Upload
cosasdeangel
View
50
Download
4
Embed Size (px)
Citation preview
Options For ThisHowto
Free SupportPaid Support
Navigation
Howtos
Linux
Android
CentOS
Debian
Fedora
Kernel
Mandriva
PCLinuxOS
SuSE
Ubuntu
Web Server
Apache
Cherokee
Lighttpd
nginx
Backup
Control Panels
ISPConfig
DNS
BIND
MyDNS
PowerDNS
djbdns
Desktop
Anti-Spam/Virus
Postfix
FTP
High-Availability
Monitoring
MySQL
Programming
C/C++
PHP
Samba
Security
Anti-Spam/Virus
Storage
Register Login Contribute Subscribe RSS
NewsFAQForgeISPConfigSubscribeContributeForumsHowtos
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
1 de 9 05/05/13 02:15
Virtualization
KVM
OpenVZ
VMware
VirtualBox
Xen
Other
FreeBSD
Commercial
Mini-Howtos
Linux
Apache
Backup
DNS
Errors
FTP
MySQL
Networking
PHP
Postfix
Security
Sendmail
Shell
Other
ISPConfig
Forums
Contribute
Create Content
Subscription
Login
Site Map/RSS Feeds
User login
Username:
Password:
Remember Me?
Log in
Create a new accountRequest new password
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
2 de 9 05/05/13 02:15
Who's online
There are currently 3 usersand 3312 guests online.
HowtoForgeForums
Cannot openfirewall ports
VMWARE networkingquestion
A supported tabletwas not found onthis system?
Migrating Serves?
email woes
smstoolsproblem[cant sendsms]
Cluster update
POSTFIX SASLproblem
The PerfectDesktop Lubuntu
The PerfectDesktop Xubuntu13.04
News
Intel Commits More MesaPerformance Optimizations
6 Invaluable Free SchemeBooks
Build & Defend hasgotten some updates!
Some tricks with htop
Could a Double FineHumble Bundle becoming?
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
3 de 9 05/05/13 02:15
Portal Runs natively onLinux
5 Links for Developers andIT Pros 5-3-13
XBMC Media Center 12.2Brings Numerous UPnPFixes
phpMyAdmin 4.0 ReleaseKills Off The Tables
Android trounces Apple inQ1 2013 tablet shipments
more
Recent comments
missing step20 hours 17 min ago
Thanks for this wonderful1 day 4 hours ago
addition for ispconfig1 day 6 hours ago
Re: Re: Re: installingAdobe Reader does notwork...1 day 8 hours ago
Re: Re: Re: Re: i use.htaccess to changephp_value1 day 13 hours ago
Re: can't access1 day 13 hours ago
Load balance serversdifference location1 day 17 hours ago
This also helped me installLAMP and phpMyAdmin1 day 21 hours ago
Re: Re: Re: Re:Makinglinux windows like.2 days 2 hours ago
=== INFO ===It'sWorks with2 days 9 hours ago
Newsletter
Subscribe toHowtoForgeNewsletterand stay informed aboutour latest HOWTOs andprojects.
enter email address
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
4 de 9 05/05/13 02:15
Submit
(To unsubscribe fromour newsletter, visit thislink.)
English | Deutsch | Site Map/RSS Feeds | Advertise
You are here: Home » Howtos » Linux » How To Set Up A TOR Middlebox Routing All VirtualBox Virtual Machine Traffic OverThe TOR Network
How To Set Up A TOR Middlebox Routing All VirtualBox Virtual Machine TrafficOver The TOR Network
Want to support HowtoForge? Become a !
Submitted by chris_dj (Contact Author) (Forums) on Mon, 2012-02-06 18:03. :: Linux | Ubuntu | Security
How To Set Up A TOR Middlebox Routing All VirtualBox Virtual MachineTraffic Over The TOR NetworkThis tutorial will show you how to reroute all traffic for a virtual machine through the Tor network to ensureanonymity. It assumes a standalone machine with a Linux OS, and VirtualBox installed. In this case, we'll beusing Ubuntu on the host machine.
Thanks to- http://www.tolaris.com/2009/03/05/using-host-networking-and-nat-with-virtualbox/- https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy- http://www.rootdamnit.eu/2011/12/10/virtualbox-tor-backtrack-aka-how-to-become-almost-invisible/
All commands on the host machine should be run as root (sudo or su.
Step 1 - Add A Bridge Interface For Your Virtual Machine (VM) On The Host Machine (HM)
# apt-get install bridge-utils
Add the following to /etc/network/interfaces:
# VirtualBox NAT bridgeauto vnet0iface vnet0 inet static address 172.16.0.1 netmask 255.255.255.0 bridge_ports none bridge_maxwait 0 bridge_fd 1 up iptables -t nat -I POSTROUTING -s 172.16.0.0/24 -j MASQUERAD down iptables -t nat -D POSTROUTING -s 172.16.0.0/24 -j MASQUER
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
5 de 9 05/05/13 02:15
Start the bridge interface:
# ifup vnet0
Step 2 - Setup DHCP And DNS For Clients
# apt-get install dnsmasq
Edit /etc/dnsmasq.conf to include:
interface=vnet0dhcp-range=172.16.0.2,172.16.0.254,1h
Start the daemon:
# /etc/init.d/dnsmasq restart
Step 3 - Install And Set Up TOR
Install TOR - INSTUCTIONS
Edit /etc/tor/torrc and add:
VirtualAddrNetwork 10.192.0.0/10AutomapHostsOnResolve 1TransPort 9040TransListenAddress 172.16.0.1DNSPort 53DNSListenAddress 172.16.0.1
Restart TOR:
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
6 de 9 05/05/13 02:15
#/etc/init.d/tor restart
Create and edit middlebox.sh on the HM:
#!/bin/sh
# destinations you don't want routed through TorNON_TOR="192.168.1.0/24"
# Tor's TransPortTRANS_PORT="9040"
# your internal interfaceINT_IF="vnet0"
iptables -Fiptables -t nat -F
for NET in $NON_TOR; doand run it:
#./middlebox.sh
Step 4 - Set Up The Virtual Machine On The HM
Open VirtualBox, start the machine. Go to Devices > Network Adapter. Disable all network adapters except
Adapter 1.
Set the following options:
Attached to: Bridged Adapter
Name: vnet0
Click OK.
Finally make sure your virtual machine gets its IP address via DHCP, and refresh the DHCP client/reboot theVM. It should have an IP in the range 172.16.0.n, name resolver 172.16.0.1 and gateway 172.16.0.1.
Copyright © 2012 CDHAll Rights Reserved.
add comment | view as pdf | print
Please do not use the comment function to ask for help! If you need help, please use our forum.Comments will be published after administrator approval.
Thanx four this tutorial, ISubmitted by Anonymous (not registered) on Tue, 2012-10-16 14:56.
Thanx four this tutorial, I have searched a lot for this but never found it. My problem is, I want to do this on arch linuxand there doesn't exists the file /etc/network/interfaces or any similar config.So i want to start the bridge manually with:
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
7 de 9 05/05/13 02:15
brctl addbr br0ifconfig vnet0 172.16.0.1 netmask 255.255.255.0 upiptables -t nat -I POSTROUTING -s 172.16.0.0/24 -j MASQUERADE
but I can't figure out how to set the other settings like:auto vnet0vnet0 inet staticbridge_ports nonebridge_maxwait 0bridge_fd 1
I hope someone can help me.
reply | view as pdf
Has anyone been able toSubmitted by Anonymous (not registered) on Tue, 2012-05-15 20:34.
Has anyone been able to successfully replicate the steps outlined above? Just curious. I'm unable to connect to anyhosts in the Virtual Machine. I can ping the 172.16.*.* address but can't any where else. Thought I'd ask.
reply | view as pdf
Re: Has anyone been able toSubmitted by mpd2 (not registered) on Thu, 2012-06-07 15:34.
Yes, this works as of the date of this comment. I had to make an adjustment on my machine (vanilla ubuntu12.04) because dnsmasq-base was installed by default: http://ubuntuforums.org/showpost.php?p=12006425&postcount=7.
reply | view as pdf
blocking UDP trafficSubmitted by chris_dj (registered user) on Fri, 2012-03-30 12:02.
You can also block all UDP traffic/leaks from your virtual machine with
iptables -A FORWARD -i $INT_IF -p udp -j DROP
in middlebox.sh (DNS queries continue to be handled by TOR):
#!/bin/sh
# destinations you don't want routed through TorNON_TOR="192.168.1.0/24"
# Tor's TransPortTRANS_PORT="9040"
# your internal interfaceINT_IF="vnet0"
iptables -Fiptables -t nat -F
for NET in $NON_TOR; do iptables -t nat -A PREROUTING -i $INT_IF -d $NET -j RETURN
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
8 de 9 05/05/13 02:15
reply | view as pdf
Re: blocking UDP trafficSubmitted by len mccoy (registered user) on Sun, 2012-05-27 23:36.
I have set this up and it seems to be working well. I included chris_dj's extra command in middlebox.sh. Websites like seemyip and others show IP addresses that are not mine.
However, I use a lot of command line requests, and I'm wondering how I could test them for anonymity. Is there aaddress I could ping that would somehow return my originating IP? Or would it just be reasonable to conclude thatsince the browsers are anonymous, and since TOR is not installed on the guest OS, only on the host OS, that alltraffic from the guest must necessarily be anonymous as well?
reply | view as pdf
Re: Re: blocking UDP trafficSubmitted by Pan Ta (not registered) on Tue, 2012-06-26 19:31.
It works for me -- also including the extra command in middlebox.sh.You can check your IP address at the command line by creating a shell script.
http://ubuntuforums.org/archive/index.php/t-526176.html
I confirmed the same IP addresses from the command line that I get from my browser.
Also, for what it's worth, I'm running through a VPN on my host before I ever start Tor. When I start my guest,everything still works... the IP addresses are always different -- and never reflect my current ISP. If someonediscovers a flaw in this, I'd like to hear about it.
reply | view as pdf
Howtos | Mini-Howtos | Forums | News | Search | Contribute |Site Map/RSS Feeds | Advertise | Contact | Disclaimer | Imprint
Copyright © 2013 HowtoForge - Linux Howtos and TutorialsAll Rights Reserved.
How To Set Up A TOR Middlebox Routing All VirtualBox ... http://www.howtoforge.com/how-to-set-up-a-tor-middlebo...
9 de 9 05/05/13 02:15