1TORSOCKS(8) TORSOCKS(8)
2
3
4
6 torsocks — Library for intercepting outgoing network connections and
7 redirecting them through the Tor SOCKS proxy.
8
9
11 Torsocks library overloads the libc symbols use for Internet communica‐
12 tion such as connect(2) system call. Using that technique, the library
13 sends everything through the Tor network including DNS resolution done
14 by the application.
15
16 For DNS, gethostbyname(3) family functions are rerouted through Tor.
17 Please note that the ISC res_* API is currently not supported.
18
19 Here is an example on how to use torsocks library with ssh(1):
20
21 $ LD_PRELOAD=/path/to/libtorsocks.so ssh -l kalexander -p 1234
22 prism.nsa.gov [...]
23
24
26 Set LD_PRELOAD to load the library then use applications as normal. The
27 syntax to force preload of the library for different shells is speci‐
28 fied below:
29
30 Bash, Ksh and Bourne shell:
31
32 $ export LD_PRELOAD=/path/to/libtorsocks.so
33
34 C Shell:
35
36 $ setenv LD_PRELOAD=/path/to/libtorsocks.so
37
38 This process can be automated (for Bash, Bourne and Korn shell users)
39 for a single command or for all commands in a shell session by using
40 the torsocks(1) script.
41
42 You can also setup torsocks(1) in such a way that all processes auto‐
43 matically use it, a very useful configuration. Please refer to the tor‐
44 socks script documentation for more information.
45
46
48 TORSOCKS_CONF_FILE
49 This environment variable overrides the default location of the
50 torsocks configuration file. This variable is not honored if the
51 program torsocks is embedded in is setuid.
52
53
54 TORSOCKS_LOG_LEVEL
55 Enable logging level of torsocks library. By default, warnings
56 and errors are printed (level 3). Note that each level includes
57 the lower ones except the 1 which disables any possible logging.
58 (default: 3)
59
60
61 1 No log at all.
62 2 Error messages.
63 3 Warning messages.
64 4 Notice messages.
65 5 Debug messages.
66
67
68 TORSOCKS_LOG_TIME
69 Control whether or not the time is added to each logging line.
70 (default: 1)
71
72
73 TORSOCKS_LOG_FILE_PATH
74 If set, torsocks will log in the file set by this variable.
75 (default: stderr)
76
77
78 TORSOCKS_USERNAME
79 Set the username for the SOCKS5 authentication method. Password
80 MUST be set also with the variable below.
81
82
83 TORSOCKS_PASSWORD
84 Set the password for the SOCKS5 authentication method. Username
85 MUST be set also with the variable above.
86
87
88 TORSOCKS_TOR_ADDRESS
89 Set the Tor address. (default: 127.0.0.1)
90
91
92 TORSOCKS_TOR_PORT
93 Set the Tor port. (default: 9050)
94
95
96 TORSOCKS_ALLOW_INBOUND
97 Allow inbound connections so the application can accept and lis‐
98 ten for connections.
99
100
101 TORSOCKS_ISOLATE_PID
102 Set the username and password for the SOCKS5 authentication
103 method to a PID/current time based value automatically. Username
104 and Password MUST NOT be set.
105
106
108 DNS
109 Torsocks is not able to send DNS queries through Tor since UDP is not
110 supported. Thus, any UDP socket is denied. However, DNS queries that
111 can be intercept are sent to Tor and sent back to the caller.
112
113 ERRORS
114 Torsocks might generate error messages and print them to stderr when
115 there are problems with the configuration file or the SOCKS negotiation
116 with the Tor daemon. The TORSOCKS_LOG_LEVEL environment variable con‐
117 trols that behavior as well as the log file option. Keep in mind that
118 this library can output on the stderr of the application.
119
120
122 Outgoing TCP connections can only be proxified through the Tor network.
123
124 Torsocks forces the libc resolver to use TCP for name queries, if it
125 does this it does it regardless of whether or not the DNS to be queried
126 is local or not. This introduces overhead and should only be used when
127 needed.
128
129 Torsocks uses ELF dynamic loader features to intercept dynamic function
130 calls from programs in which it is embedded. As a result, non-ELF exe‐
131 cutables, or executables that make system calls directly with the sys‐
132 tem call trap (int 0x80) are not supported.
133
134
136 /etc/tor/torsocks.conf - default torsocks configuration file
137
138
140 torsocks.conf(5), torsocks(1)
141
142
144 David Goulet <dgoulet@ev0ke.net>
145
146
147
148 August 24th, 2013 TORSOCKS(8)