Jump to content
TorGuard
Sign in to follow this  
Followers 0
19807409

OpenWrt - How to Tor with TorGuard's socks5/proxy and isolated network/wlan

By 19807409, in Member Tutorials

Rate this topic

Recommended Posts

19807409    13

19807409
Posted

openWRT_logo.pngTorLogo.png
logo-big.png
Requirements

  • openwrt (or any openwrt based firmware like LEDE openwrt)
  • tor
  • libevent2-openssl
  • libevent2
  • libminiupnpc
  • libnatpmp
  • tor-geoip (optional)
  • tor-fw-helper (optional)

Description
In this guide I will install and create tor on my openwrt router. My Wireless is isolated. You can change these setting as you wish, take only care that nobody from outside can reach your LAN's. At the end of this post is a script doing everything for you. You need only to adapt the script for your settings. For this guide, my router's lan ip is 192.168.1.3
 
This setup works for those who do use only proxy/socks product, vpn products or mix of them. It is very high grade of anonimity if all this works in some VPN, like TorGuard's which does work perfectly!
 
What will we have at the end of this setup

  • tor socks5 server on router's lan IP:9050
    (in this example 192.168.1.3:9050)
    (you can set your system, browser or anything else to use socks5 which goes always over tor)
  • Simple usage by joining WLAN
    (no need to setup anything on any device)
  • set specific LAN port to go always through Tor,
    (especially usefull for those who use C-Lines for Card Sharing)
  • Isolated Wireless Network
    (which is secured and can't communicate with LAN devices)
  • Traffic is sent through TorGuard's proxy/socks5
    (all tor's traffic sent through socks ot https proxy, Torguard Proxy port: 6060, TorGuard socks5 ports: 1080/1085/1090
    (in this guide, we set only .onion and .exit urls to go over tor, all other pages will go over TorGuard's socks/proxy used by tor)
    (We also restrict usage on port 80 and 443 for the case that you need to hide from your ISP/VPN provder, TorGuard does not block)
    (if you are not using VPN, then you do hide the traffic from your ISP in using socks and from your socks provider by using only ports 80/443)
    (even if this setup is higly secure, consider using as addition obfsproxy which I will not cover in this guide)
    (socks5/proxy acts also as a fallback if your VPN stops working)
  • This setup works if you are connected to a VPN
    (like TorGuard and openvpn, my router is currently in TorGuard's VPN)

Installation of required packages:

opkg update
opkg install libevent2-openssl libevent2 libminiupnpc libnatpmp tor tor-fw-helper tor-geoip
  • Create Tor interface with static IP 172.x.x.x 


        uci add network interface
    uci rename [email protected][-1]=tor
    uci set [email protected][-1].proto=static
    uci set [email protected][-1].ipaddr=172.16.1.1
    uci set [email protected][-1].netmask=255.255.255.0
    uci commit network

  • Create DHCP server for tor interface


        # Configuring DHCP server for Tor interface (/etc/config/dhcp)
    uci add dhcp dhcp
    uci rename [email protected][-1]=tor
    uci set [email protected][-1].interface=tor
    uci set [email protected][-1].start=100
    uci set [email protected][-1].limit=150
    uci set [email protected][-1].leasetime=12h
    uci commit dhcp

  • Create 5Ghz and 2,4Ghz isolated wireless interfaces


        # Creating new isolated Wireless interface for Tor (/etc/config/wireless)
    #	please check which radio is which device.
    #	TP-Links Archer C7	radio0: 2,4Ghz	radio1: 5,0Ghz
    #	TP-Link RE450:		radio0:	5Ghz	radio1: 2,4Ghz
    uci add wireless wifi-iface
    uci set [email protected][-1]=wifi-iface
    uci set [email protected][-1].device=radio0
    uci set [email protected][-1].network=tor
    uci set [email protected][-1].mode=ap
    uci set [email protected][-1].ssid='ಠ_ಠ'
    uci set [email protected][-1].encryption=psk2
    uci set [email protected][-1].key='CHANGETHISPASSWORD'
    uci set [email protected][-1].isolate=1
    uci set [email protected][-1].macaddr='00:88:88:88:00:2A'
    uci set [email protected][-1].disabled=0
    uci commit wireless
	
    uci add wireless wifi-iface
    uci set [email protected][-1]=wifi-iface
    uci set [email protected][-1].device=radio1
    uci set [email protected][-1].network=tor
    uci set [email protected][-1].mode=ap
    uci set [email protected][-1].ssid='ಠ_ಠ'
    uci set [email protected][-1].encryption=psk2
    uci set [email protected][-1].key='CHANGETHISPASSWORD'
    uci set [email protected][-1].isolate=1
    uci set [email protected][-1].macaddr='00:88:88:88:00:2B'
    uci set [email protected][-1].disabled=0
    uci commit wireless

  • Add firewall zone and configure firewall for tor


        # Configuring Firewall (/etc/config/firewall)
    uci add firewall zone
    uci set [email protected][-1].name=tor
    uci set [email protected][-1].input=REJECT
    uci set [email protected][-1].output=ACCEPT
    uci set [email protected][-1].forward=REJECT
    uci set [email protected][-1].conntrack=1
    uci set [email protected][-1].network=tor
    uci set  [email protected][-1].mask=1

    uci add firewall rule
    uci set [email protected][-1].target=ACCEPT
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].proto=udp
    uci set [email protected][-1].dest_port=67
    uci set [email protected][-1].name='Allow Tor DHCP Requests'
    
    uci add firewall rule
    uci set [email protected][-1].target=ACCEPT
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].proto=tcp
    uci set [email protected][-1].dest_port=9040
    uci set fi[email protected][-1].name='Allow Tor Transparent Proxy'

    uci add firewall rule
    uci set [email protected][-1].target=ACCEPT
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].proto=tcp
    uci set [email protected][-1].dest_port=9053
    uci set [email protected][-1].name='Allow Tor DNS Proxy'

    uci add firewall redirect
    uci set [email protected][-1].name='Redirect Tor Traffic'
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].src_dip='!192.168.1.0/24'
    uci set [email protected][-1].dest_port=9040
    uci set [email protected][-1].proto=tcp
    uci set [email protected][-1].target=DNAT
    uci set [email protected][-1].reflection=0
    
    uci add firewall redirect
    uci set [email protected][-1].name='Redirect Tor DNS'
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].src_dport=53
    uci set [email protected][-1].dest_port=9053
    uci set [email protected][-1].proto=udp
    uci set [email protected][-1].target=DNAT
    uci set [email protected][-1].reflection=0

    uci add firewall rule
    uci set [email protected][-1]=rule
    uci set [email protected][-1].name='Deny Tor LAN Access'
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].dest=lan
    uci set [email protected][-1].proto=all
    uci set [email protected][-1].target=DROP

    uci commit firewall

  • Configure tor with TorGuard services


        # Configuring Tor (/etc/tor/torrc)
    echo "VirtualAddrNetwork 10.192.0.0/10" >> /etc/tor/torrc
    echo "AutomapHostsSuffixes .onion,.exit" >> /etc/tor/torrc
    echo "AutomapHostsOnResolve 1" >> /etc/tor/torrc
    echo "TransPort 9040" >> /etc/tor/torrc
    echo "TransListenAddress 172.16.1.1" >> /etc/tor/torrc
    echo "DNSPort 9053" >> /etc/tor/torrc
    echo "DNSListenAddress 172.16.1.1" >> /etc/tor/torrc
    echo "SocksPort 9050" >> /etc/tor/torrc
    echo "SocksPort 192.168.1.3:9050" >> /etc/tor/torrc
    echo "SocksPolicy accept 192.168.1.0/24" >> /etc/tor/torrc
    echo "SocksPolicy accept 172.16.1.0/24" >> /etc/tor/torrc
    echo "SocksPolicy accept 127.0.0.1" >> /etc/tor/torrc
    echo "SocksPolicy reject * " >> /etc/tor/torrc
    echo "EntryNodes {de},{nl}" >> /etc/tor/torrc
    echo "ExitNodes {nl},{de}" >> /etc/tor/torrc
    echo "ExcludeNodes {be},{pl},{ca},{za},{vn},{uz},{ua},{tw},{tr},{th},{sk},{sg},{se},{sd},{sa},{ru},{ro},{pt},{ph},{pa},{nz},{np},{no},{my},{mx},{md},{lv},{lu},{kr},{jp},{it},{ir},{il},{ie},{id},{hr},{hk},{gr},{gi},{gb},{fi},{es},{ee},{dk},{cz},{cy},{cr},{co},{cn},{cl},{ci},{ch},{by},{br},{bg},{au},{at},{ar},{aq},{ao},{ae},{fr},{us}" >> /etc/tor/torrc
    echo "ExcludeExitNodes {be},{pl},{ca},{za},{vn},{uz},{ua},{tw},{tr},{th},{sk},{sg},{se},{sd},{sa},{ru},{ro},{pt},{ph},{pa},{nz},{np},{no},{my},{mx},{md},{lv},{lu},{kr},{jp},{it},{ir},{il},{ie},{id},{hr},{hk},{gr},{gi},{gb},{fi},{es},{ee},{dk},{cz},{cy},{cr},{co},{cn},{cl},{ci},{ch},{by},{br},{bg},{au},{at},{ar},{aq},{ao},{ae},{fr},{us}" >> /etc/tor/torrc
    echo "GeoIPFile /etc/tor/geoip" >> /etc/tor/torrc
    echo "GeoIPv6File /etc/tor/geoip6" >> /etc/tor/torrc
    echo "HiddenServiceStatistics 0" >> /etc/tor/torrc
    echo "#HTTPSProxy nl.torguardvpnaccess.com:6060" >> /etc/tor/torrc
    echo "#HTTPSProxyAuthenticator YOURTORGUARDUSERNAME:YOURTORGUARDPASSWORD" >> /etc/tor/torrc
    echo "Socks5Proxy nl.torguardvpnaccess.com:1080" >> /etc/tor/torrc
    echo "Socks5ProxyUsername YOURTORGUARDUSERNAME" >> /etc/tor/torrc
    echo "Socks5ProxyPassword YOURTORGUARDPASSWORD" >> /etc/tor/torrc
    echo "ReachableAddresses *:80,*:443" >> /etc/tor/torrc
    echo "ReachableAddresses *:80,*:443" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "StrictNodes 1" >> /etc/tor/torrc
    echo "UseBridges 0" >> /etc/tor/torrc
    
    /etc/init.d/tor enable

  • Download geoip and geoipv6


        # Download file to specific location
    # wget <file.ext> -O /path/to/folder/file.ext
    # INFO: make sure /etc/tor folder exists

    # Download GeoIP (IPv4)
    wget https://raw.githubusercontent.com/torproject/tor/master/src/config/geoip -O /etc/tor/geoip

    # Download GeoIP (IPv6)
    wget https://raw.githubusercontent.com/torproject/tor/master/src/config/geoip6 -O /etc/tor/geoip6

  • Reboot your router

Script installing tor requirements, creating interface, configuring firewall



Please change these lines according to your settings:
Set here your router's LAN IP
(in most cases it is 192.168.1.1 and and subnet is 192.168.1.0/24)
 
Here you set socks port to listen on 192.168.1.3 

echo "SocksPort 192.168.1.3:9050" >> /etc/tor/torrc 

Here you set which clients should be accepted additionally to the 172.x.x.x subnet

echo "SocksPolicy accept 192.168.1.0/24" >> /etc/tor/torrc

Change your TorGuard credentials
I use here Socks5 netherlands server. If you want to use https proxy, unmark it by deleting # sign and place/delete socks5 entries.   

    echo "#HTTPSProxy nl.torguardvpnaccess.com:6060" >> /etc/tor/torrc
    echo "#HTTPSProxyAuthenticator YOURTORGUARDUSERNAME:YOURTORGUARDPASSWORD" >> /etc/tor/torrc
    echo "Socks5Proxy nl.torguardvpnaccess.com:1080" >> /etc/tor/torrc
    echo "Socks5ProxyUsername YOURTORGUARDUSERNAME" >> /etc/tor/torrc
    echo "Socks5ProxyPassword YOURTORGUARDPASSWORD" >> /etc/tor/torrc

Tor Network Settings
Set your tor interface static ip:

    uci set [email protected][-1].ipaddr=172.16.1.1

Please replace all 172.x.x.x in torrc according to your setting if you change these values.
 
Change your Entry/Exit nodes
(I've set here german and netherlands only, best is if you set to the country of the socks/proxy server which you use)

    echo "EntryNodes {de},{nl}" >> /etc/tor/torrc
    echo "ExitNodes {nl},{de}" >> /etc/tor/torrc
    echo "ExcludeNodes {be},{pl},{ca},{za},{vn},{uz},{ua},{tw},{tr},{th},{sk},{sg},{se},{sd},{sa},{ru},{ro},{pt},{ph},{pa},{nz},{np},{no},{my},{mx},{md},{lv},{lu},{kr},{jp},{it},{ir},{il},{ie},{id},{hr},{hk},{gr},{gi},{gb},{fi},{es},{ee},{dk},{cz},{cy},{cr},{co},{cn},{cl},{ci},{ch},{by},{br},{bg},{au},{at},{ar},{aq},{ao},{ae},{fr},{us}" >> /etc/tor/torrc
    echo "ExcludeExitNodes {be},{pl},{ca},{za},{vn},{uz},{ua},{tw},{tr},{th},{sk},{sg},{se},{sd},{sa},{ru},{ro},{pt},{ph},{pa},{nz},{np},{no},{my},{mx},{md},{lv},{lu},{kr},{jp},{it},{ir},{il},{ie},{id},{hr},{hk},{gr},{gi},{gb},{fi},{es},{ee},{dk},{cz},{cy},{cr},{co},{cn},{cl},{ci},{ch},{by},{br},{bg},{au},{at},{ar},{aq},{ao},{ae},{fr},{us}" >> /etc/tor/torrc

For other settings, please read up Tor's documentation.
 
Install Script
(please check all settings before running this script)

opkg update;opkg install libevent2-openssl libevent2 libminiupnpc libnatpmp tor tor-geoip

if [ -f /etc/init.d/tor ]; then
	# Creating Tor interface (/etc/config/network)
    uci add network interface
    uci rename [email protected][-1]=tor
    uci set [email protected][-1].proto=static
    uci set [email protected][-1].ipaddr=172.16.1.1
    uci set [email protected][-1].netmask=255.255.255.0
    uci commit network
    
	# Configuring DHCP server for Tor interface (/etc/config/dhcp)
    uci add dhcp dhcp
    uci rename [email protected][-1]=tor
    uci set [email protected][-1].interface=tor
    uci set [email protected][-1].start=100
    uci set [email protected][-1].limit=150
    uci set [email protected][-1].leasetime=12h
    uci commit dhcp
    
	# Creating new isolated Wireless interface for Tor (/etc/config/wireless)
	#	please check which radio is which device.
	#	TP-Links Archer C7	radio0: 2,4Ghz	radio1: 5,0Ghz
	#	TP-Link RE450:		radio0:	5Ghz	radio1: 2,4Ghz
    uci add wireless wifi-iface
    uci set [email protected][-1]=wifi-iface
    uci set [email protected][-1].device=radio0
    uci set [email protected][-1].network=tor
    uci set [email protected][-1].mode=ap
    uci set [email protected][-1].ssid='ಠ_ಠ'
    uci set [email protected][-1].encryption=psk2
    uci set [email protected][-1].key='CHANGETHISPASSWORD'
    uci set [email protected][-1].isolate=1
    uci set [email protected][-1].macaddr='00:88:88:88:00:2A'
    uci set [email protected][-1].disabled=0
    uci commit wireless
	
    uci add wireless wifi-iface
    uci set [email protected][-1]=wifi-iface
    uci set [email protected][-1].device=radio1
    uci set [email protected][-1].network=tor
    uci set [email protected][-1].mode=ap
    uci set [email protected][-1].ssid='ಠ_ಠ'
    uci set [email protected][-1].encryption=psk2
    uci set [email protected][-1].key='CHANGETHISPASSWORD'
    uci set [email protected][-1].isolate=1
    uci set [email protected][-1].macaddr='00:88:88:88:00:2B'
    uci set [email protected][-1].disabled=0
    uci commit wireless
	

	# Configuring Firewall (/etc/config/firewall)
    uci add firewall zone
    uci set [email protected][-1].name=tor
    uci set [email protected][-1].input=REJECT
    uci set [email protected][-1].output=ACCEPT
    uci set [email protected][-1].forward=REJECT
    uci set [email protected][-1].conntrack=1
    uci set [email protected][-1].network=tor
    uci set  [email protected][-1].mask=1

    uci add firewall rule
    uci set [email protected][-1].target=ACCEPT
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].proto=udp
    uci set [email protected][-1].dest_port=67
    uci set [email protected][-1].name='Allow Tor DHCP Requests'
    
    uci add firewall rule
    uci set [email protected][-1].target=ACCEPT
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].proto=tcp
    uci set [email protected][-1].dest_port=9040
    uci set [email protected][-1].name='Allow Tor Transparent Proxy'

    uci add firewall rule
    uci set [email protected][-1].target=ACCEPT
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].proto=tcp
    uci set [email protected][-1].dest_port=9053
    uci set [email protected][-1].name='Allow Tor DNS Proxy'

    uci add firewall redirect
    uci set [email protected][-1].name='Redirect Tor Traffic'
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].src_dip='!192.168.1.0/24'
    uci set [email protected][-1].dest_port=9040
    uci set [email protected][-1].proto=tcp
    uci set [email protected][-1].target=DNAT
    uci set [email protected][-1].reflection=0
    
    uci add firewall redirect
    uci set [email protected][-1].name='Redirect Tor DNS'
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].src_dport=53
    uci set [email protected][-1].dest_port=9053
    uci set [email protected][-1].proto=udp
    uci set [email protected][-1].target=DNAT
    uci set [email protected][-1].reflection=0

    uci add firewall rule
    uci set [email protected][-1]=rule
    uci set [email protected][-1].name='Deny Tor LAN Access'
    uci set [email protected][-1].src=tor
    uci set [email protected][-1].dest=lan
    uci set [email protected][-1].proto=all
    uci set [email protected][-1].target=DROP

    uci commit firewall

	# Configuring Tor (/etc/tor/torrc)
    echo "VirtualAddrNetwork 10.192.0.0/10" >> /etc/tor/torrc
    echo "AutomapHostsSuffixes .onion,.exit" >> /etc/tor/torrc
    echo "AutomapHostsOnResolve 1" >> /etc/tor/torrc
    echo "TransPort 9040" >> /etc/tor/torrc
    echo "TransListenAddress 172.16.1.1" >> /etc/tor/torrc
    echo "DNSPort 9053" >> /etc/tor/torrc
    echo "DNSListenAddress 172.16.1.1" >> /etc/tor/torrc
    echo "SocksPort 9050" >> /etc/tor/torrc
    echo "SocksPort 192.168.1.3:9050" >> /etc/tor/torrc
    echo "SocksPolicy accept 192.168.1.0/24" >> /etc/tor/torrc
    echo "SocksPolicy accept 172.16.1.0/24" >> /etc/tor/torrc
    echo "SocksPolicy accept 127.0.0.1" >> /etc/tor/torrc
    echo "SocksPolicy reject * " >> /etc/tor/torrc
    echo "EntryNodes {de},{nl}" >> /etc/tor/torrc
    echo "ExitNodes {nl},{de}" >> /etc/tor/torrc
    echo "ExcludeNodes {be},{pl},{ca},{za},{vn},{uz},{ua},{tw},{tr},{th},{sk},{sg},{se},{sd},{sa},{ru},{ro},{pt},{ph},{pa},{nz},{np},{no},{my},{mx},{md},{lv},{lu},{kr},{jp},{it},{ir},{il},{ie},{id},{hr},{hk},{gr},{gi},{gb},{fi},{es},{ee},{dk},{cz},{cy},{cr},{co},{cn},{cl},{ci},{ch},{by},{br},{bg},{au},{at},{ar},{aq},{ao},{ae},{fr},{us}" >> /etc/tor/torrc
    echo "ExcludeExitNodes {be},{pl},{ca},{za},{vn},{uz},{ua},{tw},{tr},{th},{sk},{sg},{se},{sd},{sa},{ru},{ro},{pt},{ph},{pa},{nz},{np},{no},{my},{mx},{md},{lv},{lu},{kr},{jp},{it},{ir},{il},{ie},{id},{hr},{hk},{gr},{gi},{gb},{fi},{es},{ee},{dk},{cz},{cy},{cr},{co},{cn},{cl},{ci},{ch},{by},{br},{bg},{au},{at},{ar},{aq},{ao},{ae},{fr},{us}" >> /etc/tor/torrc
    echo "GeoIPFile /etc/tor/geoip" >> /etc/tor/torrc
    echo "GeoIPv6File /etc/tor/geoip6" >> /etc/tor/torrc
    echo "HiddenServiceStatistics 0" >> /etc/tor/torrc
    echo "#HTTPSProxy nl.torguardvpnaccess.com:6060" >> /etc/tor/torrc
    echo "#HTTPSProxyAuthenticator YOURTORGUARDUSERNAME:YOURTORGUARDPASSWORD" >> /etc/tor/torrc
    echo "Socks5Proxy nl.torguardvpnaccess.com:1080" >> /etc/tor/torrc
    echo "Socks5ProxyUsername YOURTORGUARDUSERNAME" >> /etc/tor/torrc
    echo "Socks5ProxyPassword YOURTORGUARDPASSWORD" >> /etc/tor/torrc
    echo "ReachableAddresses *:80,*:443" >> /etc/tor/torrc
    echo "ReachableAddresses *:80,*:443" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "ReachableAddresses reject *:*" >> /etc/tor/torrc
    echo "StrictNodes 1" >> /etc/tor/torrc
    echo "UseBridges 0" >> /etc/tor/torrc
    
    /etc/init.d/tor enable
	
	# Download file to specific location
	# wget <file.ext> -O /path/to/folder/file.ext
	# INFO: make sure /etc/tor folder exists

	# Download GeoIP (IPv4)
	wget https://raw.githubusercontent.com/torproject/tor/master/src/config/geoip -O /etc/tor/geoip

	# Download GeoIP (IPv6)
	wget https://raw.githubusercontent.com/torproject/tor/master/src/config/geoip6 -O /etc/tor/geoip6
fi 

 


 
If you are connected with TorGuards VPN and everything runs over VPN, then your tor might be inactive if it starts before openvpn during the boot because openvpn changes routes and tor needs to be restarted. In this case you can edit openvpn's start scripts, or tor's startscripts or simply adding this command under System->Startup section "Local Startup"

# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
sleep 10
/etc/init.d/tor reload
/etc/init.d/tor restart
exit 0 

How to get geoip and geoipv6 files


Method 1 - download directly from your router
(geoip is 1~ 3,5MB, geoip6 ~ 1,7MB)


Download directly to your box.







# Download file to specific location
# wget <file.ext> -O /path/to/folder/file.ext
# INFO: make sure /etc/tor folder exists

# Download GeoIP (IPv4)
wget https://raw.githubusercontent.com/torproject/tor/master/src/config/geoip -O /etc/tor/geoip

# Download GeoIP (IPv6)
wget https://raw.githubusercontent.com/torproject/tor/master/src/config/geoip6 -O /etc/tor/geoip6

 


Method 2 - use files provided by TorBrowser


The easiest was is to install TorBrowser and use files provided by TorBrowser. 
geoip files are located in:

TorBrowserInstallDir/Browser/TorBrowser/Data/Tor

For windows users mostly in:

C:\Users\YourUsername\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor

Upload geoip and geoip6 to your router.


Method 3 - download latest DB and convert it


For this method you need to install python on your openwrt. Run these commands directly on the box.
For python you need usb storage as it takes a lot space, do not install python on opewrt if you don not run the system on usb.
 
Download latest GeoLite2-Country.mmdb.gz

# Download latest GeoIP to temp folder
wget -N http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz -O /tmp/GeoLite2-Country.mmdb.gz

Download python script for converting mmdb







# Download convert script
wget https://github.com/torproject/tor/blob/master/src/config/mmdb-convert.py -O /etc/tor/mmdb-convert.py

 
Extract and Convert mmdb

# Extract GeoLite2-City.mmdb
gunzip /tmp/GeoLite2-Country.mmdb.gz
# Convert GeoLite2-Country.mmdb to geoip
python /etc/tor/mmdb-convert.py /tmp/GeoLite2-Country.mmdb > output 

 



 
TorGuard works blazing fast with Tor Network
(!!!TORGUARD TEAM IS AMAZING, THANKS FOR GREAT SERVICES!!!)
 

Thats it, enjoy tor network.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...