How to run Tor as proxy for local network

networking firefox proxy tor

16,517

Solution 1

You need to specify a SocksPort in the torrc file on the IP of the network where you want to expose the proxy. Note that the port must be different to the one used for the local connections (9050 by default). Given that the IP address where you Tor runs is 192.168.2.10 you should add:

SocksPort 192.168.2.10:9100

Also I have set a SockPolicy to accept the connections from the local network. Given that your local network is *192.168.2.0 you should add:

SocksPolicy accept 192.168.2.0/24

Note that, according to the comment in the default configuration, the SockPolicy is not needed:

If no SocksPolicy is set, we accept (and only) requests that reach a SocksPort. Untrusted users who can access your SocksPort may be able to learn about the connections you make.

Solution 2

Set your SocksListenAddress to your local IP address. You can find this using the command ipconfig, then looking for your Ethernet/Wifi adapter. Then use this same address from the other PCs.

16,517

Tomáš Zato - Reinstate Monica

It might be easier to hire new management than to get a new community of volunteers. - James jenkins If you play League of Legends, check my repository: http://darker.github.io/auto-client/ I no longer play and I am actively looking for someone to maintain the project. It helped thousands of people, literally.

Updated on September 18, 2022

Comments

Tomáš Zato - Reinstate Monica over 1 year
I'm trying to use Tor as standalone socks server available for whole local network.

I've set up connection in my torcc file as follows:
```
#listen on all IPs
SocksListenAddress 0.0.0.0
SocksPort 9150
```
I run the Tor using following windows command:
```
App\tor.exe -f .\Data\Tor\torrc
```
This is how I configured Firefox proxy settings for Tor on my PC (on others computers, I entered my local IP address):

On my PC it works, but no remote PC can connect. NMap says that the port is "FILTERED".

I confirmed the firewall dialog that popped up the first time I ran the server, saying "Allow". I also manually added exceptions for port 9150 in firewall settings.

Anything else I can do?
- Frank Thomas about 10 years
  
  can you telnet to the port from another host? what does this return in powershell as admin (run on the server)? netstat -abno | findstr 9150
- Frank Thomas about 10 years
  
  also just a recommendation, Safeplug is the best way to run tor for a whole network, as it doesn't live or die by client proxy configuration. pogoplug.com/safeplug Proxy leakage is the biggest vulnerability for tor, and its really really hard to be sure that you aren't leaking somthing (especially DNS queries which give away what you are doing).