Transparent TOR

[mpompeia]

This might be a silly question but is it possible to use TOR in a transparent manner.

I am already used squid as a transparent proxy.

Many thanks!!

[lattera]

I don't know if you can combine both Tor and Squid on the same instance, but yes, you can configure Tor as a transparent proxy in OPNsense. I've done it before. I should write up a little tutorial on how to do it.

[fabian]

@lattera: with the plugin this should be easy - it is the same rule used for squid but for another redirect port. Please note that you cannot use both for the same destination IP:port at the same time. In case of squid it would probably work to tunnel outgoing traffic through tor with an cache_peer but it is not possible to configure that in the GUI at the moment.

[mpompeia]

Thanks for the answers.

Right now I would be glad to route traffic only through tor, if I can't through both, but something is still not ok, as I can use tor if configured directly on the browser, just not in transparent mode.

I've attached my options. What am I missing here?...

Cheers,
Manuel

[fabian]

Transparent IP Pool must be at minimum a /16 network to be valid however this might not be what is stopping you. You also must forward UDP/53 to 9053 because you cannot resolve .onion addresses if you are not using it. Next you will probably not need fascist mode.

Lattera knows better - he is using Tor a lot.

You can restart Tor on the command line using service restart tor to see if there are error messages. A lot of warnings will be visible because tor is not running for a single user which is expected behaviour.

[mpompeia]

Thanks fabian!

It was indeed the transparent ip pool size. I must have set it to /24 after testing using the browser configuration, hence why it was working before and not after.