What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

TOR *only on specific* Guest SSID

spalife

Regular Contributor
Hello,

I am on RT-N66U.

I looked at the TOR configuration in the administration page and it currently
allows TOR traffic for the ENTIRE LAN or for a specific MAC (which works well).

I want to create a specific TOR only Guest SSID on 2.4 Ghz (w10.2) and other SSID's existing will be non TOR.

When users want to browse anonymously they can connect to the Guest 2 SSID
for anynymous browsing and switch back to the other SSID's for normal activities.

Is there anyway I can achieve this ? i.e., through routing ?


Regards
 
thanks for the update.

I am planning to use TOR feature available in Merlin for sporadic anonymous non critical/non transactional web browsing.

I usually turn the feature ON when needed and turn OFF after use for a specific period of time usually less than an hr of use and visit only sites of specific interest to me taking precautions, so that i don't get lost anonymously.
 
If you really want to try, can read the thread on selective vpn routing only for a guest ssid. The required amount of work will be roughly similar.
 
The below rules gets added when TOR is turned on for a specific MAC address

-A PREROUTING -i br0 -p udp --dport 53 -m mac --mac-source XX:XX:XX:XX:XX:XX -j REDIRECT --to-ports 9053

-A PREROUTING -i br0 -p tcp --syn ! -d 192.168.1.0/24 -m mac --mac-source XX:XX:XX:XX:XX:XX --match multiport --dports 80,443 -j REDIRECT --to-ports 9040

-----contemplating below changes-----
Since I am noob when it comes to iptable rules,
would appreciate feedback whether the below rules....a slight change to above rules would work?

iptables -t nat -A PREROUTING -i wl0.2 -p udp --dport 53 -j REDIRECT --to-ports 9053

iptables -t nat -A PREROUTING -i wl0.2 -p tcp --match multiport --dports 80,443 -j REDIRECT --to-ports 9040


NOTE:
Assume that TOR is turned on for a specific MAC still through the GUI
 
thanks kvic.

I did go through
https://github.com/RMerl/asuswrt-me...or-VPN-and-SSID-for-Regular-ISP-using-OpenVPN

It has lot of activity for creation of a SSID through scripts and for a tunnel.

I am planning to create a specific Guest SSID and want to route all the traffic from that SSID to the TOR running ports 9050 / 9040 / 9053.

I might have to as you suggested, take few snippets from the HOW-TO and iptable rules when TOR is enabled.

((head-scratching)) ;-)
 
This thread also contains useful material.
http://www.snbforums.com/threads/selective-routing-with-asuswrt-merlin.9311/

The discussion is inspirational. Towards the end of the thread, someone suggested a less patchy way. I couldn't recall if anyone on the thread got a functional setup without a glitch.

I tried it last year. Got it to work. My setup didn't have any glitches. But still the user experience is not so good actually. It ended up collecting dust on my AC56U.

The process of getting it to work is fun. Good luck on your adventure :)
 
Similar threads
Thread starter Title Forum Replies Date
G Where is my Guest Network UI tab? Facebook??? ASUS N Routers & Adapters 4

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Back
Top