[SOLVED] use Tor as a listening proxy server

Jason.nix · 05-17-2023, 06:23 AM

Hello,
I want to setup Tor as a proxy server and a remote computer connect to my system and use Tor. I opened "/etc/tor/torrc" file and added the following lines to it:

Code:

SocksListenAddress (Server's internal IP address)
SocksPolicy accept *
SocksPort 0.0.0.0:9050

Then, restarted the Tor service:

Code:

● tor.service - Anonymizing overlay network for TCP (multi-instance-master)
   Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
   Active: active (exited) since Wed 2022-12-14 09:47:38 +0330; 5min ago
  Process: 9759 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 9759 (code=exited, status=0/SUCCESS)

Dec 14 09:47:38 Xen-aka-X3n systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Dec 14 09:47:38 Xen-aka-X3n systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).

After it, I opened port 9050 with the following command:

Code:

$ sudo iptables -A INPUT -p tcp --dport 9050 -j ACCEPT

My system iptables rules are:

Code:

Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  127.0.0.0/8          127.0.0.0/8         
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
SYN_FLOOD  tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:9050

Chain FORWARD (policy DROP)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            
ACCEPT     udp  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere            

Chain SYN_FLOOD (1 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere             limit: avg 5/sec burst 10
DROP       all  --  anywhere             anywhere

On the client, I set proxy in the Internet browser, but I got the following error:

Code:

The proxy server is refusing connections

Why? How to solve it?

Thank you.

Jason.nix · 05-20-2023, 11:28 PM

Hello,
No idea?

Thank you.

jayjwa · 05-23-2023, 09:32 PM

That's not how you use Tor. Tor is not a HTTP proxy. It's basically a chaining socks5 with encryption. You need something to pass HTTP traffic. Use Torbrowser, or set it up the old fashioned way by using a forwarding proxy chaining it to Tor (such as Privoxy). If you want to use the Tor network from another computer after that, then set Privoxy to allow connections for that other computer.

Also, the 3rd iptables rule on the INPUT chain effectively blocks every new connection that isn't made by your host.

Code:

REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Adding an ACCEPT later in the chain is useless as it is never reached.

Jason.nix · 06-07-2023, 01:09 AM

Quote:

Originally Posted by jayjwa

That's not how you use Tor. Tor is not a HTTP proxy. It's basically a chaining socks5 with encryption. You need something to pass HTTP traffic. Use Torbrowser, or set it up the old fashioned way by using a forwarding proxy chaining it to Tor (such as Privoxy). If you want to use the Tor network from another computer after that, then set Privoxy to allow connections for that other computer.

Also, the 3rd iptables rule on the INPUT chain effectively blocks every new connection that isn't made by your host.

Code:

REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Adding an ACCEPT later in the chain is useless as it is never reached.

Hello,
Thank you so much for your reply.
The Tor is on a Linux box and a Windows client wants to connect to it.

pan64 · 06-07-2023, 01:47 AM

probably this? https://tor.stackexchange.com/questi...e-tor-as-proxy

Jason.nix · 06-19-2023, 01:03 AM

Hello,
Because of the many codes and etc., the LQ wouldn't let me to post my question here. I pasted my question here.

Jason.nix · 07-14-2023, 02:08 PM

Hello,
The problem was because I had closed the server ping.

Thank you.