Tor Project on Tomato

Discussion in 'Tomato Firmware' started by Kibe, May 20, 2013.

  1. Kibe

    Kibe LI Guru Member

    Hello everyone!

    I'd like to redirect all traffic from a specific IP address range in my network to TOR, instead of just the traffic with destination port 80 as described in the GUI.

    I'm using Shibby's Tomato Firmware 1.28.0000 MIPSR2-109 K26 USB AIO-64K on a Asus RT-N66U.

    Is this possible with maybe some custom configuration on that field?

    Thanks for checking!
    goRt likes this.
  2. Monk E. Boy

    Monk E. Boy Network Guru Member

  3. shibby20

    shibby20 Network Guru Member

    just add new iptables rule to firewall.
    iptables -t nat -A PREROUTING <user_ip> -p tcp ! -d <router_lan_ip> -j DNAT --to-destination <router_lan_ip>:<tor_transport>
  4. Kibe

    Kibe LI Guru Member

    Thank you very much Shibby for your reply!

    What should I use for <tor_transport>?

    Assuming my router IP address is and the client I want all traffic to be routed using tor is then the line to add to firewall would be like this?

    iptables -t nat -A PREROUTING <> -p tcp ! -d <> -j DNAT --to-destination <>:<tor_transport>
  5. shibby20

    shibby20 Network Guru Member

    if you didn`t change 'Trans Port' in GUI, then default value is 9040.

    iptables -t nat -A PREROUTING -s -p tcp ! -d -j DNAT --to-destination
    Monk E. Boy, Kibe and pharma like this.
  6. Kibe

    Kibe LI Guru Member

    Thank you so much Shibby!

    Will give a try during the weekend!

  7. myaad

    myaad Network Newbie Member

    Thanks so much adding -s before the user_ip makes it work
  8. jdjgjc

    jdjgjc New Member Member

    Thank you all in advance for your help with the TOR client.

    My question is: by what way I can redirect the ALL traffic through the TOR client of the Shibby's router?
    As for now I find only one suggestion/solution that was clear to me, but it relates to the TCP traffic ONLY:
    In the another place of the forum I find the addition suggestion that relates to the both TCP and UDP traffic, but it is NOT clear to me, and therefore I can not use it (I do not know what I need to write into my Shibby's router! :( !):
    And in addition I do not know, whether there are another types of the traffic in addition to the TCP and UDP?! I need to redirect the ALL types of the traffic through the TOR Client of the router!!! (As at the beginning of the using the TOR Client of the Shibby's router I will very happy that its rates are very-very height -- until I understand that the "clear" TOR client are working with the unit's traffic "sometimes" only and therefore my traffic does not goes through the TOR tunnel. Now, after the Porevo's clear suggestion was applied, the router seems as treating the TCP traffic, but I NEED the UDP traffic to be transferred through the TOR too! And any another traffic TOO, PLEASE!!!)

    PS. Two questions to Shibby, please!
    Is there a timeout for idle of the TOR? I'm suffering the connection faults every time I thinking about this post for more than a number of minutes - and then I need to recycling the power of the TOR-router (I have ONLY TOR client activated in the router).
    The second question is, PLEASE: are the all TOR's circuit's nodes connected each with another by ciphered connection? I know this is very stupid question, but after the experience of the TOR-Router that was not use the TOR circuits to transfer my traffic, now I want be sure I will use the secured tunnel, please!
  9. Monk E. Boy

    Monk E. Boy Network Guru Member

    iptables -t nat -A PREROUTING --src -p udp --syn -j REDIRECT --to-ports $tor_trans_port

    However, unless you have a fairly high-end router (and probably even if you have a fairly high-end router), Tor's connection speeds, latency, and high rate of packet loss is likely not going to be reliable enough for you to route all your traffic through it. Every teenager and college student connected to the internet is trying to route their file sharing traffic through Tor, brainiacs trying to order hitmen through it, perverts trading child porn through it, and pretty much every other illegal activity you can think of being done through it... and you end up with a network overloaded with traffic and connection issues.
  10. Toastman

    Toastman Super Moderator Staff Member Member

    To all members ... please don't post the same questions in multiple threads.

    Thank you.
  11. jdjgjc

    jdjgjc New Member Member

    Thank you, dear Monk E. Boy! Instead of my young age I stay try to reach the TOR client for the router. Unfortunately there are very much problem with this realization of the client :( . Before all, both your and of Maurer suggestions are not useful (maybe, in my router only?) -- the UDP traffic does not going through the client. So these both lines from my router does not works :( :
    (the x.x.x.x is the IP of the router).

    In addition there are some questions about the client and I will very thankful for the answers :( :
    • Haw much relays are in the circuit that the client ordered?
    • Are all relays always be selected randomly? (I find in the web the message that says that the first relay (after the client's start only?) is always the same relay - and I do not know to check the relays and the number of the relays into the circuit).
    • Are the packets ciphered and with which ciphering the client does this?

    I asking only the simple questions because a) I do not able to ask the complicated, clever and deep questions, and b) because the experience with the routing client that does NOT route without the UN-DOCUMENTED tuning and does not route even after some versions of the tuning patches -- all this causes to me to be very careful and be asking a questions :( .
    (As for now, I'm even not sure and do not know the way to check whether the client are treated at least the TCP traffic :) . It "looks" as "yes", but the facts are not known for me :( .
    By the way... sometimes the client looks as freezes and does not work without the router reboot - even its gui does not react to the browser's requests).

    I will be very thankful for answers and for help!!!
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice