Block traffic to/from known tor nodes



  • Hi,

    I have good experience with pfsense, but lately having trouble with the following.

    I am trying to block traffic from the tor browser with a firewall rule. I have very similar rules that do work.
    The rule matches destination ip addresses with a url table (from https://www.dan.me.uk/torlist/) alias. If there's a match, any traffic should be blocked. For some reason the rule doesn't work or I misinterpret the rule.
    I verified:

    • in the Tor brwoser that I have a connection to a supposedly blocked ip (i.e. 85.10.201.47)

    • with netstat that there is a connection to this ip

    • that the ip is in the alias list

    Any ideas what is wrong here?
    Thx





  • You are trying to block clients from using Tor? If so, it's not really possible because a client can always use a Tor Bridge to access the Tor network. The list of bridges is unpublished. https://www.torproject.org/docs/bridges

    If you're trying to block Tor Exit Nodes from accessing you, you can kinda do that since that list is published.

    Blocking Tor access is not easily accomplished, especially with simple, layer-3 firewall rules.

    I dunno why your rule isn't working… it should. Try resetting the states table. Like I said though, even if the firewall rule does work as expected, you still aren't stopping Tor access via Bridges.



  • Thanks Nullity,

    Reloading the states table did do the trick.
    Will read your links about bridges and Tor.