2

I configured my Raspberry Pi 3 Model B to route all traffic from wlan0 to eth0.

This works for me and I can connect my RPI to a Wifi-Network, connect my computer with the RPI through ethernet and I can surf the internet on my computer with the wlan0 of the RPI.

Now I want to put TOR inbetween that. I found a lot of tutorials about making the RPI a Wifi Hotspot which means the following routing:

Access-Point --> Ethernet cable to eth0 --> Routing through TOR --> RPI as an acces point.

I want it that way, so that I can use it everywhere Wi-Fi is available.

Access-Point --> RPI connects to Wifi with wlan0 --> Routing through TOR --> eth0 to my computer.

Unfortunately I had no success with all of my attemps to realize that.

This is why I need your help.

I want to make my RPI a mobile TOR station which I can use in every Wi-Fi.

Please help

Best regards

Maurice
  • 21
  • 1

1 Answers1

1

You can use a Tor proxy. It has the advantage that it is independent from the underlaying network configuration. So first you have to setup the networking.

But with a mobile Tor proxy there is a problem, because you don't know what ip addresses (subnet) are used by the hotspot you are connect to. Connecting as normal WiFi client you will use DHCP (or link-local addresses) to get an ip address from the hotspot. So everything works. But with a proxy between hotspot and laptop you have to transfer ethernet packets between eth0 and wlan0. In general there are two methods doing it: routing or bridging.

With routing you have to use different subnets for eth0 and wlan0. Because you don't know what subnet ip addresses you get from the hotspot on wlan0 it may conflict with the subnet you configure for eth0. In this case your Tor proxy will not work.

With bridging you have to bridge eth0 with wlan0 used as client connection to a remote access point (hotspot). But this is not possible. For it you need WDS (wireless distribution service) using 4addr. That's not supported by the on-board wifi chip from the Raspberry Pi.

With proxy arp you can make a pseudo bridge that behaves like a real bridge. For your mobile RasPi we need a dynamic setup of proxy arp as shown in Workaround for a wifi bridge on a Raspberry Pi with proxy arp. But because it is quite complicated I will present the routing solution.

Example for this setup:

         wired                      wifi            wan
laptop <───────> (eth0)RPi(wlan0) <.~.~.~> hotspot <───> INTERNET
      \           /            \
    (dhcp   10.148.238.125    (dhcp
   from RPi)                from hotspot)

We will make the wired subnet to connect the laptop very small from a big address range. It consists just of 4 ip addresses from 16,777,216 possible addresses using the private subnet 10.0.0.0/8 so it is very unlikely that this 4 ip addresses are just used by the hotspot. But it is good to know about this constraint if the connection once doesn't work.

To setup the network connections you can use this example at Can a Raspberry Pi Zero W be turned into an USB WiFi dongle to any USB Host like x86 PC or mini-PC?, section Use routing.

When this setup works, means you are able to browse the internet with your laptop, then you can setup a Tor proxy on top of this configuration. How to do it look at How to make Raspberry Pi a Tor router with all kind of network setup using systemd-networkd. For the default settings in the file

/usr/local/etc/default/torproxy

use this content:

# interface to be used as entry point to the Tor network
TOR_IFNAME=eth0
TOR_IFADDR=10.148.238.125

if you followed my example.

Ingo
  • 42,107
  • 20
  • 85
  • 197