Manualshelf

Datasheet

ManualsBrandsAudiovox ManualsHome AudioP965
41424344454647484950
Use Metarouter to Implement Tor Anonymity Software
39
These commands set up the necessary bridges and add interfaces to the natBridge. In this example, an RB433AH
with wifi card is being used. Three physical ports will be added to the natBridge (ether2, ether3 and wlan1). Ether1 is
the port for the internet connection.
Configure Wifi AP
/interface wireless set [find name="wlan1"] disabled=no \
mode=ap-bridge band=2.4ghz-b/g frequency=2412 ssid="Tor Anonymous Web"
This command configures wlan1 interface SSID, mode, band and channel. Settings such as wifi encryption may be
adjusted as desired.
Add IP addresses
/ip address add interface=ether1 address=192.168.3.254/24 disabled=no
/ip address add interface=natBridge address=10.11.1.1/24 disabled=no
/ip address add interface=torBridge address=10.192.168.1/30 disabled=no
Ether1 is the internet IP address. In this example, 192.168.3.0/24 network is being used.
Configure default route (if needed)
/ip route add dst-address=0.0.0.0/0 gateway=192.168.3.7
Configure DHCP server for natBridge
/ip pool add name="nat-DHCP" ranges="10.11.1.10-10.11.1.250"
/ip dhcp-server network add address=10.11.1.0/24 gateway=10.11.1.1 dns-server=10.192.168.2
/ip dhcp-server add interface="natBridge" lease-time="1:00:00" name="nat-DHCP-Server" \
address-pool="nat-DHCP" authoritative=yes disabled=no
Firewall NAT rules
/ip firewall nat
# only masquerade torBridge
add chain=srcnat action=masquerade src-address=10.192.168.0/30 disabled=no
# transparent proxy redirect
add chain=dstnat in-interface=natBridge protocol=tcp dst-port=80 \
action=redirect to-ports=8080 disabled=no
# DNS, privoxy and Tor socks forward rules for natBridge
add chain=dstnat in-interface=natBridge protocol=udp dst-port=53 \
action=dst-nat to-addresses=10.192.168.2 to-ports=53 disabled=no
add chain=dstnat in-interface=natBridge protocol=tcp dst-port=8118 \
action=dst-nat to-addresses=10.192.168.2 to-ports=8118 disabled=no
add chain=dstnat in-interface=natBridge protocol=tcp dst-port=9050 \
action=dst-nat to-addresses=10.192.168.2 to-ports=9050 disabled=no
# DNS, privoxy and Tor socks forward rules for ether1 (optional)
add chain=dstnat in-interface=ether1 protocol=udp dst-port=53 \
action=dst-nat to-addresses=10.192.168.2 to-ports=53 disabled=no