## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC ## See the file COPYING for copying conditions. ## Please use "/etc/anon-ws-disable-stacked-tor.d/50_user.conf" for your custom ## configuration, which will override the defaults found here. ## When anon-ws-disable-stacked-tor is updated, this file may be overwritten ## Do not try to execute this file. Files in folder /etc/anon-ws-disable-stacked-tor.d ## are `source`d in lexical order by the anon-ws-disable-stacked-tor package. ## bash fragment ################################ # systemd-unit-files-generator # ################################ ## /usr/libexec/anon-ws-disable-stacked-tor/systemd-unit-files-generator parses this. ## Usage: ## 1) Create and extend config file /etc/anon-ws-disable-stacked-tor.d/50_user.conf ## 2) Run: ## sudo /usr/libexec/anon-ws-disable-stacked-tor/systemd-unit-files-generator ## /usr/libexec/anon-ws-disable-stacked-tor/systemd-unit-files-generator contains ## built-in defaults for file_port_tuples. ## Redirect Whonix-Workstation port 9050 to Whonix-Gateway port 9050 and so forth. #file_port_tuples+=" port#9050:9050 " ## system Tor default SocksPort #file_port_tuples+=" port#9150:9151 " ## Tor Browser Bundle default SocksPort ## Create a unix domain socket files such as ## /run/anon-ws-disable-stacked-tor/127.0.0.1_9050.sock and forward those ## to $GATEWAY_IP:9150 etc. See also: ## https://phabricator.whonix.org/T192 #file_port_tuples+=" /run/anon-ws-disable-stacked-tor/127.0.0.1_9050.sock#9050 " #file_port_tuples+=" /run/anon-ws-disable-stacked-tor/127.0.0.1_9150.sock#9150 " ## system Tor default SocksSocket is /run/tor/socks ## redirect Whonix-Workstation unix domain socket file /run/tor/socks to Whonix-Gateway port 9050 #file_port_tuples+=" /run/tor/socks#9050 " ## These examples are already enabled by default in ## /usr/libexec/anon-ws-disable-stacked-tor/systemd-unit-files-generator. ## See /usr/libexec/anon-ws-disable-stacked-tor/systemd-unit-files-generator for ## further built-in defaults and examples. ###################### # socat-unix-sockets # ###################### ## /usr/libexec/anon-ws-disable-stacked-tor/socat-unix-sockets parses this. ## Start and stop is up to the anon-ws-disable-stacked-tor systemd service. ## GATEWAY_IP: No need to set GATEWAY_IP. (Gets set by calling script ## /usr/libexec/anon-ws-disable-stacked-tor/socat-unix-sockets.) ## IP HARDCODED. Set GATEWAY_IP through a drop-in configuration snippet in /etc/anon-ws-disable-stacked-tor.d configuration folder instead. #GATEWAY_IP="10.152.152.10" #GATEWAY_IP6="[fd19:c33d:88bc::10]" ## Usage: ## sudo service anon-ws-disable-stacked-tor stop ## sudo service anon-ws-disable-stacked-tor start ## sudo service anon-ws-disable-stacked-tor restart ## sudo service anon-ws-disable-stacked-tor status #[ -n "$pre_command" ] || pre_command="" #$pre_command socat TCP-LISTEN:9998,fork,bind=127.0.0.1 TCP:$GATEWAY_IP:9998 & #$pre_command socat -t100 UNIX-LISTEN:/run/folder-name/127.0.0.1_9999.sock,mode=777,reuseaddr,fork TCP:127.0.0.1:9999 & ######### ## Test # ######### ## To test /run/tor/socks, you could use: ## sudo --non-interactive -u debian-tor socat - UNIX-CONNECT:/run/tor/socks ## Then type: ## GET ## ## The expected reply includes 'Tor is not an HTTP Proxy'. ## To test /run/tor/control, you could use: ## sudo --non-interactive -u debian-tor socat - UNIX-CONNECT:/run/tor/control ## Then type: ## SIGNAL NEWNYM ## ## 250 OK #### meta start #### project Whonix #### category networking #### workstation_only yes #### description ## systemd-unit-files-generator and socat-unix-sockets configuration examples. #### meta end