In that post I'm going to explain how you can use tor to make some tcp connections invisible. Well why to need something like that ? Well one reason maybe, to want to hide some connections are coming from your public IP. With tor you can tunnel your connection and make it appear like it is coming from another place not your public IP. Btw, the tunneled connection is encrypted so your connection i safe till it reaches its end point. In our scenario we have some tcp connection that connects to some public ip and we want to go there by passing trough tor. With that technique the client program (in our lan) will not be aware that it is using tor. Lets begin the setup (Note that tutorial is for Centos bu it should be similar for other Linux distros):
yum install tor
yum install socat
yum intall ntp
I installed also ntp on my server because tor gives some timing errors if it is not set properly.
Now start all services to see if all works ok :
service tor start
ntpdate 0.centos.pool.ntp.org
service ntp start
Check your tor connection by looking at its log file in /var/log
You should be seeing something like :
[notice] Bootstrapped 100%: Done.
What we will do now is to start socat at 4242 localhost port and tunnel its traffic to 9050 tor socks port. But before that we should redirect traffic that we are expecting to port 4242 and also we should open port 4242 for internal usage. Therefore lets do some iptables stuff :
iptables -A PREROUTING -t nat -i eth0 -p tcp -s 192.168.1.254 --dport 9090 -j REDIRECT --to-port 4242
iptables -I INPUT 1 -p tcp -i eth0 --dport 4242 -j ACCEPT
And now socat command to redirect traffic to tor :
socat -d -d TCP4-LISTEN:4242,fork SOCKS4A:localhost:$PUBLIC_IP:9090,socksport=9050
Now from local client we can test our connection :
socat - TCP:$PUBLIC_IP:9090
And from the public part you cat test the connection by :
socat -d -d TCP4-LISTEN:9090,bind=$PUBLIC_IP -
If you gen connection from some unknown IP probably all the stuff is working properly.
Happy tunnelling !
