Tor Package?



  • This has been asked, but it's been awhile.  I'm comparing PFSense to other solutions such as IPFire.  IPFire has a package for the Tor client/relay.  I really want to leverage a tor client outside my existing setup.  Basically, leave my existing firewall and setup in place, but harden my footprint by placing another firewall between my existing firewall and ISP.  At the moment, I'm leaning more toward PFSense because I can make it a transparent bridge/firewall (IPFire requires that it be setup with NAT) and security (IPFire is built on linux using bash - though the bash major flaw has been fixed, it has shown that linux isn't as secure as freebsd).





  • @pjman:

    This has been asked, but it's been awhile.  I'm comparing PFSense to other solutions such as IPFire.  IPFire has a package for the Tor client/relay.  I really want to leverage a tor client outside my existing setup.  Basically, leave my existing firewall and setup in place, but harden my footprint by placing another firewall between my existing firewall and ISP.  At the moment, I'm leaning more toward PFSense because I can make it a transparent bridge/firewall (IPFire requires that it be setup with NAT) and security (IPFire is built on linux using bash - though the bash major flaw has been fixed, it has shown that linux isn't as secure as freebsd).

    Just read reply #1. Good luck with getting a good answer from someone who really knows for sure. I put your odds at about 25%. I installed PFSense as a newbie and asked for some advice about PFBlockerNG a few days ago. It brought out a nut who started a flame war that brought others in. They just assumed I was at fault and patronized me from then on. Nobody had any interest in the original question.

    FWIW, I don't think PFSense supports a tor feature. Google it for more info. Also, FWIW, I think that PFSense, Sophos, and Untangle are the big 3 in this area. Sophos is complicated but extremely powerful, and has an even worse forum element than my above mentioned nut. I couldn't figure it out well enough to give it a try. Untangle has its best  features at high extra cost. Free untangle uses the same underlying add ons as PFSense, only you really have to look closely to see it.

    Good luck.


  • Banned

    E.g.: http://skear.hubpages.com/hub/How-to-Set-Up-a-Tor-Proxy-Server-on-pfSense

    Note: I did not test this. Also, needs some tweaks for 2.2, like,

    @jim1000. STFU. Noone's interested in your OT incessant whining.  >:(



  • @doktornotor:

    @jim1000. STFU. Noone's interested in your OT incessant whining.  >:(

    In a few weeks, I'll know a lot about PFSense and the packages I am most interested in. I'll be using it to protect my property while safely communicating with the world. I will have no reason to try to eek out a few snippets of info from experienced users. By that time I will know more than the few factoids you likely possess. I'll be on with my life and you'll still be a relatively useless internet troll that nobody cares about. You have the power to annoy. That's about it. What's unfortunate is how you make everyone else here look like losers, too, while you sucker them into to your flame wars.

    Personally, if I were the moderator, I would suspend you for a week for your nut-like hate rants. As I said, you are making the others here look like idiots by association. I know from reading posts that there are some smart people here. Unfortunately, they  appear to offer goofballs like you more consideration than you deserve.

    By reference, tolerating people like you damages the entire PFSense brand by making it look like hacker kludge instead of the amazing and fine product it really is.


  • Banned

    @jim1000:

    OT whining snipped

    Dude, stop hijacking other people's threads with your personal shit. You contribute nothing to the topic.



  • @doktornotor:

    @jim1000:

    OT whining snipped

    Dude, stop hijacking other people's threads with your personal shit. You contribute nothing to the topic.

    Nor do you.



  • Thank you all for your input.  If I don't hear back from someone who's already done this, I'll just move forward on attempting to do it with the pkg install.  I may need to look and read up on if it can be done in a jail which would be most preferred method.



  • Make a VM for FreeBSD(use the same version that your copy of pfSense was built from), D/L Tor source, compile Tor into a BSD package, copy package over to your pfSense setup, run the package install on the tor package you built, the goto /etc/tor/torrc and set your tor prefs.

    I recommend doing the same for Tor arm, and just running arm directly on the pfSense box after sshing in, not via the cookie option or presetting credentials.


Log in to reply