Jump to content

Need advise/help with USB Armory Tor setup


Recommended Posts

I'm not advanced user, more like hobbyist when we talking about gadgets, linux etc., so I bought USB Armory, and some of the things I had no problem setting up, but when it came to setting up Tor Anonimizing Middlebox, I got really stuck with the whole IP address thing. I need help to properly setup Tor, with the correct IP addresses. As I mentioned, I'm not quiet good with networking, and I can't wrap my head around it. So, if you could point what the right setup and IP's should be, I'd grateful.

This is what > ip route shows dev usb0 proto kernel scope link src

According to the Inversepath's documentation on Github, I had to set the USB with IP and Subnet Mask, then enable internet sharing. And in /etc/network/interfaces the setup should be:

auto usb0

allow-hotplug usb0

iface usb0 inet static





I had to change it to:

auto usb0

allow-hotplug usb0

iface usb0 inet static





to be able to connect to internet.



When it comes to setting up Tor, this is what it should look like:





AutomapHostsOnResolve 1

# Transparent proxy

TransPort 9040




DNSPort 53





Create iptables in /etc/iptables.sh with:


### set variables

#destinations you don't want routed through Tor


#the UID that Tor runs as (varies from system to system)


#Tor's TransPort


#your internal interface


### flush iptables

iptables -F

iptables -t nat -F

### set iptables *nat

iptables -t nat -A OUTPUT -o lo -j RETURN

iptables -t nat -A OUTPUT -m owner --uid-owner $_tor_uid -j RETURN

iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 53

#allow clearnet access for hosts in $_non_tor

for _clearnet in $_non_tor; do

   iptables -t nat -A OUTPUT -d $_clearnet -j RETURN

   iptables -t nat -A PREROUTING -i $_int_if -d $_clearnet -j RETURN


#redirect all other pre-routing and output to Tor

iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $_trans_port

iptables -t nat -A PREROUTING -i $_int_if -p udp --dport 53 -j REDIRECT --to-ports 53

iptables -t nat -A PREROUTING -i $_int_if -p tcp --syn -j REDIRECT --to-ports $_trans_port

### set iptables *filter

iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#allow clearnet access for hosts in $_non_tor

for _clearnet in $_non_tor; do

iptables -A OUTPUT -d $_clearnet -j ACCEPT


#allow only Tor output

iptables -A OUTPUT -m owner --uid-owner $_tor_uid -j ACCEPT

iptables -A OUTPUT -j REJECT


Then define the "rt_usbarmory" routing table identifier in /etc/iproute2/rt_tables


# reserved values


255     local

254     main

253     default

0       unspec


# local


#1      inr.ruhep

1 rt_usbarmory


And launch:

# ip rule add from table rt_usbarmory

# ip route add default via table rt_usbarmory

# ip route del default

# ip route add default via
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...