1

I'm someone who has very little technical experience but became interested in the idea of a transparent Tor proxy. I'm well aware that this isn't a secure implementation but I thought I could learn a bit through this process. What I want to do is to combine the following two tutorials with my Pi Zero W.

Access point as WiFi repeater, optional with bridge

https://learn.adafruit.com/onion-pi/install-tor

The first one works fine and is able to reliably pass my Wifi traffic forward to my router. I've followed the directions on the second one almost precisely, with two major exceptions. First, I've replaced /etc/tor/torrc with the following, as recommended by the Tor Project wiki.

VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 192.168.4.1:9040
DNSPort 192.168.4.1:5353

https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#AnonymizingMiddlebox

You might notice that I've replaced the address from 192.168.1.1 to 192.168.4.1 since the latter represents ap0 in the first tutorial. Neither address seems to make a difference though.

Second, I've also downloaded iptables-persistent and installed it onto my Pi.

The Pi is still able to pass my Wifi traffic forward perfectly well, but it seems to completely ignore my Tor set-up. Whenever I check my IP address it's the same as it was before. As someone who's a novice to all this, I'm curious as to what I've done wrong that causes my Pi to ignore my Tor installation.

user104380
  • 11
  • 1
  • You may have more luck asking this question on linux.stackexchange.com or security.stackexchange.com, as most of it has to do with Linux/Debian upon which Raspbian is based. – user96931 Jun 03 '19 at 17:41

1 Answers1

0

The tutorial for the WiFi repeater uses systemd-networkd. The second tutorial from adafruit to install the tor proxy doesn't respect sytemd-networkd and does it's own setup of the needed iptables rules. I think it's possible to combine this but it seems not to be an easy task. A better way in this combination is to use also systemd to extend the tor.service with the iptables rules. So it is not needed to install and configure additional software like iptables-persistent.

I have made a tested setup to configure a tor proxy as extention to my tutorial for an WiFi repeater. You will find it at How to make Raspberry Pi a Tor router with all kind of network setup using systemd-networkd. It fits exactly your needs.

Ingo
  • 40,606
  • 15
  • 76
  • 189