Tor OpenVPN - xxooxxooxx/xxooxxooxx.github.io GitHub Wiki
client---->OpenVpn(tor)---->Internet
-
https://github.com/Nyr/openvpn-install
vlan(10.8.0.0/20) -
/etc/openver/server/server.conf
local <server ip>
port <port>
proto udp
dev tun
;dev tap
;up /etc/openvpn/server/up.sh
;down /etc/openvpn/server/down.sh
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.240.0
;server-bridge 10.8.0.1 255.255.240.0 10.8.0.100 10.8.0.200
ifconfig-pool-persist ipp.txt
;server-bridge
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
script-security 2
duplicate-cn
crl-verify crl.pem
explicit-exit-notify
- /etc/tor/torrc
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 10.8.0.1:9040
DNSPort 10.8.0.1:9053
SocksPort 0
GeoIPFile /usr/share/tor/geoip
GeoIPv6File /usr/share/tor/geoip6
GeoIPExcludeUnknown 1
StrictNodes 1
ExcludeNodes {cn},{hk},{mo},{sg},{th},{pk},{by},{ru},{ir},{vn},{ph},{my},{cu},{br},{kz},{kw},{lk},{ci},{tk},{tw},{sy},{mn},{fr},{de},{it},{??}
ExcludeExitNodes {cn},{hk},{mo},{sg},{th},{pk},{by},{ru},{ir},{vn},{ph},{my},{cu},{br},{kz},{kw},{lk},{ci},{tk},{tw},{sy},{mn},{fr},{de},{it},{??}
#EntryNodes {us}
#ExitNodes {us}
- iptables
iptables -t nat -A PREROUTING -i tun0 -p udp --dport 53 -j REDIRECT --to-ports 9053
iptables -t nat -A PREROUTING -i tun0 -p tcp --syn -j REDIRECT --to-ports 9040
iptables -I FORWARD -s 10.8.0.0/20 -j DROP