Starting from Tor 0.3.2 you can use it directly as HTTPS tunneling proxy. When finished, run Tor and check tor.log for errors.
#Telegram tor proxy manuals
I strongly recommend to read the Tor manuals carefully before this.īridges can be get from here or via e-mail in most hardest case. Leaving the bridges configuration of your choice. I recommend using a configuration with obfuscated bridges (obfs3/4), the most difficult for DPI blocking. Note: Pay attention, Tor should run from unprivileged user due to security reasons. # can access your SocksPort may be able to learn about the connections # all (and only) requests that reach a SocksPort. # Entry policies to allow/deny SOCKS requests based on IP address. Note: We are required to use Privoxy as intermediate proxy, because of Tor is SOCKS, not HTTP proxy, and cannot be directly chained with Squid.ĭownload Tor from here, unpack and build:Ĭonfigure -with-tor-user=tor -with-tor-group=tor -prefix=/usr/local 'CXXFLAGS=-O3 -m32 -mtune=native -pipe' 'CFLAGS=-O3 -m32 -mtune=native -pipe' -disable-asciidoc -with-libevent-dir=/usr/localĬonfigure -with-tor-user=tor -with-tor-group=tor -prefix=/usr/local 'CXXFLAGS=-O3 -m64 -mtune=native -pipe' 'CFLAGS=-O3 -m64 -mtune=native -pipe' -disable-asciidoc -with-libevent-dir=/usr/local This configuration can also be used with Squid-4. After some experiments, correct configuration has been created, which is more than two years of successfully operating in a productive server with Squid-3.5. However, original configuration was excessive in some places, and it has a serious drawback - it worked incorrectly with HTTPS traffic. The idea of this configuration firstly was described in 2011 here. Remember that you are taking full responsibility by doing this. This configuration useful in case ISP blocks some resources which is required to your users.īeware, this configuration may be illegal in some countries. This configuration passes selected by ACL HTTP/HTTPS traffic (both port 80 and 443) into cascaded Privoxy and, then, into Tor tunnel.