Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
resolve tor onion stuff without leaking data.
Enable the DNS and transparent proxy ports for Tor:
torrc:
------
DNSPort 9053
TransPort 9040
AutomapHostsOnResolve 1
Tell iptables to send Tor's locally mapped addresses through the transparent proxy port:
iptables -t nat -A OUTPUT -p tcp -d 127.192.0.0/10 -j REDIRECT --to-ports 9040
Or, if you use ufw:
before.rules: (add this to the beginning before *filter)
-------------
*nat
-A OUTPUT -p tcp -d 127.192.0.0/10 -j REDIRECT --to-ports 9040
COMMIT
Tell unbound to resolve .onion addrs via tor's local dns server:
unbound.conf:
-------------
server:
do-not-query-localhost: no
forward-zone:
name: "onion"
forward-addr: 127.0.0.1@9053
forward-first: no
Use unbound for DNS resolution:
resolv.conf:
------------
nameserver 127.0.0.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment