TOR in ArchLinux: Torbutton

Similar Messages

• Will Torbutton work with Firefox 5?

  I'm using an earlier version of Firefox with a Pentium 4. Last time I tried to update Firefox I found that the Torbutton didn't work, so I switched back again. I must be able to use Tor and Torbutton, so I want to be sure these work with Firefox 5 before I update.

  How can I enable Tor in Firefox 5?
  1) Install "Stable Vidalia Bundle works with Windows 7, Vista, XP, https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.1.30-0.2.12.exe (sig)
  2)In Firefox 5 '''"Tools" menu > "Advanced" toolbar > "Network" Tab > "Settings" button''''', follow the 1st image (Manual proxy configuration:) then the 2nd image (Auto-detect proxy setting for this network:) and then "Ok".
  3) Be sure that "Tor" network is connected. Now you can install the "Torbutton" by selecting
  Install Stable:https://archive.torproject.org/tor-package-archive/torbutton/torbutton-1.4.0.xpi
  Welcome to Tor in Firefox 5 :)
  References:
  http://support.mozilla.com/en-US/questions/769300
  https://support.mozilla.com/en-US/questions/841707

• Tor is very slow

  Hi.
  I install tor in archlinux. And i put obfs3 bridges in torrc file.
  Tor in working fine now. But is very slow.
  When i enter a website, firefox is load nothing about 20 sec and then the site is start loading.
  But in ubuntu i don't have this issue.
  One more thing.
  I can't find log file of tor in /var/log/tor path.
  Thanks.

  YMMV *a lot* depending on the nodes you get connected to.

• Issues with Tor connection

  Hi,
  First here is my network information.
  I'm in university, where there is a direct connection to the internet. But the firewall blocks all outgoing ports except 80 and 443. In addition they seem to be preventing CONNECT calls over HTTP to tunnel other protocols.
  I'm trying to use Tor. In my Torrc i set the following options
  ## CONFIGURED FOR ARCHLINUX
  ## Last updated 22 July 2005 for Tor 0.1.0.13.
  ## (May or may not work for older or newer versions of Tor.)
  ## See the man page, or http://tor.eff.org/tor-manual.html, for more
  ## options you can use in this file.
  # On Unix, Tor will look for this file in someplace like "~/.tor/torrc" or
  # "/etc/torrc"
  # On Windows, Tor will look for the configuration file in someplace like
  # "Application Data\tor\torrc" or "Application Data\<username>\tor\torrc"
  # With the default Mac OS X installer, Tor will look in ~/.tor/torrc or
  # /Library/Tor/torrc
  # Set the Tor Circuit Build time to find faster tor servers, increments of seconds
  CircuitBuildTimeout 2
  # connections while Tor is not in use.
  KeepalivePeriod 60
  # Force Tor to consider whether to build a new circuit every NUM seconds.
  NewCircuitPeriod 15
  # Set How many entry guards we should we keep at a time
  NumEntryGuards 8
  ## Replace this with "SocksPort 0" if you plan to run Tor only as a
  ## server, and not make any local application connections yourself.
  SocksPort 9050 # what port to open for local application connections
  SocksBindAddress 127.0.0.1 # accept connections only from localhost
  #SocksBindAddress 192.168.0.1:9100 # listen on a chosen IP/port too
  ## Entry policies to allow/deny SOCKS requests based on IP address.
  ## First entry that matches wins. If no SocksPolicy is set, we accept
  ## all (and only) requests from SocksBindAddress.
  #SocksPolicy accept 192.168.0.1/16
  #SocksPolicy reject *
  ## Allow no-name routers (ones that the dirserver operators don't
  ## know anything about) in only these positions in your circuits.
  ## Other choices (not advised) are entry,exit,introduction.
  AllowUnverifiedNodes middle,rendezvous
  ## Logs go to stdout at level "notice" unless redirected by something
  ## else, like one of the below lines. You can have as many log lines as
  ## you want.
  ## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
  #Log notice file /var/log/tor/notices.log
  ## Send only debug and info messages to /var/log/tor/debug.log
  #Log debug-info file /var/log/tor/debug.log
  ## Send ONLY debug messages to /var/log/tor/debug.log
  #Log debug-debug file /var/log/tor/debug.log
  ## To use the system log instead of Tor's logfiles, uncomment these lines:
  Log notice syslog
  ## To send all messages to stderr:
  #Log debug stderr
  ## Uncomment this to start the process in the background... or use
  ## --runasdaemon 1 on the command line.
  RunAsDaemon 1
  User tor
  Group tor
  ## Tor only trusts directories signed with one of these keys, and
  ## uses the given addresses to connect to the trusted directory
  ## servers. If no DirServer lines are specified, Tor uses the built-in
  ## defaults (moria1, moria2, tor26), so you can leave this alone unless
  ## you need to change it.
  #DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
  #DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
  #DirServer 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
  ## The directory for keeping all the keys/etc. By default, we store
  ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
  DataDirectory /var/lib/tor
  ## The port on which Tor will listen for local connections from Tor controller
  ## applications, as documented in control-spec.txt. NB: this feature is
  ## currently experimental.
  #ControlPort 9051
  ############### This section is just for location-hidden services ###
  ## Look in .../hidden_service/hostname for the address to tell people.
  ## HiddenServicePort x y:z says to redirect a port x request from the
  ## client to y:z.
  #HiddenServiceDir /var/lib/tor/hidden_service/
  #HiddenServicePort 80 127.0.0.1:80
  #HiddenServiceDir /var/lib/tor/other_hidden_service/
  #HiddenServicePort 80 127.0.0.1:80
  #HiddenServicePort 22 127.0.0.1:22
  #HiddenServiceNodes moria1,moria2
  #HiddenServiceExcludeNodes bad,otherbad
  ################ This section is just for servers #####################
  ## NOTE: If you enable these, you should consider mailing your identity
  ## key fingerprint to the tor-ops, so we can add you to the list of
  ## servers that clients will trust. See
  ## http://tor.eff.org/doc/tor-doc.html#server for details.
  ## Required: A unique handle for this server
  #Nickname ididnteditheconfig
  ## The IP or fqdn for this server. Leave commented out and Tor will guess.
  #Address noname.example.com
  ## Contact info that will be published in the directory, so we can
  ## contact you if you need to upgrade or if something goes wrong.
  ## This is optional but recommended.
  #ContactInfo Random Person <nobody AT example dot com>
  ## You might also include your PGP or GPG fingerprint if you have one:
  #ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
  ## Required: what port to advertise for tor connections
  #ORPort 9001
  ## If you want to listen on a port other than the one advertised
  ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment
  ## the line below. You'll need to do ipchains or other port forwarding
  ## yourself to make this work.
  #ORBindAddress 0.0.0.0:9090
  ## Uncomment this to mirror the directory for others (please do)
  #DirPort 9030 # what port to advertise for directory connections
  ## If you want to listen on a port other than the one advertised
  ## in DirPort (e.g. to advertise 80 but bind 9091), uncomment the line
  ## below. You'll need to do ipchains or other port forwarding yourself
  ## to make this work.
  #DirBindAddress 0.0.0.0:9091
  ## A comma-separated list of exit policies. They're considered first
  ## to last, and the first match wins. If you want to *replace*
  ## the default exit policy, end this with either a reject *:* or an
  ## accept *:*. Otherwise, you're *augmenting* (prepending to) the
  ## default exit policy. Leave commented to just use the default, which is
  ## available in the man page or at http://tor.eff.org/documentation.html
  ## Look at http://tor.eff.org/faq-abuse.html#TypicalAbuses
  ## for issues you might encounter if you use the default exit policy.
  ## If certain IPs and ports are blocked externally, e.g. by your firewall,
  ## you should update your exit policy to reflect this -- otherwise Tor
  ## users will be told that those destinations are down.
  #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
  #ExitPolicy accept *:119 # accept nntp as well as default exit policy
  #ExitPolicy reject *:* # middleman only -- no exits allowed
  ReachableDirAddresses *:80
  ReachableORAddresses *:443
  But Tor is unable to connect. Here is the log
  Tor[5442]: No current certificate known for authority moria1; launching request.
  Tor[5442]: No current certificate known for authority tor26; launching request.
  Tor[5442]: No current certificate known for authority dizum; launching request.
  Tor[5442]: No current certificate known for authority ides; launching request.
  Tor[5442]: No current certificate known for authority gabelmoo; launching request.
  Tor[5442]: No current certificate known for authority dannenberg; launching request.
  Tor[5442]: Your application (using socks4 to port 80) is giving Tor only an IP address. Applications t
  hat do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more inf
  ormation, please see http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS.
  Tor[5442]: Application request when we're believed to be offline. Optimistically trying directory fetc
  hes again.
  I can't find any documentation about this issue.
  Thanks.

  ## Tor only trusts directories signed with one of these keys, and
  ## uses the given addresses to connect to the trusted directory 
  ## servers. If no DirServer lines are specified, Tor uses the built-in
  ## defaults (moria1, moria2, tor26), so you can leave this alone unless
  ## you need to change it.                                             
  #DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
  #DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF 
  #DirServer 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D 
  Try uncomment this...
  Maybe tor need this address
  Sorry for my very bad english, i am from Brazil, add me in GTalk if you need more support.
  [email protected]
  Good luck!

• Issues with TOR and Firefox

  Hello,
  I am attempting to use a combination of Vidalia and the Torbutton Firefox extension to access the Tor network. However, every time I do, Firefox refuses to load any pages, stating that it is connected to a proxy that is refusing connections. My operating system is Ubuntu 10.04. Any help with this problem would be appreciated.
  Sincerely,
  Joe
  == This happened ==
  Every time Firefox opened

  I use Tor/Vidalia/Torbutton/Polipio regularly. When I get this message, it is because I am trying to browse normally with the Torbutton enabled (green, Tor is "on") -
  Or, I am trying to browse using Tor, it's turned on but Vidalia is not running in the background. If you installed Vidalia so that it does not automatically start when you start Windows, you must manually launch it (I use Start>Program Files>Vidalia Bundle>Vidalia). Give it a few seconds to get connected and then Firefox should work with the TorButton enabled.
  In case you do not know, Vidalia launches Tor, and will report if there are any problems with it.
  The documentation, tips, FAQs, help, advice and general availability of any practical knowledge on how to use these features is extremely poor, for reasons I am currently being made aware of. Because of this, I am considering starting a Discussion Forum focused primarily on helping people make use of this anonymous browsing technology.
  If anyone is interested in assisting with this effort, or has helpful advice, etc... feel free to e-mail me at quickdxtjohnatgmaildxtcom

• [Solved] tor /hidden_service not being created

  I am trying to set up a tor hidden service, but tor does not seem to want to create the "hidden_service" folder at /var/lib/tor/ or any other place.
  I have tried checking the permissions of /var/lib/tor and even set them to 777 just to see if it worked, and it didn't, /var/lib/tor is owned by tor according to ls -al, but the group is root (shouldn't matter if i set permissions to 777?)
  I have tried manually creating hidden_service/ and setting it to be owned by tor (with 777), and it did not work
  This thread on ubuntu forums has the same problem, and a post at the bottom says that the web server needs access hidden_service/ (which i think is false, why would the web server need to know about the keys?)
  I uncommented the notices line in torrc and it does not generate any logs in /var/log/tor/notices.log
  ## CONFIGURED FOR ARCHLINUX
  ## Last updated 22 July 2005 for Tor 0.1.0.13.
  ## (May or may not work for older or newer versions of Tor.)
  ## See the man page, or http://tor.eff.org/tor-manual.html, for more
  ## options you can use in this file.
  # On Unix, Tor will look for this file in someplace like "~/.tor/torrc" or
  # "/etc/torrc"
  # On Windows, Tor will look for the configuration file in someplace like
  # "Application Data\tor\torrc" or "Application Data\<username>\tor\torrc"
  # With the default Mac OS X installer, Tor will look in ~/.tor/torrc or
  # /Library/Tor/torrc
  ## Replace this with "SocksPort 0" if you plan to run Tor only as a
  ## server, and not make any local application connections yourself.
  SocksPort 9050 # what port to open for local application connections
  SocksBindAddress 127.0.0.1 # accept connections only from localhost
  #SocksBindAddress 192.168.0.1:9100 # listen on a chosen IP/port too
  ## Entry policies to allow/deny SOCKS requests based on IP address.
  ## First entry that matches wins. If no SocksPolicy is set, we accept
  ## all (and only) requests from SocksBindAddress.
  #SocksPolicy accept 192.168.0.1/16
  #SocksPolicy reject *
  ## Allow no-name routers (ones that the dirserver operators don't
  ## know anything about) in only these positions in your circuits.
  ## Other choices (not advised) are entry,exit,introduction.
  AllowUnverifiedNodes middle,rendezvous
  ## Logs go to stdout at level "notice" unless redirected by something
  ## else, like one of the below lines. You can have as many log lines as
  ## you want.
  ## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
  Log notice file /var/log/tor/notices.log
  ## Send only debug and info messages to /var/log/tor/debug.log
  #Log debug-info file /var/log/tor/debug.log
  ## Send ONLY debug messages to /var/log/tor/debug.log
  #Log debug-debug file /var/log/tor/debug.log
  ## To use the system log instead of Tor's logfiles, uncomment these lines:
  Log notice syslog
  ## To send all messages to stderr:
  #Log debug stderr
  ## Uncomment this to start the process in the background... or use
  ## --runasdaemon 1 on the command line.
  RunAsDaemon 1
  User tor
  Group tor
  ## Tor only trusts directories signed with one of these keys, and
  ## uses the given addresses to connect to the trusted directory
  ## servers. If no DirServer lines are specified, Tor uses the built-in
  ## defaults (moria1, moria2, tor26), so you can leave this alone unless
  ## you need to change it.
  #DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
  #DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
  #DirServer 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
  ## The directory for keeping all the keys/etc. By default, we store
  ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
  DataDirectory /var/lib/tor
  ## The port on which Tor will listen for local connections from Tor controller
  ## applications, as documented in control-spec.txt. NB: this feature is
  ## currently experimental.
  #ControlPort 9051
  ############### This section is just for location-hidden services ###
  ## Look in .../hidden_service/hostname for the address to tell people.
  ## HiddenServicePort x y:z says to redirect a port x request from the
  ## client to y:z.
  HiddenServiceDir /var/lib/tor/hidden_service/
  HiddenServicePort 80 127.0.0.1:80
  #HiddenServiceDir /var/lib/tor/other_hidden_service/
  #HiddenServicePort 80 127.0.0.1:80
  #HiddenServicePort 22 127.0.0.1:22
  #HiddenServiceNodes moria1,moria2
  #HiddenServiceExcludeNodes bad,otherbad
  ################ This section is just for servers #####################
  ## NOTE: If you enable these, you should consider mailing your identity
  ## key fingerprint to the tor-ops, so we can add you to the list of
  ## servers that clients will trust. See
  ## http://tor.eff.org/doc/tor-doc.html#server for details.
  ## Required: A unique handle for this server
  #Nickname ididnteditheconfig
  ## The IP or fqdn for this server. Leave commented out and Tor will guess.
  #Address noname.example.com
  ## Contact info that will be published in the directory, so we can
  ## contact you if you need to upgrade or if something goes wrong.
  ## This is optional but recommended.
  #ContactInfo Random Person <nobody AT example dot com>
  ## You might also include your PGP or GPG fingerprint if you have one:
  #ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
  ## Required: what port to advertise for tor connections
  #ORPort 9001
  ## If you want to listen on a port other than the one advertised
  ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment
  ## the line below. You'll need to do ipchains or other port forwarding
  ## yourself to make this work.
  #ORBindAddress 0.0.0.0:9090
  ## Uncomment this to mirror the directory for others (please do)
  #DirPort 9030 # what port to advertise for directory connections
  ## If you want to listen on a port other than the one advertised
  ## in DirPort (e.g. to advertise 80 but bind 9091), uncomment the line
  ## below. You'll need to do ipchains or other port forwarding yourself
  ## to make this work.
  #DirBindAddress 0.0.0.0:9091
  ## A comma-separated list of exit policies. They're considered first
  ## to last, and the first match wins. If you want to *replace*
  ## the default exit policy, end this with either a reject *:* or an
  ## accept *:*. Otherwise, you're *augmenting* (prepending to) the
  ## default exit policy. Leave commented to just use the default, which is
  ## available in the man page or at http://tor.eff.org/documentation.html
  ## Look at http://tor.eff.org/faq-abuse.html#TypicalAbuses
  ## for issues you might encounter if you use the default exit policy.
  ## If certain IPs and ports are blocked externally, e.g. by your firewall,
  ## you should update your exit policy to reflect this -- otherwise Tor
  ## users will be told that those destinations are down.
  #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
  #ExitPolicy accept *:119 # accept nntp as well as default exit policy
  #ExitPolicy reject *:* # middleman only -- no exits allowed
  Last edited by supernub (2013-03-15 08:22:01)

  I think it might be that my disk is 100% full, ill update this post in a bit once i finish reinstalling on a larger disk. (virtual)
  update:
  yep,
  hidden_service/
  hidden_service/hostname
  hidden_service/private_key
  are all being generated properly to the best of my knowledge.
  Last edited by supernub (2013-03-15 08:21:34)

• I'm using tor program and i cant add flash player to fire fox

  mu problem i'm using tor program to navegat youtube and facebook ( incloud tor program firefox) but this fire fox is not suport to play the flash vedio i tried to add flash player to hem but he didint work '''coud you help me to add flash player to tor program'''

  My God, what a pain in the arse this is!... Have finally got there after a very stressful few hours... Firstly, click on this very helpful link and follow the instructions, but there's more you have to do too...
  https://botusharov.wordpress.com/2011/01/09/how-to-watch-videos-restricted-in-your-country-using-tor-and-portable-firefox-explained-for-bbc-iplayer-videos/
  and when your tor browser is open, go to the tools at the top left and click on 'add-ons' then 'extentions'... in the 'no script' section click 'options' and choose the 'embeddings' tab... uncheck 'forbid Adobe Flash' press 'OK'...
  then click the options button for the Torbutton 1.4.4.1 section and choose the 'security settings' tab... uncheck 'disable plugins during tor usage'... then OK...
  then simply close it all and restart Tor... it works, 100%... have just managed to upload photos onto facebook in Vietnam after days of failed attempts...

• I'm having trouble using Firefox 4 with Tor Project software. Please help. Will there be an updated Tor Button add-on for Firefox 4.0 soon? If not, how can I get rid of 4.0 and go to an earlier, but stable Firefox version?

  I'm trying to use Tor Project for anonymous browsing. I updated my Firefox to 4.0, but I can't get a Tor Button to download, because it isn't available for Firefox 4.o.
  Will it be soon?
  If not, how do I go back to an earlier, stable version of Firefox that supports Tor Button browsing?
  Thanks much!

  See if the "stable" version released on 30 June is compatible with Firefox 5.0. That page doesn't mention which versions of Firefox it is compatible with, a serious oversight, IMO. <br />
  https://www.torproject.org/torbutton/
  Plus, it looks like that developer hasn't updated his AMO page in over a year, which makes it impossible for users of that add-on to get automatic updates as each new version of Firefox is released. <br />
  https://addons.mozilla.org/en-US/firefox/addon/torbutton/

• How can I enable Tor in Firefox 5?

  How can I enable T0r in Firefox 5?

  How can I enable Tor in Firefox 5?
  1) Install "Stable Vidalia Bundle works with Windows 7, Vista, XP, [https://www.torproject.org/dist/vidalia-bundles/vidalia-bundle-0.2.1.30-0.2.12.exe Download Stable] (sig)
  2)In Firefox 5 '''"Tools" menu > "Advanced" toolbar > "Network" Tab > "Settings" button''''', follow the 1st image (Manual proxy configuration:) then the 2nd image (Auto-detect proxy setting for this network:) and then "Ok".
  3) Be sure that "Tor" network is connected. Now you can install the "Torbutton" by selecting
  Install Stable: [[Click to install from this website|https://www.torproject.org/dist/torbutton/torbutton-current.xpi]].
  Welcome to Tor in Firefox 5 :)

• How to configure Safari to connect to the Internet via the TOR Network for anonymization ?

  I'm used to use Vidalia/TOR combined with Firefox and the Add-On Torbutton on a Windows PC, which works well, but now i want to "torify" my PowerMac, too...

  Hi
  Welcome to Apple Discussions
  There's nothing specific in Safari's preferences about saving or not saving encrypted forms. Seems like you want to save a form to disk, which you need to complete etc. Is that correct? If so, what type of form are you referring to? Have you tried a right or control-click on the form to see if a download option is available via the Contextual menu?

• [Solved] Tor Error

  Just got tor installed from the wiki. I run 'tor' and i get
  [notice] Tor v0.2.5.12 (git-whateverthisis) running on linux with Libevent 2.0.22-stable, openSSL 1.0.2a and Zlib 1.2.7
  [notice] Read config file "/etc/tor/torrc"
  [notice] Opening Socks listener on 127.0.0.1:9050
  [warn] var/lib/tor is not owned by this user (text, 1001) but by tor (43). Perhaps you are running Tor as the wrong user?
  [warn] Failed to parse/validate config: Couldn't access/create private data directory "/var/lib/tor"
  [err] Reading config failed--see warnings above.
  Sorry if I formatted this wrong. I can see the problems here but I have no idea how to fix.
  Last edited by TexT (2015-04-24 00:16:44)

  https://wiki.archlinux.org/index.php/Tor#Usage

• How can I enable TOR with add-ons?

  I want to use TOR on latest stable version of Mozilla Firefox.
  I research on internet but I could not find tutorials about it. Because everyone suggest Tor Browser Bundle. But I don't want to use it, because it does not update itself and no updates means no security. I can not update it manually each time :(
  So I want to use Tor with open source plug-ins and/or extensions. I don't want to install any app on my operating system.
  How can I do it?
  I try this:
  I install Torbutton 1.5.2 extension from torproject's official web site. I set the "use custom proxy settings" from Torbutton's options.
  Torbutton settings:
  http://i57.tinypic.com/2vs1zx1.jpg
  Firefox network settings:
  http://i62.tinypic.com/2nlae1l.jpg
  But it does not work.
  I will be happy if someone can help me.
  Thank you

  Sorry, the TOR project isn't part of Mozilla.
  https://blog.torproject.org/blog/tor-browser-36-released

• Iptables and tor, reroute all traffic for security... Help?

  I'm attempting to route all TCP traffic that does not go through polipo through port 9040, tor's default TransPort. My web browser uses polipo to cache stuff, so I'd like to keep it in place if possible. However, all non-http traffic needs to be sent through the transPort. My current config, which does not take into account rerouting, is below:
  # Generated by iptables-save v1.4.15 on Fri Oct 12 16:33:33 2012
  #*nat
  #:PREROUTING ACCEPT [12:3420]
  #:INPUT ACCEPT [1:261]
  #:OUTPUT ACCEPT [0:0]
  #:POSTROUTING ACCEPT [0:0]
  #-A OUTPUT ! -p tcp -m owner --owner-uid tor -j REDIRECT --to-ports 9040
  #-A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053
  #COMMIT
  # Completed on Fri Oct 12 16:33:33 2012
  # Generated by iptables-save v1.4.15 on Fri Oct 12 16:33:33 2012
  *filter
  :INPUT DROP [9:1175]
  :FORWARD ACCEPT [0:0]
  :OUTPUT DROP [8:488]
  # allow loopback
  -A INPUT -i lo -j ACCEPT
  -A OUTPUT -o lo -j ACCEPT
  # allow NTPD time syncs
  -A OUTPUT -p udp --dport 123 -j ACCEPT
  # allow tor
  -A OUTPUT -j ACCEPT -m owner --uid-owner tor
  -A OUTPUT -p tcp --dport 9040 -j ACCEPT
  -A OUTPUT -p udp --dport 53 -j ACCEPT
  # allow BitTorrent
  -A OUTPUT -p tcp --dport 6969 -j ACCEPT
  -A OUTPUT -p tcp --dport 51413 -j ACCEPT
  -A OUTPUT -p udp --dport 51413 -j ACCEPT
  # allow pings (still not working. fix?)
  -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
  -A INPUT -p icmp --icmp-type 8 -m conntrack --ctstate NEW -j ACCEPT
  # allow traffic on established connections
  -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  -A INPUT -m conntrack --ctstate INVALID -j DROP
  COMMIT
  # Completed on Fri Oct 12 16:33:33 2012
  as you can see, I've already tried to redirect traffic using the --uid-owner polipo rule. So far, it's just caused iptables to spit out errors. I'm stumped, so I thought I'd come to you wonderful people at the Archlinux forums for help.

  Using the command you gave me, I found that the polipo user is indeed executing /usr/bin/polipo. Other than that, polipo is executing no processes.
  I tried adding the following to my iptables rules nat section:
  -A OUTPUT -p tcp -m tcp -m owner ! --uid-owner polipo -j ACCEPT
  -A OUTPUT -p tcp -m tcp -m owner ! --uid-owner polipo -j REDIRECT --to-ports 9040
  polipo now works, but the rest of my traffic that should go to the TransPort gets blocked.
  [EDIT]
  I'm now trying the same thing, except that I've chained privoxy with polipo like so:
  browser > privoxy > polipo > tor > internet
  my iptables rules look like this:
  # Generated by iptables-save v2.4.15 on Fri Oct 12 16:33:33 2012
  *nat
  :PREROUTING ACCEPT [12:3420]
  :INPUT ACCEPT [1:261]
  :OUTPUT ACCEPT [0:0]
  :POSTROUTING ACCEPT [0:0]
  #-A OUTPUT -p tcp -m tcp -m owner ! --uid-owner tor -j REDIRECT --to-ports 9040
  -A OUTPUT -p tcp -m tcp -m owner ! --uid-owner tor -m owner ! --uid-owner polipo -m owner ! --uid-owner privoxy -j REDIRECT --to-ports 9040
  COMMIT
  # Completed on Fri Oct 12 16:33:33 2012
  # Generated by iptables-save v1.4.15 on Fri Oct 12 16:33:33 2012
  *filter
  :INPUT DROP [9:1175]
  :FORWARD ACCEPT [0:0]
  :OUTPUT DROP [8:488]
  # general
  -A OUTPUT -p tcp -m owner --uid-owner tor -j ACCEPT
  -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  # allow loopback
  -A INPUT -i lo -j ACCEPT
  -A OUTPUT -o lo -j ACCEPT
  -A INPUT -p all -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
  # allow NTPD time syncs
  -A OUTPUT -p udp --dport 123 -j ACCEPT
  # allow tor
  -A OUTPUT -p tcp --dport 9040 -j ACCEPT
  -A OUTPUT -p udp --dport 53 -j ACCEPT
  -A OUTPUT -p tcp --dport 8123 -j ACCEPT
  -A OUTPUT -p tcp --dport 8118 -j ACCEPT
  # allow pings
  -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
  COMMIT
  # Completed on Fri Oct 12 16:33:33 2012
  and it STILL won't route traffic right. iptables redirects to the TransPort, but any traffic passed through polipo or privoxy reveals "connection reset" error message. Help?
  Last edited by ParanoidAndroid (2013-03-12 01:50:51)

• When i use torbutton, it asks to install flash player plug-in but it doesn't allow to download and install it.why?

  when i use torbutton in firefox for anonymity, i can not play flash player based videos like youtube and it prompts to install flash player plug-in. i checked add-on in tool menu and found out this plug-in is not installed. i tried to D/L and install it but it doesn't allow me to do it and gives D/L error. whats the problem?
  it should be noted that i configured "security setting" tab in torbutton prefrences to accept plug -ins rences by unckecking "disable plug-ins during tor using".

  This folder does not exist on windows xp
  " Tor Browser\FirefoxPortable\App\Firefox\plugins "
  So this is not useful solution

• Upgraded and now tor doesn't work.

  before doing the following my system was great consistency. but accidentally when go around with some issues i typed this command when upgrade system:
  pacman -Syu --ignore filesystem && pacman -S filesystem --force
  from news: https://www.archlinux.org/news/filesyst … equired-1/
  after that tor daemon can not start properly..
  i use default config with tor. and when i try to use these command to star tor, it's fail.
  sudo rc.d restart tor
  :: Stopping Tor Daemon [FAIL]
  :: Starting Tor Daemon [FAIL]
  #sudo tor
  Jul 13 03:56:53.028 [notice] Tor v0.2.2.37 (git-fce6eb1c44e87bc2). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux x86_64)
  Jul 13 03:56:53.029 [warn] Skipping obsolete configuration option 'Group'
  Jul 13 03:56:53.029 [notice] Initialized libevent version 2.0.19-stable using method epoll. Good.
  Jul 13 03:56:53.029 [notice] Opening Socks listener on 127.0.0.1:9050 on 127.0.0.1:9050
  #tor
  Jul 13 03:58:41.759 [notice] Tor v0.2.2.37 (git-fce6eb1c44e87bc2). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux x86_64)
  Jul 13 03:58:41.760 [warn] Skipping obsolete configuration option 'Group'
  Jul 13 03:58:41.760 [notice] Initialized libevent version 2.0.19-stable using method epoll. Good.
  Jul 13 03:58:41.760 [notice] Opening Socks listener on 127.0.0.1:9050
  Jul 13 03:58:41.761 [warn] Error setting groups to gid 43: "Operation not permitted".
  Jul 13 03:58:41.761 [warn] If you set the "User" option, you must start Tor as root.
  Jul 13 03:58:41.761 [warn] Failed to parse/validate config: Problem with User value. See logs for details.
  Jul 13 03:58:41.761 [err] Reading config failed--see warnings above.
  so because i can not remember of packages which upgraded then i can not downgrade.
  any idea for this problem.
  PS. i use default of tor. thanks for any reps.
  Last edited by angelfalls (2012-07-12 21:02:11)

  this is ouput of : strace sudo rc.d restart tor > tor.log 2>&1
  there are some "open" "access" "no such file directory" but i can not understand what kind of information it give.
  can you make a parse?
  i downgraded which packages were upgraded with --ignore flag. after downgrade i still can not start tor.
  execve("/usr/bin/sudo", ["sudo", "rc.d", "restart", "tor"], [/* 26 vars */]) = 0
  brk(0) = 0xe0e000
  fcntl(0, F_GETFD) = 0
  fcntl(1, F_GETFD) = 0
  fcntl(2, F_GETFD) = 0
  access(process_vm_readv: Operation not permitted
  "/etc/suid-debug", F_OK) = -1 ENOENT (No such file or directory)
  mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff61b430000
  access(process_vm_readv: Operation not permitted
  "/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
  open(process_vm_readv: Operation not permitted
  "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
  fstat(3, process_vm_readv: Operation not permitted
  {st_mode=S_IFREG|0644, st_size=120083, ...}) = 0
  mmap(NULL, 120083, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7ff61b412000
  close(3) = 0
  open(process_vm_readv: Operation not permitted
  "/lib/libutil.so.1", O_RDONLY|O_CLOEXEC) = 3
  read(3, process_vm_readv: Operation not permitted
  "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\17\0\0\0\0\0\0"..., 832) = 832
  fstat(3, process_vm_readv: Operation not permitted
  {st_mode=S_IFREG|0755, st_size=10640, ...}) = 0
  mmap(NULL, 2105600, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ff61b00d000
  mprotect(0x7ff61b00f000, 2093056, PROT_NONE) = 0
  mmap(0x7ff61b20e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7ff61b20e000
  close(3) = 0
  open(process_vm_readv: Operation not permitted
  "/lib/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
  read(3, process_vm_readv: Operation not permitted
  "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\16\0\0\0\0\0\0"..., 832) = 832
  fstat(3, process_vm_readv: Operation not permitted
  {st_mode=S_IFREG|0755, st_size=14624, ...}) = 0
  mmap(NULL, 2109720, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ff61ae09000
  mprotect(0x7ff61ae0c000, 2093056, PROT_NONE) = 0
  mmap(0x7ff61b00b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7ff61b00b000
  close(3) = 0
  open(process_vm_readv: Operation not permitted
  "/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
  read(3, process_vm_readv: Operation not permitted
  "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\30\2\0\0\0\0\0"..., 832) = 832
  fstat(3, process_vm_readv: Operation not permitted
  {st_mode=S_IFREG|0755, st_size=1997041, ...}) = 0
  mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff61b411000
  mmap(NULL, 3816528, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ff61aa65000
  mprotect(0x7ff61ac00000, 2093056, PROT_NONE) = 0
  mmap(0x7ff61adff000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19a000) = 0x7ff61adff000
  mmap(0x7ff61ae05000, 15440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7ff61ae05000
  close(3) = 0
  mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff61b410000
  mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff61b40f000
  arch_prctl(ARCH_SET_FS, 0x7ff61b410700) = 0
  mprotect(0x7ff61adff000, 16384, PROT_READ) = 0
  mprotect(0x7ff61b00b000, 4096, PROT_READ) = 0
  mprotect(0x7ff61b20e000, 4096, PROT_READ) = 0
  mprotect(0x617000, 4096, PROT_READ) = 0
  mprotect(0x7ff61b431000, 4096, PROT_READ) = 0
  munmap(0x7ff61b412000, 120083) = 0
  brk(0) = 0xe0e000
  brk(0xe2f000) = 0xe2f000
  open(process_vm_readv: Operation not permitted
  "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
  fstat(3, process_vm_readv: Operation not permitted
  {st_mode=S_IFREG|0644, st_size=1607632, ...}) = 0
  mmap(NULL, 1607632, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7ff61b286000
  close(3) = 0
  geteuid() = 1000
  open(process_vm_readv: Operation not permitted
  "/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3
  fstat(3, process_vm_readv: Operation not permitted
  {st_mode=S_IFREG|0644, st_size=2502, ...}) = 0
  mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff61b42f000
  read(3, process_vm_readv: Operation not permitted
  "# Locale name alias data base.\n#"..., 4096) = 2502
  read(3, "", 4096) = 0
  close(3) = 0
  munmap(0x7ff61b42f000, 4096) = 0
  open(process_vm_readv: Operation not permitted
  "/usr/share/locale/en_US.UTF-8/LC_MESSAGES/sudo.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
  open(process_vm_readv: Operation not permitted
  "/usr/share/locale/en_US.utf8/LC_MESSAGES/sudo.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
  open(process_vm_readv: Operation not permitted
  "/usr/share/locale/en_US/LC_MESSAGES/sudo.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
  open(process_vm_readv: Operation not permitted
  "/usr/share/locale/en.UTF-8/LC_MESSAGES/sudo.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
  open(process_vm_readv: Operation not permitted
  "/usr/share/locale/en.utf8/LC_MESSAGES/sudo.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
  open(process_vm_readv: Operation not permitted
  "/usr/share/locale/en/LC_MESSAGES/sudo.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
  write(2, process_vm_readv: Operation not permitted
  "sudo", 4sudo) = 4
  write(2, process_vm_readv: Operation not permitted
  ": ", 2: ) = 2
  write(2, process_vm_readv: Operation not permitted
  "effective uid is not 0, is sudo "..., 54effective uid is not 0, is sudo installed setuid root?) = 54
  write(2, process_vm_readv: Operation not permitted
  "\n", 1
  ) = 1
  access(process_vm_readv: Operation not permitted
  "/var/run/utmpx", F_OK) = -1 ENOENT (No such file or directory)
  open(process_vm_readv: Operation not permitted
  "/var/run/utmp", O_RDONLY|O_CLOEXEC) = 3
  lseek(3, 0, SEEK_SET) = 0
  alarm(0) = 0
  rt_sigaction(SIGALRM, process_vm_readv: Operation not permitted
  {0x7ff61ab7c7e0, [], SA_RESTORER, 0x7ff61aa9a020}, process_vm_readv: Operation not permitted
  {SIG_DFL, [], 0}, 8) = 0
  alarm(10) = 0
  fcntl(3, F_SETLKW, process_vm_readv: Operation not permitted
  {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0
  read(3, process_vm_readv: Operation not permitted
  "\10\0\0\0\305\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\2\0\0\0\0\0\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\10\0\0\0\267\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\7\0\0\0\301\2\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\6\0\0\0\302\2\0\0tty2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\6\0\0\0\305\2\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\6\0\0\0\304\2\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\6\0\0\0\306\2\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, process_vm_readv: Operation not permitted
  "\6\0\0\0\303\2\0\0tty3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
  read(3, "", 384) = 0
  fcntl(3, F_SETLKW, process_vm_readv: Operation not permitted
  {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
  alarm(0) = 10
  rt_sigaction(SIGALRM, process_vm_readv: Operation not permitted
  {SIG_DFL, [], SA_RESTORER, 0x7ff61aa9a020}, NULL, 8) = 0
  exit_group(1) = ?
  +++ exited with 1 +++
  (END)
  EDIT: i have polipo daemon and strace it when start with the same output above but "done".
  Last edited by angelfalls (2012-07-13 08:28:41)