Configuring TOR + OpenVPN

Since I wanted all my traffic to go through Tor. Not only HTTP(s) but ALL traffic (nmap, sqlmap and other utilities are in scope).

nmap works silly and I don’t know why yet. It shows every port as open.

I’ve used this article. It really helps because it’s really hard and annoying to keep all these commands in mind.

Install Tor like always (not bundle).

Then add the following to the end of torrc file:

VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 9040
TransListenAddress 10.8.0.1
DNSPort 53
DNSListenAddress 10.8.0.1

May be you’ll need to change 10.8.0.1 to your OpenVPN address.

Then we use the script to update iptables rules and route our traffic through Tor:

#!/bin/sh

_trans_port="9040"
_int_if="tun0"

iptables -t nat -A PREROUTING -i $_int_if -p udp --dport 53 -j REDIRECT —to-ports 53
iptables -t nat -A PREROUTING -i $_int_if -p tcp  --syn -j REDIRECT —to-ports $_trans_port

To work with onions site you should use Tor DNS. To do so change the line with DNS to:

push "dhcp-option DNS 10.8.1.1"

That’s it. ez yep?

Since I wanted all my traffic to go through Tor. Not only HTTP(s) but ALL traffic (nmap, sqlmap and other utilities are in scope).

nmap works silly and I don’t know why yet. It shows every port as open.

I’ve used this article. It really helps because it’s really hard and annoying to keep all these commands in mind.

Install Tor like always (not bundle).

Then add the following to the end of torrc file:

VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 9040
TransListenAddress 10.8.0.1
DNSPort 53
DNSListenAddress 10.8.0.1

May be you’ll need to change 10.8.0.1 to your OpenVPN address.

Then we use the script to update iptables rules and route our traffic through Tor:

#!/bin/sh

_trans_port="9040"
_int_if="tun0"

iptables -t nat -A PREROUTING -i $_int_if -p udp --dport 53 -j REDIRECT —to-ports 53
iptables -t nat -A PREROUTING -i $_int_if -p tcp  --syn -j REDIRECT —to-ports $_trans_port

To work with onions site you should use Tor DNS. To do so change the line with DNS to:

push "dhcp-option DNS 10.8.1.1"

That’s it. ez yep?