Utilizing Tor on LAN Port with ZBT Routers | A Factory Plan


The Tor firmware available on our website directs connections from the SSID "Tor" to the Tor network exclusively. To route all LAN connections through the Tor network, follow these steps to replicate the configuration.

Steps to Configure:

1. Access Router via SSH:
- Connect to your router through SSH. Use the following command if a password is set:
```sh
$ ssh root@192.168.1.1
```
- If no password is set, use telnet:
```sh
$ telnet 192.168.1.1
```

2. Modify Network Configuration:
- Edit `/etc/config/network` by commenting out the red lines and adding the green lines:
```sh
config interface 'lan'
# option ifname 'eth1'
option force_link '1'
# option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'

config interface 'tor1'
option ifname 'eth1'
option proto 'static'
option ipaddr '172.16.2.1'
option netmask '255.255.255.0'
```

3. Update DHCP Settings:
- Add the following lines to `/etc/config/dhcp`:
```sh
config dhcp 'tor1'
option interface 'tor1'
option start '100'
option limit '150'
option leasetime '1h'
option ra 'server'
```

4. Configure Firewall Rules:
- Append the sections to `/etc/config/firewall`:
```sh
config zone
option name 'tor1'
option network 'tor1'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option conntrack '1'

config rule
option name 'Allow-Tor-DHCP'
option src 'tor1'
option proto 'udp'
option dest_port '67'
option target 'ACCEPT'
option family 'ipv4'

config rule
option name 'Allow-Tor-DNS'
option src 'tor1'
option proto 'udp'
option dest_port '9053'
option target 'ACCEPT'
option family 'ipv4'

config rule
option name 'Allow-Tor-Transparent'
option src 'tor1'
option proto 'tcp'
option dest_port '9040'
option target 'ACCEPT'
option family 'ipv4'

config rule
option name 'Allow-Tor-SOCKS'
option src 'tor1'
option proto 'tcp'
option dest_port '9050'
option target 'ACCEPT'
option family 'ipv4'
```

5. Edit Firewall User Script:
- Add the green lines to `/etc/firewall.user`:
```sh
enable_transparent_tor() {
iptables -t nat -A PREROUTING -i wlan0-1 -p udp --dport 53 -j REDIRECT --to-ports 9053
iptables -t nat -A PREROUTING -i wlan0-1 -p tcp --syn -j REDIRECT --to-ports 9040
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 53 -j REDIRECT --to-ports 9053
iptables -t nat -A PREROUTING -i eth1 -p tcp --syn -j REDIRECT --to-ports 9040
}

enable_transparent_tor
```

6. Update Tor Configuration:
- Add the following lines to `/etc/tor/torrc`:
```sh
User tor
VirtualAddrNetwork 10.192.0.0/10
TransPort 9040
TransListenAddress 172.16.1.1
TransListenAddress 172.16.2.1
DNSPort 9053
DNSListenAddress 172.16.1.1
DNSListenAddress 172.16.2.1
```


About ZBT

ZBT develops and manufactures network equipment with over a decade of expertise in the field. Specializing in OEM/ODM processing, our product range includes OpenWRT Wi-Fi routers, 4G/5G routers, vehicle routers, access points, outdoor CPE, LTE CPE, and EPON/GPON devices. Each product is meticulously designed, developed, and manufactured by ZBT, holding unique appearance and software patents. Our commitment to innovation ensures robust and secure network solutions for a diverse clientele.

 

-

RELATED ARTICLES
ZBT Introduces the Marble (ZBT-B3000): A Next-Gen Wi-Fi 6 Router for Modern Living
Understanding OpenRoaming: Its Functionality and Significance for Frequent Travelers
Introducing a Two-Year Warranty on All ZBT Routers
Proactive Strategies to Shield ZBT Users from BSSID-Based Location Tracking
Your Guide to Choosing the Ideal ZBT Travel Router
Announcement of End-of-Life for ZBT-SF1200
Introducing ZBT's Enhanced Firmware Download Center
ZBT Introduces Aesthetic Wi-Fi 6 OpenWrt Router for Home Use