1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is there a How-To to help configure TOR on Shibby firmware?

Discussion in 'Tomato Firmware' started by luckydog2006, Jul 27, 2012.

  1. luckydog2006

    luckydog2006 LI Guru Member

    Hi All,

    How to you configure TOR and know that TOR is working on the router running Shibby Tomato firmware? Any help would be appreciated. When I enable it, it says Bootstrapped 100% done. But what else needs to be done?When I check TOR website, it sees my IP address. So, I'm not sure if its working.

    Thanks.
     
  2. ulyan

    ulyan Networkin' Nut Member

    +1 good question !
     
  3. shibby20

    shibby20 Network Guru Member

    nothing else. All iptables rules will be added automatically.

    do you redirect all hosts from bridge or selectable ip`s?
    do you use some proxy? Have iptables (redirect) rule(s) in firewall?
    do you use dnscrypt?
     
  4. luckydog2006

    luckydog2006 LI Guru Member

    Q. do you redirect all hosts from bridge or selectable ip`s?
    A. All users are redirected from LAN (br0) under Advanced/TOR Project.

    Q. do you use some proxy? Have iptables (redirect) rule(s) in firewall?
    A. None.

    Q. do you use dnscrypt?
    Yes. I have dnscrypt-proxy checked under Basic/Network. Should I disable this?
     
  5. shibby20

    shibby20 Network Guru Member

    clean Tomato 097 AIO running on wnr3500Lv2

    WAN static, wireless configured and thats all.

    enable tor for all host in br0
    log:
    check iptables
    chech http://check.torproject.org on PC
    Congratulations. Your browser is configured to use Tor.

    Now i enable dnscrypt
    chech http://check.torproject.org one more time
    Congratulations. Your browser is configured to use Tor.

    check www.opendns.com/welcome/
    Welcome to OpenDNS!

    All works correct.
     
  6. luckydog2006

    luckydog2006 LI Guru Member

    Ok, thanks. I'm going to try it out and see if I can get it working like yours. Thanks shibby.
     
  7. quietsy

    quietsy LI Guru Member

    Thanks for adding TOR!

    When I enable TOR everything looks fine in the log and in iptables, but not the online check:
    Sorry. You are not using Tor.

    I also noticed it redirects to https://check.torproject.org/ and TOR only works with Only connections to destination port 80 are redirected to TOR.
    Could this be the problem?
     
  8. AlterEgo

    AlterEgo Networkin' Nut Member

    Thanks I am in the same boat. Did you find a solution to it. I have simply enabled Tor in the linksys menu, and supposedly all traffic now goes through it.

    But the https://check.torproject.org/ still says I am not using Tor.

    A check on www.mywanip.com shows that I am now not using my ISP Wan IP but another one from the tor network which reverse translated into torsrva.snydernet.net for the while.

    Plus how can I enable that all traffic in addition to the normal port 80 traffic is redirected via tor, supposedly there needs to be some commands in the custom configuration section, but me being a noob cant get a hold of it.

    Any ideas.
     
  9. pharma

    pharma Network Guru Member

    Try installing the normal TOR software and see what you need to do in order to have it working the way you want. Then enable and apply what you've learned to the router version.

    Or see if you can get it working by following Shibby's instructions (above) to the letter (having router settings exactly the way he does). Once it's working, then slowly change the router settings to your normal router settings and see if you continue to have issues.
     
  10. homeless_2012

    homeless_2012 Serious Server Member

    Can you back up a step here.."Enable Tor for all hosts in br0" - where? how?

    I'm running....tomato-ND-1.28.5x-102-SD-VPN.trx on a LinkSys WRT54G ver 2.

    Name TomatoUSB
    Model Linksys WRT54G/GS/GL
    Chipset Broadcom BCM4712 chip rev 1 pkg 0
    CPU Freq 200MHz
    Flash Size 4MB

    I swear I've looked through all the menus and can't find any where to do what you are saying.


     
  11. homeless_2012

    homeless_2012 Serious Server Member

    Bump...

     
  12. teknowiz

    teknowiz Serious Server Member

    I believe the setting you are looking for is the field "Redirect all users from".
     
  13. lefty

    lefty Networkin' Nut Member

    It is highly likely that the build you have doesn't have the TOR feature. AFAIK 4MB flash units don't have the TOR feature, its too big to fit it and everything else in a 4MB build.
     
  14. maurer

    maurer LI Guru Member

  15. Nello

    Nello Reformed Router Member

    I'd like to run a Tor Relay on my Asus RT-N16 with Tomato Firmware 1.28.0000 MIPSR2-102 K26 USB AIO.

    In other words, I'm not interested in routing LAN traffic into Tor. I just want to contribute bandwidth to the Tor circuits.

    Can someone give me an idea how to configure this? Do I need a later version of Tomato?

    Thanks in advance.
     
  16. ebeighe

    ebeighe Reformed Router Member

    I've turned on tor; and as others have noted above, it by default only makes traffic to port 80 go through the tor network -- so https://check.torproject.org/ "fails" but something like http://www.mywanip.com/ "works" (shows some ip other than my real wan ip address).
    I visited the site mentioned above and am at a loss as to how to put those instructions into my tomato router. (and what is the "custom configuration" textbox in the router's tor gui?).
    E.g. I put in a command (from ssh) like
    iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j REDIRECT --to-ports 53
    but tomato responds with
    iptables: No chain/target/match by that name
     
  17. Mark Tomlinson

    Mark Tomlinson Reformed Router Member

    +1, I'm interested in doing the same. I've got firmware '1.28.0000 MIPSR2-117 K26 USB AIO' also on an RT-N16. I figure I can just enable it on an unused IP or interface, but that gives me no guarantee that I'm running a relay. I know I can run a custom configuration, but does that entirely override all parameters in the default configuration?

    I'm so confused. What's the best way to handle this?
     
  18. Majingos

    Majingos New Member Member

    Shibby please help!

    Trying to connect to the Tor socks proxy server from my Openvpn application on my PC and get the following error message:

    TCP: connect to [AF_INET]10.0.0.1:9050 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.

    I have successfully connected to the Onion Tor server of my PC in 127.0.0.1:9150 but for some reason cannot connect to the Tor server of the router. (Noted default listening Socks port are different; not a typo)

    Also is there a way to make the router forward ALL ports to Tor and not just port 80? Alternatively is there a way to change the default routing port to say 443?

    Running Tomato Firmware 1.28.0000 MIPSR2-131 K26AC USB AIO-64K
     
  19. Porevo

    Porevo Network Newbie Member

    to redirect all tcp traffic into TOR on Tomato, add this firewall rule:
    Code:
    iptables -t nat -A PREROUTING -i br0 -p tcp --syn ! -d 192.168.1.1 -j DNAT --to-destination 192.168.1.1:9040
    
    change 192.168.1.1 to router IP
     
  20. jdjgjc

    jdjgjc New Member Member

    Thank you all in advance for your help with the TOR client.

    My question is: by what way I can redirect the ALL traffic through the TOR client of the Shibby's router?
    As for now I find only one suggestion/solution that was clear to me, but it relates to the TCP traffic ONLY:
    In the another place of the forum I find the addition suggestion that relates to the both TCP and UDP traffic, but it is NOT clear to me, and therefore I can not use it (I do not know what I need to write into my Shibby's router! :( !):
    And in addition I do not know, whether there are another types of the traffic in addition to the TCP and UDP?! I need to redirect the ALL types of the traffic through the TOR Client of the router!!! (As at the beginning of the using the TOR Client of the Shibby's router I will very happy that its rates are very-very height -- until I understand that the "clear" TOR client are working with the unit's traffic "sometimes" only and therefore my traffic does not goes through the TOR tunnel. Now, after the Porevo's clear suggestion was applied, the router seems as treating the TCP traffic, but I NEED the UDP traffic to be transferred through the TOR too! And any another traffic TOO, PLEASE!!!)

    PS. Two questions to Shibby, please!
    Is there a timeout for idle of the TOR? I'm suffering the connection faults every time I thinking about this post for more than a number of minutes - and then I need to recycling the power of the TOR-router (I have ONLY TOR client activated in the router).
    The second question is, PLEASE: are the all TOR's circuit's nodes connected each with another by ciphered connection? I know this is very stupid question, but after the experience of the TOR-Router that was not use the TOR circuits to transfer my traffic, now I want be sure I will use the secured tunnel, please!
     
  21. jdjgjc

    jdjgjc New Member Member

    Thank you for this your solution!!!

    Can you, in the addition, help with the rest of the traffic's types - with the UDP and with an another types of the traffic (if they exists? I'm very novice in the field, excuse me, please!)? I need the ALL traffic that are coming into the router from the both it sides (both an incoming and an outgoing traffics of all types of protocols) to be going through the TOR Client ONLY, Please!!!
     
    Last edited: Aug 6, 2016
  22. Toastman

    Toastman Super Moderator Staff Member Member

    To all members ... please don't post the same questions in multiple threads.

    Thank you.
     

Share This Page