[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor Transparent Setup



Hi,

Your problem might have something to do with the DNS configuration. The
article on the Tor website uses: DNSPort 5353

Unfortunately port 5353 is the standard port for multicast DNS(mDNS)
and thus might already be in use by a program involved with mDNS. You
can check which program is listening on port 5353 with the following
command:

sudo netstat -lup | grep 5353

If this command reports another program than Tor, then change the
DNSport value in both the torrc file and the firewall scripts. I use
9041 as DNSPort. After the changes (and restarts!), run the above
command again to check if DNS is handled by Tor.

Hope this helps,

Rob.
https://hoevenstein.nl


On Wed, 2017-12-27 at 19:42 -0500, Jeff Newman wrote:
> I'm new to Tor (and pseudo-new to Iptables), but not a unix newbie
> (started
> in '88) - however, I've literally spent the last 24 hours trying to
> get the
> few complete and/or relevant HowTo's I could find for
> Tor/IPTables/CentOS to
> work - without success.  
> 
> I'm trying to implement a transparent proxy on a CentOS 6.5 machine
> that I'm
> going to use as a desktop.  I don't want to use the Tor Browser, but
> would
> rather have then "entire" system Tor'd (I realize there are leak
> potentials).  I have a static public IP I am using directly on this
> single
> network port machine.  
> 
> With a default IPTables config, and no Tor installed/configured, I
> can ping
> the internet and browse without issue.
> 
> This tutorial:
> 
> https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#Tr
> anspare
> ntlyRoutingTrafficThroughTor
> 
> My system doesn't like the Tor configuration, but the IPTables script
> seems
> to run correctly.  After editing resolv.conf to 127.0.0.1, DNS does
> not
> resolve (hangs), so that appears to be a bust.
> 
> I pulled the Tor config from this one:
> 
> http://www.digitalarmedforces.org/index.php/8-linux/19-how-to-setup-t
> or-as-a
> -transparent-proxy-on-ubuntu-linux
> 
> but their IPTables config doesn't seem to hold after restart.  Using
> their
> Tor config with the previous IPTables script seems most complete
> (everything
> starts without failures, logs look happy), but still no DNS
> resolution
> (hangs).
> 
> Other tutorials I've found have depreciated config options, or are
> for
> different Linux versions, and that seems to create problems.  I did
> finally
> figure out that SELinux had to be uninstalled to get past some config
> file
> permission access issues, but other than that, every time I try to
> connect
> to check.torproject.org, it says "sorry" if it can resolve at all.
> 
> Anyone know of a good, current set of tutorials that works?  I'd
> really
> appreciate the help.  The Tor website doesn't seem to have any
> examples that
> are updated, or that I can get to work or are relevant.  It does seem
> like
> everyone is saying "it's simple, just do this" but copy/pasting their
> stuff
> doesn't work (I do change the machine IP in scripts as needed).  And
> it
> really does seem like it should be simple, as there are only a couple
> ways
> to use it, and a couple options to set.
> 
> CentOS 6.5 build (core i7, Tor yum installed, fully yum updated)
> Tor 0.2.9.12-1 (EL6)
> Iptables 1.4.7-16
> 
> I also tried a CentOS 7.x build, but had no luck there either
> (similar
> results).
> 
> Thanks.
> 
> Jeff Newman
> 
> 
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk