CalfCrusher/route-all-traffic-through-tor.md

## route-all-traffic-through-tor.md

      
    Raw
  

              route-all-traffic-through-tor.md
            
          
    Do not use in production Server or if you don't know what iptables do

Add this to torrc ( located on /etc/tor/torrc):
VirtualAddrNetwork 10.192.0.0/10

AutomapHostsOnResolve 1

TransPort 9051 

DNSPort 9053

Run the attached script as root so all traffic will route from Tor.
you can also use attached torrc as a sample.

  
## route-traffic-through-tor.sh
#!/bin/sh

# ignored location
IGN="192.168.1.0/24 192.168.0.0/24"
# Enter your tor UID
UID="XXX"
# Tor's Port. default is 9050 but if you changed it in torrc change next line
PORT="9050

iptables -F
iptables -t nat -F
iptables -t nat -A OUTPUT -m owner --uid-owner $UID -j RETURN
#Change if you select another port for Tor DNS in torrc. I select 9053. Also DNS default  port is 53
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053
for NET in $IGN 127.0.0.0/9 127.128.0.0/10; do
 iptables -t nat -A OUTPUT -d $NET -j RETURN
done
iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $PORT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
for NET in $IGN 127.0.0.0/8; do
 iptables -A OUTPUT -d $NET -j ACCEPT
done
iptables -A OUTPUT -m owner --uid-owner $UID -j ACCEPT
iptables -A OUTPUT -j REJECT

## torrc
#set tor socks proxy to 9052
SocksPort 0.0.0.0:9052
SocksPolicy accept 192.168.1.0/24

UseBridges 1
#Here is an example of tor bridges. you can obtain it from: bridges.torproject.org
Bridge obfs4 IP:port KEY cert=CERT iat-mo$
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy

VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
#Tor tansport
TransPort 9051
#tor DNS port
DNSPort 9053
	#!/bin/sh

	# ignored location
	IGN="192.168.1.0/24 192.168.0.0/24"
	# Enter your tor UID
	UID="XXX"
	# Tor's Port. default is 9050 but if you changed it in torrc change next line
	PORT="9050

	iptables -F
	iptables -t nat -F
	iptables -t nat -A OUTPUT -m owner --uid-owner $UID -j RETURN
	#Change if you select another port for Tor DNS in torrc. I select 9053. Also DNS default port is 53
	iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053
	for NET in $IGN 127.0.0.0/9 127.128.0.0/10; do
	iptables -t nat -A OUTPUT -d $NET -j RETURN
	done
	iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $PORT
	iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
	for NET in $IGN 127.0.0.0/8; do
	iptables -A OUTPUT -d $NET -j ACCEPT
	done
	iptables -A OUTPUT -m owner --uid-owner $UID -j ACCEPT
	iptables -A OUTPUT -j REJECT
	#set tor socks proxy to 9052
	SocksPort 0.0.0.0:9052
	SocksPolicy accept 192.168.1.0/24

	UseBridges 1
	#Here is an example of tor bridges. you can obtain it from: bridges.torproject.org
	Bridge obfs4 IP:port KEY cert=CERT iat-mo$
	ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy

	VirtualAddrNetwork 10.192.0.0/10
	AutomapHostsOnResolve 1
	#Tor tansport
	TransPort 9051
	#tor DNS port
	DNSPort 9053