Turn your Pi into a Tor proxy
Turn your Raspberry Pi into a wireless access point to access the anonymous Tor network.
In this age of ubiquitous surveillance it’s harder than ever to stop hackers, advertisers and shadowy government organisations from snooping on your browsing habits.
However if you choose to connect through Tor, your connection is encrypted and passed through a number of proxies through a process known as ‘onion routing’. While this does slow down your connection, it also increases your privacy, making it extremely difficult to trace your actual current location.
Follow the steps in this tutorial to turn your Pi into a wireless AP (Access Point) named Onion_Pi. Any devices connecting to Onion_Pi will do so over the Tor network.
When you’re done, use a service like www.whatismyip.com to see that your location has changed.
For more information about Tor visit www.torproject.org/about/overview. html.en.
“If you choose to connect through Tor, your connection is encrypted and passed through a number of proxies through a process known as ‘onion routing’. ”
“The Tor network is a group of servers or ‘relays’ operated by volunteers.”
1 CONNECT TO PI AND CHECK WIRELESS IS DETECTED
Attach your Pi to your router via the Ethernet cable, then either open Terminal on the Pi or connect to it via SSH. Run the command sudo ifconfig -a. You should see the text ‘wlan0’ which shows that the wireless module is up and running.
2 INSTALL ESSENTIAL SOFTWARE
Run the command sudo apt-get update then sudo apt-get install hostapd isc-dhcpserver tor iptables-persistent to install the software. When you install iptables-persistent you’ll be asked if you want to save the rules for your current configuration. Select ‘ Yes’ both times.
3 CONFIGURE THE DHCP SERVER
Run sudo nano /etc/dhcp/ dhcpd.conf . Find the two lines beginning ‘option domain-name’ and put a ‘#’ at the start of each. Remove the ‘#’ from the line ‘#authoritative’. Scroll to the end and type:
subnet 192.168.42.0 netmask 255.255.255.0 {
range 192.168.42.10 192.168.42.50;
option broadcast-address 192.168.42.255;
option routers 192.168.42.1; default-lease-time 600; max-lease-time 7200; option domain-name “local”;
option domain-nameservers 8.8.8.8, 8.8.4.4;
}
4 EDIT INTERFACE
Run sudo nano /etc/default/ isc-dhcp-server. Scroll to the word INTERFACES=”” and insert ‘ wlan0’. Press Ctrl-X, Y, return to save and close. Run the commands sudo update-rc.d hostapd enable and sudo update-rc.d isc-dhcpserver enable to make sure your changes start.
5 SET STATIC IP
Run sudo nano /etc/ network/interfaces. If you see the text ‘auto wlan0’ add a # at the start to comment it out. Find the line ‘allow-hotplug wlan0’ and delete the two lines below it. Replace them with:
iface wlan0 inet static address 192.168.42.1 netmask 255.255.255.0 Run sudo ifconfig wlan0 192.168.42.1 to set your IP.
6 CONFIGURE THE ACCESS POINT
Run sudo nano /etc/hostapd/ hostapd.conf to create a blank file. Paste in the following: interface=wlan0 driver=nl80211 ssid= Onion_ Pi country_ code= US hw_ mode=g channel= 6 macaddr_ acl= 0 auth_ algs=1 ignore_ broadcast_ ssid= 0 wpa=2 wpa_ passphrase= Raspberry wpa_ key_ mgmt= WPA-PSK wpa_ pairwise= CCMP wpa_ group_ rekey=86400 ifieee80211n=1 wme_ enabled=1
7 APPLY ACCESS POINT CONFIGURATION
Run sudo nano /etc/default/ hostapd . Find the line ‘#DAEMON_ CONF=”” and edit it so it says:
#DAEMON_ CONF=”/etc/ hostapd/hostapd.conf”
Don’t forget to remove the # in front to activate it. Repeat these same steps for hostapd with the command sudo nano /etc/ init.d/hostapd again modifying the line #DAEMON_ CONF=”” so that it reads DAEMON_ CONF=”/etc/ hostapd/hostapd.conf” .
8 CONFIGURE TOR
Run sudo nano /etc/tor/ torrc to configure Tor. Find ‘## https://www.torproject.org/docs/ faq#torrc’ and after it paste:
Log notice file /var/log/ tor/notices.log
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsSuffixes . onion,.exit AutomapHostsOnResolve 1 TransPort 9040
TransListenAddress 192.168.42.1 DNSPort 53 DNSListenAddress 192.168.42.1
Save and exit. Run sudo update-rc.d tor enable to make Tor start on boot.
9 CONFIGURE IP TABLES
Run sudo nano /etc/tor/ torrc to configure Tor. Find ‘## https://www.torproject.org/docs/ faq#torrc’ and after it paste:
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --toports 22
sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --toports 53
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
Next, make your changes permanent: sudo sh -c “iptables-save > /etc/iptables/rules.v4” Reboot your Pi when done.