It is quite the simple setup, as one could imagine, yet it seems that I am having trouble getting Privoxy to talk to Tor. The setup is running Ubuntu 20.04 with the latest packages for tor, privoxy, and squid, whereas the computer I am browsing from is on the same local network. I am able to access error pages for squid and privoxy, as well as privoxy’s configuration page, so there is no error between those two…
Here is my Privoxy configuration file:
user-manual /usr/share/doc/privoxy/user-manual confdir /etc/privoxy logdir /var/log/privoxy actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on. actionsfile default.action # Main actions file actionsfile user.action # User customizations filterfile default.filter filterfile user.filter # User customizations logfile logfile debug 4096 # Startup banner and warnings debug 8192 # Non-fatal errors listen-address 127.0.0.1:8118 listen-address [::1]:8118 toggle 1 enable-remote-toggle 0 enable-remote-http-toggle 0 enable-edit-actions 0 enforce-blocks 1 buffer-limit 4096 enable-proxy-authentication-forwarding 0 forward-socks4a / 127.0.0.1:9050 foward-socks4 / 127.0.0.1:9050 forward-sock5 / 127.0.0.1:9050 forward-socks5t / 127.0.0.1:9050 forwarded-connect-retries 0 accept-intercepted-requests 0 allow-cgi-request-crunching 0 split-large-forms 0 keep-alive-timeout 5 tolerate-pipelining 1 socket-timeout 300
I have tried editing the forward lines to include a trailing dot, and that does not work either.
Here, then, is my tor configuration file:
(HTTPTunnelPort has been added and does not affect the situation.)
SocksPort 9050 # Default: Bind to localhost:9050 for local connections. SocksPolicy accept 192.168.1.0/24 SocksPolicy accept 127.0.0.1 SocksPolicy reject * SocksBindAddress 127.0.0.1 SocksListenAddress 127.0.0.1 RunAsDaemon 1 OutboundBindAddress 192.168.1.3 HTTPTunnelPort 9050
From the Ubuntu machine, for a short period of time, I was able to use wget to reach api.ipify.org and request my IP, which was different from my usual IP, thus signifying that tor was indeed working, however I cannot reproduce this and I suspect that my request was not being routed through privoxy. (Though I do not have proof of this either.)
Here is my ufw rules list. Pardon the mess.
To Action From -- ------ ---- 192.168.1.3 3128/tcp ALLOW IN 192.168.1.0/24 3128/tcp ALLOW IN 192.168.1.0/24 192.168.1.0/24 67/udp ALLOW IN Anywhere 22/tcp ALLOW IN 192.168.1.0/24 53/udp ALLOW IN Anywhere 25/tcp ALLOW IN Anywhere 192.168.1.3 80/tcp ALLOW IN Anywhere 192.168.1.3 443/tcp ALLOW IN Anywhere 23728/udp ALLOW IN Anywhere 40036/udp ALLOW IN Anywhere 23728/tcp ALLOW IN Anywhere 40036/tcp ALLOW IN Anywhere 9050/tcp ALLOW IN 127.0.0.1 9050/tcp ALLOW IN Anywhere 53/udp (v6) ALLOW IN Anywhere (v6) 25/tcp (v6) ALLOW IN Anywhere (v6) 23728/udp (v6) ALLOW IN Anywhere (v6) 40036/udp (v6) ALLOW IN Anywhere (v6) 23728/tcp (v6) ALLOW IN Anywhere (v6) 40036/tcp (v6) ALLOW IN Anywhere (v6) 9050/tcp (v6) ALLOW IN Anywhere (v6) 192.168.1.3 8118/tcp ALLOW OUT 192.168.1.3 3128/tcp 53/udp ALLOW OUT Anywhere 80/tcp ALLOW OUT Anywhere 443/tcp ALLOW OUT Anywhere 25/tcp ALLOW OUT Anywhere 40036/udp ALLOW OUT Anywhere 23728/udp ALLOW OUT Anywhere 23728/tcp ALLOW OUT Anywhere 40036/tcp ALLOW OUT Anywhere 123/udp ALLOW OUT Anywhere 192.168.1.3 9050/tcp ALLOW OUT 192.168.1.3 8118/tcp 9050/tcp ALLOW OUT Anywhere 53/udp (v6) ALLOW OUT Anywhere (v6) 80/tcp (v6) ALLOW OUT Anywhere (v6) 443/tcp (v6) ALLOW OUT Anywhere (v6) 25/tcp (v6) ALLOW OUT Anywhere (v6) 40036/udp (v6) ALLOW OUT Anywhere (v6) 23728/udp (v6) ALLOW OUT Anywhere (v6) 23728/tcp (v6) ALLOW OUT Anywhere (v6) 40036/tcp (v6) ALLOW OUT Anywhere (v6) 123/udp (v6) ALLOW OUT Anywhere (v6) 9050/tcp (v6) ALLOW OUT Anywhere (v6)
Can anybody tell me where I went wrong with my setup, aside from redundant firewall rules?
There is a mistake in your privoxy config:
forward-socks4a / 127.0.0.1:9050 foward-socks4 / 127.0.0.1:9050 forward-sock5 / 127.0.0.1:9050 forward-socks5t / 127.0.0.1:9050
For using Tor, only
forward-socks5t should be used. The comments in the configuration file also told you this, but you seem to have deleted them. Delete the other three lines.
You should also only use https://check.torproject.org/ to check whether you are using Tor.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.