OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: mpompeia on February 02, 2018, 02:36:32 pm

Title: Transparent TOR
Post by: mpompeia on February 02, 2018, 02:36:32 pm
This might be a silly question but is it possible to use TOR in a transparent manner.

I am already used squid as a transparent proxy.

Many thanks!!
Title: Re: Transparent TOR
Post by: lattera on February 02, 2018, 05:40:37 pm
I don't know if you can combine both Tor and Squid on the same instance, but yes, you can configure Tor as a transparent proxy in OPNsense. I've done it before. I should write up a little tutorial on how to do it.
Title: Re: Transparent TOR
Post by: fabian on February 02, 2018, 08:27:58 pm
@lattera: with the plugin this should be easy - it is the same rule used for squid but for another redirect port. Please note that you cannot use both for the same destination IP:port at the same time. In case of squid it would probably work to tunnel outgoing traffic through tor with an cache_peer but it is not possible to configure that in the GUI at the moment.
Title: Re: Transparent TOR
Post by: mpompeia on February 02, 2018, 10:57:49 pm
Thanks for the answers.

Right now I would be glad to route traffic only through tor, if I can't through both, but something is still not ok, as I can use tor if configured directly on the browser, just not in transparent mode.

I've attached my options. What am I missing here?...

Cheers,
Manuel
Title: Re: Transparent TOR
Post by: fabian on February 03, 2018, 09:35:48 am
Transparent IP Pool must be at minimum a /16 network to be valid however this might not be what is stopping you. You also must forward UDP/53 to 9053 because you cannot resolve .onion addresses if you are not using it. Next you will probably not need fascist mode.

Lattera knows better - he is using Tor a lot.

You can restart Tor on the command line using service restart tor to see if there are error messages. A lot of warnings will be visible because tor is not running for a single user which is expected behaviour.
Title: Re: Transparent TOR
Post by: mpompeia on February 04, 2018, 11:50:15 am
Thanks fabian!

It was indeed the transparent ip pool size. I must have set it to /24 after testing using the browser configuration, hence why it was working before and not after.