Support #734
Updated by Daniel Curtis over 8 years ago
{{>toc}}
This is a guide for setting up a TOR connection with a SOCKS5 proxy server on FreeBSD.
h2. Prepare the Environment
* Make sure the system is up to date:
<pre>
pkg update && pkg upgrade
</pre>
h3. Install OpenNTPD
* Install OpenNTPD:
<pre>
pkg install openntpd
</pre>
* Edit the OpenNTPD config file:
<pre>
vi /usr/local/etc/ntpd.conf
</pre>
#* And add a couple more ntp sources for good measure:
<pre>
servers pool.ntp.org
servers clock.via.net
servers clock.isc.org
</pre>
* Start and enable OpenNTPD at boot:
<pre>
echo 'openntpd_enable="YES"' >> /etc/rc.conf
service openntpd start
</pre>
*NOTE*: An NTP server in a jail will fail to start. Jails get their time from the host system, make to install the NTP server on the host.
h2. Install TOR
* Install TOR:
<pre>
pkg install tor
</pre>
* Setup the TOR environment:
<pre>
rm -r /var/db/tor /var/run/tor
mkdir -p /var/db/tor/data /var/run/tor
touch /var/log/tor
chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
chmod -R 700 /var/db/tor
</pre>
* Tor users are strongly advised to prevent traffic analysis that exploits sequential IP IDs by setting:
<pre>
sysctl net.inet.ip.random_id=1
</pre>
* Edit the TOR config file:
<pre>
vi /usr/local/etc/tor/torrc
</pre>
#* And add/modify the following lines:
<pre>
RunAsDaemon1
</pre>
* Start and enable TOR at boot:
<pre>
echo 'tor_enable="YES"' >> /etc/rc.conf
service tor start
</pre>
* Monitor the status of the TOR connection:
<pre>
tail /var/log/tor
</pre>
#* _Truncated output_:
<pre>
...
May 03 16:12:44.000 [notice] Bootstrapped 50%: Loading relay descriptors
May 03 16:12:53.000 [notice] Bootstrapped 57%: Loading relay descriptors
May 03 16:12:56.000 [notice] Bootstrapped 64%: Loading relay descriptors
May 03 16:12:57.000 [notice] Bootstrapped 69%: Loading relay descriptors
May 03 16:12:58.000 [notice] Bootstrapped 78%: Loading relay descriptors
May 03 16:12:59.000 [notice] Bootstrapped 80%: Connecting to the Tor network
May 03 16:12:59.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
May 03 16:13:00.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
May 03 16:13:00.000 [notice] Bootstrapped 100%: Done
</pre>
h2. Install Privoxy
* Install privoxy:
<pre>
pkg install privoxy
</pre>
* Create the privoxy running directory:
<pre>
mkdir /var/run/privoxy
chown privoxy:privoxy /var/run/privoxy
</pre>
* Edit the config file to use Privoxy with Tor.
<pre>
vi /usr/local/etc/privoxy/config
</pre>
#* And modify the following lines:
<pre>
# Set the listen address to 127.0.0.1:8118
listen-address 127.0.0.1:8118
# forward privoxy to TOR
forward-socks4a / 127.0.0.1:9050 .
</pre>
* Start and enable privoxy at boot:
<pre>
echo 'privoxy_enable="YES"' >> /etc/rc.conf
service privoxy start
</pre>
h2. Resources
* https://forums.freebsd.org/threads/howto-use-tor-network-and-web-proxy.40307/
* http://www.bsdnow.tv/tutorials/tor