DragonFly On-Line Manual Pages
TORSOCKS(8) TORSOCKS(8)
NAME
torsocks -- Library for intercepting outgoing network connections and
redirecting them through the Tor SOCKS proxy.
DESCRIPTION
Torsocks library overloads the libc symbols use for Internet
communication such as connect(2) system call. Using that technique, the
library sends everything through the Tor network including DNS
resolution done by the application.
For DNS, gethostbyname(3) family functions are rerouted through Tor.
Please note that the ISC res_* API is currently not supported.
Here is an example on how to use torsocks library with ssh(1):
$ LD_PRELOAD=/path/to/libtorsocks.so ssh -l kalexander -p 1234
prism.nsa.gov [...]
SHELL USAGE
Set LD_PRELOAD to load the library then use applications as normal. The
syntax to force preload of the library for different shells is
specified below:
Bash, Ksh and Bourne shell:
$ export LD_PRELOAD=/path/to/libtorsocks.so
C Shell:
$ setenv LD_PRELOAD=/path/to/libtorsocks.so
This process can be automated (for Bash, Bourne and Korn shell users)
for a single command or for all commands in a shell session by using
the torsocks(1) script.
You can also setup torsocks(1) in such a way that all processes
automatically use it, a very useful configuration. Please refer to the
torsocks script documentation for more information.
ENVIRONMENT VARIABLES
TORSOCKS_CONF_FILE
This environment variable overrides the default location of the
torsocks configuration file. This variable is not honored if the
program torsocks is embedded in is setuid.
TORSOCKS_LOG_LEVEL
Enable logging level of torsocks library. By default, warnings
and errors are printed (level 3). Note that each level includes
the lower ones except the 1 which disables any possible logging.
(default: 3)
1 No log at all.
2 Error messages.
3 Warning messages.
4 Notice messages.
5 Debug messages.
TORSOCKS_LOG_TIME
Control whether or not the time is added to each logging line.
(default: 1)
TORSOCKS_LOG_FILE_PATH
If set, torsocks will log in the file set by this variable.
(default: stderr)
TORSOCKS_USERNAME
Set the username for the SOCKS5 authentication method. Password
MUST be set also with the variable below.
TORSOCKS_PASSWORD
Set the password for the SOCKS5 authentication method. Username
MUST be set also with the variable above.
TORSOCKS_ALLOW_INBOUND
Allow inbound connections so the application can accept and
listen for connections.
TORSOCKS_ISOLATE_PID
Set the username and password for the SOCKS5 authentication
method to a PID/current time based value automatically. Username
and Password MUST NOT be set.
KNOWN ISSUES
DNS
Torsocks is not able to send DNS queries through Tor since UDP is not
supported. Thus, any UDP socket is denied. However, DNS queries that
can be intercept are sent to Tor and sent back to the caller.
ERRORS
Torsocks might generate error messages and print them to stderr when
there are problems with the configuration file or the SOCKS negotiation
with the Tor daemon. The TORSOCKS_LOG_LEVEL environment variable
controls that behavior as well as the log file option. Keep in mind
that this library can output on the stderr of the application.
LIMITATIONS
Outgoing TCP connections can only be proxified through the Tor network.
Torsocks forces the libc resolver to use TCP for name queries, if it
does this it does it regardless of whether or not the DNS to be queried
is local or not. This introduces overhead and should only be used when
needed.
Torsocks uses ELF dynamic loader features to intercept dynamic function
calls from programs in which it is embedded. As a result, non-ELF
executables, or executables that make system calls directly with the
system call trap (int 0x80).
FILES
/etc/tor/torsocks.conf - default torsocks configuration file
SEE ALSO
torsocks.conf(5), torsocks(1)
AUTHOR
David Goulet <dgoulet@ev0ke.net>
August 24th, 2013 TORSOCKS(8)