Skip to content
Container-based Tor access point (Anonymizing Middlebox).
Shell
Branch: master
Clone or download
Latest commit 1424e9c Oct 13, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
templates update torrc Sep 30, 2019
.gitignore add gitignore Sep 24, 2019
Dockerfile.dnsmasq add dnsmasq Sep 24, 2019
Dockerfile.hostapd
Dockerfile.tor minor fix Sep 27, 2019
LICENSE Initial commit Sep 22, 2019
README.md update readme Sep 30, 2019
torbox remove ipv4 forwarding Oct 13, 2019

README.md

Tor Box

Container-based Tor access point (Anonymizing Middlebox).


how it works

How it works

Tor Box is a script for Setting up a Tor wireless access point using docker containers.
it's aimed to be used as an Always-On anti-censorship BACKUP gateway.

This script enables you to directly route traffic of connected devices to the Tor network
Currently Tor Box only supports IPv4, and only traffic from TCP/DNS/DHCP is allowed
any non-local traffic from other protocols are blocked.

this script is not optimized for visiting .onion addresses. please use Tor Browser instead.
Tor Box is to be used only as a BACKUP for situations where popular solutions (such as OpenVPN)
are temporarily blocked by a state firewall.

This isolation is achived by sharing a Network Namespace between the containers.

Requirements:

  • wireless network card/adapter (with proper drivers already installed).
  • following packages must be installed: iw, iptables, docker

Defaults:

  • Gateway: 192.168.162.1/24
  • SSID: Tor Box
  • Passphrase: torbox12345

note: edit templates/torrc.template according to your needs but do not touch TransPort and DNSPort

Installation

Tested on:

  • Debian 10 with RT5370 Wireless Adapter
  • Raspberry Pi 3
git clone https://github.com/itshaadi/torbox.git

cd torbox

chmod +x torbox

useful documentations:

Usage

./torbox help

Usage: 
 	 <start|stop> <interface> 
 	 <log> <container>

eg: ./torbox start wlan0
    ./torbox log torbox-tor
    ./torbox stop wlan0

nmap results

sudo nmap -sU -p 10558 38.84.132.167 # us1.freeopenvpn.org (non-local UDP connection is dropped)

Starting Nmap 7.80 ( https://nmap.org ) at XXXXXX
Nmap scan report for 38.84.132.167
Host is up (0.00085s latency).

PORT      STATE    SERVICE
10558/udp filtered unknown

sudo nmap -sU -p 5353 192.168.162.1 # DNS (which uses UDP) is allowed

Starting Nmap 7.80 ( https://nmap.org ) at XXXXX
Nmap scan report for 192.168.162.1
Host is up (0.00053s latency).

PORT     STATE  SERVICE
5353/udp open   zeroconf
MAC Address: XXXXXXXX (Tenda Technology)

Filtered means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed. source

You can’t perform that action at this time.