How to route all internet traffic through Tor (the onion router)?

Question

Could you explain how to route all internet traffic through tor? I am using Ubuntu I really don't know how to do it. Actually I am using tor for twitter only, and I'm afraid of DNS leak. So I need to route everything through tor.

Answer 1

You are looking for this: TransparentProxy.

Local Redirection Through Tor

Add to your torrc:

VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 9040
DNSPort 53

This way you setup DNS server on your Ubuntu on port 53 and Transparent proxy: 127.0.0.1:9040.

Next, add to your /etc/resolv.conf

nameserver 127.0.0.1

This way, you prevent any DNS leakage from your system.

Therefore, configure your firewall in the light that any connection will going through TransPort except Tor's user:

#!/bin/sh

# destinations you don't want routed through Tor
NON_TOR="192.168.1.0/24 192.168.0.0/24"

# the UID Tor runs as
TOR_UID="109"

# Tor's TransPort
TRANS_PORT="9040"

iptables -F
iptables -t nat -F

iptables -t nat -A OUTPUT -m owner --uid-owner $TOR_UID -j RETURN
iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 53
for NET in $NON_TOR 127.0.0.0/9 127.128.0.0/10; do
 iptables -t nat -A OUTPUT -d $NET -j RETURN
done
iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT

iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
for NET in $NON_TOR 127.0.0.0/8; do
 iptables -A OUTPUT -d $NET -j ACCEPT
done
iptables -A OUTPUT -m owner --uid-owner $TOR_UID -j ACCEPT
iptables -A OUTPUT -j REJECT

Keep reading official wiki, there is kind of attack against this method and kind of solution: IsolatingProxy.