Implementation of Tor Proxy Server on PFSense Router

We often read articles on the internet that explain TOR, the emergence of this application has many people praising and using it. So it's not surprising that questions arise in our minds, why should we use Tor, what are the advantages of TOR, can TOR hide our data and identity.

Anyone who wants to protect identity, location and data from attacks by intruders, the easiest and 100% free way is to use TOR. All internet traffic routes will be routed or go through the Tor network. The Tor Node will encrypt all of our internet traffic, especially ports 80 and 443 which are related to the web browser, so before our goals and objectives reach our destination the Tor Node has encrypted it and changed it to anonymous. So, the destination address does not clearly know who sent the traffic packet.

Well, this tutorial tries to implement Tor on the PFSense router machine. We will learn how to install, configure and use Tor to surf the internet, especially in relation to web browsers such as Yandex, Google Chrome Firefox and others.


Spesifikasi Sytem:
CPU: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
IP WAN: 192.168.1.2
IP LAN: 192.168.9.1


A. TOR installation

Before you install TOR, make sure the FreeBSD pkg package is "enabled". How to open the /usr/local/etc/pkg/repos folder, edit the FreeBSD.conf and pfSense.conf files and change "no" to "yes" in the FreeBSD script: { enabled: no } CHANGE FreeBSD: { enabled: yes }.

After that we can install Tor. To make it easier for you to install Tor, open the PUTTY application and log in with the PFSense router's LAN IP, namely 192.168.9.1. After you have successfully logged in and have successfully entered the PFSense console, select No. 8 "Shell".





After you select No. 8, let's just install TOR, type the script pkg install tor.



After you have finished installing Tor, make sure "net.inet.ip.random_id=1" in the System Tunables menu. Now please log in to the PFSense Web GUI, after successfully logging in and being in the PFSense Dashboard display, you click System>>>Advanced>>>System Tunables.





B. TOR configuration

The Tor file that must be configured is the torrc file in the /usr/local/etc/tor folder. Edit the file. To make editing easier, use the WINSCP application. Change the following script:

SOCKSPort 192.168.9.1:9050
SOCKSPolicy accept 192.168.9.0/24
RunAsDaemon 1
DataDirectory /var/db/tor
ControlPort 9051
Log notice file /var/log/tor/notices.log

After finishing editing the torrc file, continue by creating a boot script in the rc.conf file.

[2.6.0-RELEASE][root@router1.unixexplore.com]/root: ee /etc/rc.conf

tor_enable="YES"

In order for the above script to be executed, a startup script must be created in the /usr/local/etc/rc.d folder.

[2.6.0-RELEASE][root@router1.unixexplore.com]/root: cd /usr/local/etc/rc.d
[2.6.0-RELEASE][root@router1.unixexplore.com]/usr/local/etc/rc.d: mv tor tor.sh

Create a tor_relaunch.sh file in the /usr/local/bin folder, then enter the following script in the tor_relaunch.sh file.

[2.6.0-RELEASE][root@router1.unixexplore.com]/root: touch /usr/local/bin/tor_relaunch.sh
[2.6.0-RELEASE][root@router1.unixexplore.com]/root: chmod +x /usr/local/bin/tor_relaunch.sh
[2.6.0-RELEASE][root@router1.unixexplore.com]/root: ee /usr/local/bin/tor_relaunch.sh

#!/usr/bin/env sh
service /usr/local/etc/rc.d/tor.sh status > /dev/null
if [ $% != 0 ]; then
service /usr/local/etc/rc.d/tor.sh start
fi

In the PFSense Web GUI, create a crontab file, click Services>>>Cron>>>Settings, then click the top or bottom Add button, the same.



Editing the crontab file is the final step in installing and configuring Tor, now you reboot/restart the PFSense Router.

At this point I consider the discussion of Tor finished, we will continue with Part 2, Tor as the backend of Privoxy.
Iwan Setiawan

I Like Adventure: Mahameru Mount, Rinjani Mount I Like Writer FreeBSD

Post a Comment

Previous Post Next Post