Close
0%
0%

Raspberry Tor Router

Connect your unsecured wireless stuff to the internet in a secure and anonymous way

Similar projects worth following
Turn a Raspberry Pi into a wireless AP that routes all your traffic through the Tor.

The full instructions and files are finally written and available! I apologize for this taking so long!

The instructions, as is, work for Raspbian Wheezy, Jessie, and Jessie Lite on any Pi B, B+, or Pi 2.

As of Jessie, Raspbian uses systemd, which makes many of these settings easier to do by hand than messing with IPtables. Since systemd is the new standard that most Linux distros are using, I will be rewriting these scripts to take advantage of this fact. Again, the current instructions still work just fine.

I will also explore why the specific version of Hostapd is necessary and why the default version will not work. I will update as I do each of these things I mentioned above.

Thanks for following!

Thomas

tor.sh

This script routes your WiFi access point through the Tor network. Run pifi.sh BEFORE this script

x-shellscript - 3.45 kB - 01/22/2016 at 20:07

Download

pifi.sh

This script turns your Pi into a WiFi access point

x-shellscript - 6.27 kB - 01/22/2016 at 20:07

Download

  • 1 × Raspberry Pi Model B, B+, or Pi 2 B Any model of B (256mb or 512mb) is fine, as is the B+ and Pi 2 B. The Model A and A+ wont work because you need either 2 USB ports or just one and an Ethernet port. Only the B models have these
  • 1 × Wifi Dongle *IMPORTANT* This requires a specific chipset to be an AP. A second normal one can be used in a completely wireless system. I will explain in the instructions
  • 1 × Raspberry Pi Case Any case will do just fine. Nothing is over clocked, so heat shouldnt be an issue
  • 1 × 4gb or larger SD card The B uses full size SD cards, the B+ and Pi 2 use microSD. Make sure you get the right kind for yours
  • 1 × Battery Pack - optional Only necessary if you are going completely wireless

View all 6 components

  • Updates

    Thomas01/22/2016 at 21:44 0 comments

    Now that I FINALLY finished writing this tutorial, I am going to explore the underlying settings and how they can be better adjusted for Rasbpian Jessie to take advantage of systemd.

    I also want to understand exactly how Hostapd works and why we need to use the specific version from Adafruit. I will update as I know more and when I update the scripts to quit using IPtables and use something more user intuitive.

  • Finished!

    Thomas01/22/2016 at 21:41 0 comments

    The Tutorial is FINALLY complete!

View all 2 project logs

  • 1
    Step 1

    Download the latest version of Raspbian. This tutorial also works with Raspbian Lite. You can find this at www.raspberrypi.org/downloads/raspbian/

    You could probably also use NOOBS and then install Raspbian from there, but that would be an extra step.

  • 2
    Step 2

    Do not insert your WiFi dongle into the Raspberry Pi yet. If you already connected it, cut the Pi off and take it back out. The required software wont install correctly with it already inserted.

  • 3
    Step 3

    Burn Raspbian to your SD card (this tutorial assumes you are familiar enough with a Raspberry Pi to do this. Follow the instructions at https://www.raspberrypi.org/documentation/installation/installing-images/README.md if you need help), boot the OS and run 'sudo raspi-config' from the command line or terminal.

    The default log-in info is username: pi and password: raspbian

    • First, hit Enter on 'Expand Filesystem'. This will allow Raspbian to use the entirety of your SD card. At the moment it is only using about 1.5gb, which is the size of the OS image you burned to the SD card.
    • Change the password to something more secure, or dont. It is your choice, but a recommended change.
    • Under 'Boot Options', change this to boot to 'Console' or 'Console Autologin'
    • Under 'Internationalisation Options', change your Locale, Timezone and keyboard layout to whatever is appropriate for where you live. Use the Space Bar to select or de-select different options and Enter to accept changes.
    • Under 'Advanced Options' you can change your Hostname to something else if you wish, or leave it alone.
    • Also under 'Advanced Options' you can go to 'Memory Split' and set the GPU memory to the lowest setting of 16. Since we wont be doing anything that involves graphics, 16mb is more than enough memory for our GPU. If you are using the full version of Raspbian (not the lite version) this may also cause issues for the desktop if you boot there rather than the command line.
    • Reboot for everything to take effect.

View all 10 instructions

Enjoy this project?

Share

Discussions

Thomas wrote 03/04/2016 at 17:06 point

It sounds like a lot of people are running into the same problem recently.  As of the day I finished writing these instructions, things were good. I am going to do this project from scratch on a Pi 2 and see if something has changed.  I will update anything necessary at that point.  Gimme a few days and hopefully we will have answers!

  Are you sure? yes | no

Thorsten Fröhlich wrote 02/27/2016 at 19:30 point

My wlan adapter is off after booting, no access point is available. Do you have any idea?

  Are you sure? yes | no

Thomas wrote 02/28/2016 at 04:57 point

What brand is your wlan adapter? Without knowing this, I would guess it is a driver issue, or possibly a power issue.  If it isnt getting enough power to cut the device on, you can add 'max_usb_current=1' in /boot/config.txt and reboot your pi.  Make sure your power supply can handle the extra power increase though

  Are you sure? yes | no

Pedro Abreu wrote 03/07/2016 at 23:29 point

Got the same driver problem I guess. in the hostapd file I've tried all the drivers I could think off and it doesn't recognize crap. Also it's not power as my Wifi dongle turns on. Which dongle did you use? Was it the one from Adafruit? Because the script works fine (and I'm using the Pi 2) it's just some driver crap. I'm using a TL-WN722N. Also, I've done the max_usb_current=1 thing.

  Are you sure? yes | no

Harpreet wrote 12/18/2015 at 04:56 point

It sounds good but I don't think he have ever created anything like that.

  Are you sure? yes | no

Thomas wrote 01/22/2016 at 18:11 point

What do you mean?

  Are you sure? yes | no

CMay wrote 12/03/2015 at 16:26 point

Any updates to this project?

  Are you sure? yes | no

Thomas wrote 12/03/2015 at 17:02 point

I am in the final stages of a book I was contracted to write.  It unfortunately has hard set deadlines that I have to meet and it leaves little time for what I had previously started on Hackaday.  My goal is to get ahead of schedule for the book and have most of it finished before the new year.  Finishing THIS tutorial will then become my next goal, especially with the attention it has recently received. Thanks for the patience!

  Are you sure? yes | no

Bruno Barreto Carvalho wrote 11/01/2015 at 19:41 point

if this project comes to life, isn't going to be extremely slow?

  Are you sure? yes | no

Thomas wrote 11/02/2015 at 14:35 point

I have already completed this project, and it actually works really well. It is just as fast as using the Tor bundle that keeps your browser traffic anonymous, but it does it for ALL your traffic.  You connect to it like any other wifi source, so those people who are less technically savvy (our parents, for example) can easily use it too.

It was a fun project and I will post the tutorial as soon as I can catch up on all my projects.  Some have hard deadlines so it takes away from the more fun stuff on here :(

  Are you sure? yes | no

Bruno Barreto Carvalho wrote 11/03/2015 at 01:55 point

really nice dude! but take your time XD i was thinking it would be slow for two reasons: tor connections are already slow, and raspberry doesn't have a lot of processing power. i'll keep an eye on this project. GJ!

  Are you sure? yes | no

Dylan Bleier wrote 04/15/2015 at 05:20 point

is this happening?  

also, other related projects should be:

- raspberry pi firewall that can block all direct traffic to a list of domains and ports (e.g. google, google analytics, akamai, amazon, facebook, etc...)

- router that monitors your coms in real time and tells you if your private data is being stolen, where it's being sent, and how.  this would be done by cross-checking for overlap between your standard coms that go through the router and a local stream of private data going just from the computer to the router.  that could be achieved by either running only unencrypted coms or running simulated encrypted coms in which you retain a separate, accessible set of the keys necessary for the router to decrypt a copy of your outgoing coms to run the overlap checker comparison against your local private data stream.

  Are you sure? yes | no

Thomas wrote 04/15/2015 at 23:52 point

Sorry, I started a new job right when I was posting these projects. Training is wrapping up and I should be able to finish the write ups.  I know you can set the router to filter ads, but I may check on the rest. It sounds interesting!

  Are you sure? yes | no

Similar Projects

Does this project spark your interest?

Become a member to follow this project and never miss any updates