Skip to content

Instantly share code, notes, and snippets.

@jkullick
Last active August 29, 2023 13:39
Show Gist options
  • Save jkullick/270408782d0cb4a1370316fab72c3e88 to your computer and use it in GitHub Desktop.
Save jkullick/270408782d0cb4a1370316fab72c3e88 to your computer and use it in GitHub Desktop.
Transparent Tor WLAN Proxy on Debian

Install packages:

apt-get update
apt-get install hostapd udhcpd tor iptables-persistent

Disable WLAN interface:

ifconfig wlan0 down

/etc/network/interfaces

allow hotplug wlan0
iface wlan0 inet static
  address 10.0.0.1
  netmask 255.255.255.0

Activate WLAN interface:

ifconfig wlan0 up

/etc/default/udhcpd

#DHCPD_ENABLED="no"

/etc/udhcpd.conf

start 10.0.0.100
end 10.0.0.200
interface wlan0
remaining yes
opt dns 8.8.8.8 8.8.4.4
opt subnet 255.255.255.0
opt router 10.0.0.1
opt lease 7200

/etc/default/hostapd

DAEMON_CONF="/etc/hostapd/hostapd.conf"

/etc/hostapd/hostapd.conf

interface=wlan0
ssid=The Onion Router
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
wmm_enabled=0

/etc/tor/torrc

Log notice file /var/log/tor/notices.log
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsSuffixes .onion,.exit
AutomapHostsOnResolve 1
TransPort 9040
TransListenAddress 10.0.0.1
DNSPort 53
DNSListenAddress 10.0.0.1

IPTables:

iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --to-ports 22
iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040

iptables-save > /etc/iptables/rules.v4
reboot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment