxy is that although your connection may be protected this by itself won’t hide any information that your web browser or other applications may reveal about you or your location. I think I’ve succeeded in getting it to work as it appears to be doing what it should, however I’m not an expert so you need to check that the proxy really is working properly yourself before relying on it! Yes – I’m well aware that Tor can be abused, but I share the view that it also has a number of important legitimate uses as well. Having successfully configured a Raspberry Pi as a wireless access point I decided to see if I could use a similar approach to build a transparent Tor proxy.
0 kommentar(er)
