1

So I have been trying for a while now using this guide https://pimylifeup.com/raspberry-pi-tor-access-point/ . About 2 years ago I was able to do this, but my SD card corrupted and I had to do it again, but I am not able to properly route the TOR Proxy through my Pi Router anymore.

What I want is wlan0 for the access point and wlan1 for internet

/etc/dnsmasq.conf

server=1.1.1.1
dhcp-range=wlan0,192.101.0.15,192.101.0.20,255.255.255.0,24h

/etc/dhcpcd.conf (at bottom)

interface wlan0
        static ip_address=192.101.0.1/24
        nohook wpa_supplicant

/etc/hostapd/hostapd.conf

interface=wlan0
driver=nl80211

hw_mode=g
channel=6
ieee80211n=1
wmm_enabled=0
macaddr_acl=0
ignore_broadcast_ssid=0

auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

# This is the name of the network
ssid=SSID
# The network passphrase
wpa_passphrase=PASSWORD

With sudo iptables -A POSTROUTING -o wlan1 -j MASQUERADE everything works fine. I can connect to the internet ping other devices connected to the Pi router.

But what I want is to have Tor routed.

/etc/tor/torrc

Log notice file /var/log/tor/notices.log
VirtualAddrNetwork 10.192.0.0/10
AutoMapHostsSuffixes .onion,.exit
AutomapHostsOnResolve 1
TransListenAddress 192.101.0.1
DNSPort 53
DNSListenAddress 192.101.0.1
TransPort 9040

And using the above links iptable rules,

/etc/iptables.ipv4.nat

# Generated by xtables-save v1.8.2 on Sun Jan 12 20:25:46 2020
*filter
:INPUT ACCEPT [522:45678]
:FORWARD ACCEPT [92854:81145383]
:OUTPUT ACCEPT [521:54675]
COMMIT
# Completed on Sun Jan 12 20:25:46 2020
# Generated by xtables-save v1.8.2 on Sun Jan 12 20:25:46 2020
*nat
:PREROUTING ACCEPT [386:130119]
:INPUT ACCEPT [138:9450]
:POSTROUTING ACCEPT [1:444]
:OUTPUT ACCEPT [134:8883]
-A PREROUTING -i wlan0 -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 22
-A PREROUTING -i wlan0 -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
-A PREROUTING -i wlan0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
COMMIT
# Completed on Sun Jan 12 20:25:46 2020

I do this and this does not work.

Also, if I ping a domain, I get the IP, but no data is coming through.

And if I go on a device and use the TOR browser, I can connect and it works fine.

What else am I missing to make this work? Any help would be appreciated.

Martin Bradley
  • 11
  • 1

0 Answers0