Support #796
Install a TOR Exit Node on FreeBSD
Status:
Closed
Priority:
Normal
Assignee:
Category:
The Onion Router (TOR)
Target version:
Description
This is a simple guide for getting TOR setup as an exit node on FreeBSD 10.2.
Prepare the Environment¶
- Make sure the system is up to date:
pkg update && pkg upgrade
Install TOR¶
- Install TOR:
pkg install tor
- Tor users are strongly advised to prevent traffic analysis that exploits sequential IP IDs by setting:
sysctl net.inet.ip.random_id=1
- Reboot for it to take effect:
reboot
- Reboot for it to take effect:
- Edit the TOR config file:
vi /usr/local/etc/tor/torrc
- And add/modify the following lines:
ORPort 443 Nickname ExampleNode RelayBandwidthRate 1024 KB RelayBandwidthBurst 1024 KB ContactInfo Bob User <bob@example.com> ExitPolicy accept *:20-23 # FTP, SSH, telnet ExitPolicy accept *:43 # WHOIS ExitPolicy accept *:53 # DNS ExitPolicy accept *:79-81 # finger, HTTP ExitPolicy accept *:88 # kerberos ExitPolicy accept *:110 # POP3 ExitPolicy accept *:143 # IMAP ExitPolicy accept *:194 # IRC ExitPolicy accept *:220 # IMAP3 ExitPolicy accept *:389 # LDAP ExitPolicy accept *:443 # HTTPS ExitPolicy accept *:464 # kpasswd ExitPolicy accept *:531 # IRC/AIM ExitPolicy accept *:543-544 # Kerberos ExitPolicy accept *:554 # RTSP ExitPolicy accept *:563 # NNTP over SSL ExitPolicy accept *:636 # LDAP over SSL ExitPolicy accept *:706 # SILC ExitPolicy accept *:749 # kerberos ExitPolicy accept *:873 # rsync ExitPolicy accept *:902-904 # VMware ExitPolicy accept *:981 # Remote HTTPS management for firewall ExitPolicy accept *:989-995 # FTP over SSL, telnets, IMAP over SSL, etc ExitPolicy accept *:1194 # OpenVPN ExitPolicy accept *:1220 # QT Server Admin ExitPolicy accept *:1293 # PKT-KRB-IPSec ExitPolicy accept *:1500 # VLSI License Manager ExitPolicy accept *:1533 # Sametime ExitPolicy accept *:1677 # GroupWise ExitPolicy accept *:1723 # PPTP ExitPolicy accept *:1755 # RTSP ExitPolicy accept *:1863 # MSNP ExitPolicy accept *:2082 # Infowave Mobility Server ExitPolicy accept *:2083 # Secure Radius Service (radsec) ExitPolicy accept *:2086-2087 # GNUnet, ELI ExitPolicy accept *:2095-2096 # NBX ExitPolicy accept *:2102-2104 # Zephyr ExitPolicy accept *:3128 # SQUID ExitPolicy accept *:3389 # MS WBT ExitPolicy accept *:3690 # SVN ExitPolicy accept *:4321 # RWHOIS ExitPolicy accept *:4643 # Virtuozzo ExitPolicy accept *:5050 # MMCC ExitPolicy accept *:5190 # ICQ ExitPolicy accept *:5222-5223 # XMPP, XMPP over SSL ExitPolicy accept *:5228 # Android Market ExitPolicy accept *:5900 # VNC ExitPolicy accept *:6660-6669 # IRC ExitPolicy accept *:6679 # IRC SSL ExitPolicy accept *:6697 # IRC SSL ExitPolicy accept *:8000 # iRDMI ExitPolicy accept *:8008 # HTTP alternate ExitPolicy accept *:8074 # Gadu-Gadu ExitPolicy accept *:8080 # HTTP Proxies ExitPolicy accept *:8087-8088 # Simplify Media SPP Protocol, Radan HTTP ExitPolicy accept *:8332-8333 # BitCoin ExitPolicy accept *:8443 # PCsync HTTPS ExitPolicy accept *:8888 # HTTP Proxies, NewsEDGE ExitPolicy accept *:9418 # git ExitPolicy accept *:9999 # distinct ExitPolicy accept *:10000 # Network Data Management Protocol ExitPolicy accept *:11371 # OpenPGP hkp (http keyserver protocol) ExitPolicy accept *:12350 # Skype ExitPolicy accept *:19294 # Google Voice TCP ExitPolicy accept *:19638 # Ensim control panel ExitPolicy accept *:23456 # Skype ExitPolicy accept *:33033 # Skype ExitPolicy reject *:*
- And add/modify the following lines:
- Start and enable TOR at boot:
echo 'tor_enable="YES"' >> /etc/rc.conf echo 'tor_user="root"' >> /etc/rc.conf service tor start
- NOTE: This guide configures the ORPort on 443, so the tor user must be set to root to work properly.
- Fix the permissions of the TOR database directory:
chown -R root /var/db/tor
- It is also a good idea to sign up to the tor-announce and tor-relay mailing lists for questions and announcement information.
Resources¶
- http://www.bsdnow.tv/tutorials/tor
- https://www.torproject.org/docs/tor-doc-relay.html.en
- https://blog.torproject.org/running-exit-node
- https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
- https://www.torproject.org/eff/tor-legal-faq
- https://blog.torproject.org/running-exit-node
- https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity
- https://gitweb.torproject.org/tor.git/plain/contrib/operator-tools/tor-exit-notice.html
- https://wiki.archlinux.org/index.php/tor
Updated by Daniel Curtis over 8 years ago
- Description updated (diff)
- Status changed from New to Resolved
- % Done changed from 0 to 100