Anonymize TCP traffic on Debian with Tor

Tor is free software for enabling anonymous communication.Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis.

Here is the OS used :

> lsb_release -c
Codename:       jessie

Install TOR directly from the packages :

> apt-get install tor 

And stop the service to configure it :

> service tor stop

Edit the configuration file as follow :

> vi /etc/tor/torrc
AutomapHostsOnResolve 1
TransPort 9040
DNSPort 53

Use Tor’s DNSPort on the loopback interface :

> echo nameserver > /etc/resolv.conf

Then you can start the service :

> service tor start

Before starting iptables configuration, we need to know the user id that Tor runs as :

> ps -o uid -o "%u %U" -A | grep tor
106 debian-+ debian-tor

Then we can create our iptables script :

> cd /etc/
> vi

And add the following :


### set variables
#destinations you don't want routed through Tor

#the UID that Tor runs as (varies from system to system)

#Tor's TransPort

### flush iptables
iptables -F
iptables -t nat -F

### set iptables *nat
iptables -t nat -A OUTPUT -m owner --uid-owner $_tor_uid -j RETURN
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 53

#allow clearnet access for hosts in $_non_tor
for _clearnet in $_non_tor; do
   iptables -t nat -A OUTPUT -d $_clearnet -j RETURN

#redirect all other output to Tor's TransPort
iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $_trans_port

### set iptables *filter
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#allow clearnet access for hosts in $_non_tor
for _clearnet in $_non_tor; do
   iptables -A OUTPUT -d $_clearnet -j ACCEPT

#allow only Tor output
iptables -A OUTPUT -m owner --uid-owner $_tor_uid -j ACCEPT
iptables -A OUTPUT -j REJECT

Note : It’s important to change the _tor_uid=”106″ to the value found earlier !

Make it executable:

> chmod +x

And run it :

> ./

A quick check :

> wget
> cat index.html

And check for the title line :

Congratulations. This browser is configured to use Tor.

Note, to stop using TOR :

> sudo echo nameserver >  /etc/resolv.conf
> iptables -F 
> service tor stop

Leave a Reply

Your email address will not be published. Required fields are marked *