I need iTerm2 on Mac to connect with Tor.
I try set up dedicated OS network location: https://kremalicious.com/simple-tor-setup-on-mac-os-x this works for non-Tor browser
but when I check on iTerm with:
curl -k https://check.torproject.org
it says I not using Tor.
I also follow Configuring iTerm and Git to use a proxy on OS X and set:
export http_proxy=localhost:9050
but still not work.
Any can help? Thanking you
first check if the proxy is running:
netstat -tln
if not enable it in the torrc
find . | grep torrc
add:
SocksPort 9050
restart tor
also make sure your tools are able to use a SOCKS proxy (SOCKS≠HTTP)
Thanks for reply. I’m not familiar with all process so I search around and have more question:
first check if the proxy is running:
`netstat -tln`
Not sure what to search for. I check this guide and search for the numbers 9050, 9150 and 9151 in netstat output but still am not confident what to look for because netstat output has lots of rows. How do I know Tor proxy is running?
make sure your tools are able to use a SOCKS proxy
1 - When you say tool, you mean the terminal tool I am using, e.g. Curl?
2 - I’m not sure how to check. Some tools maybe have information about SOCKS support, but others do not. What can I do to check a specific tool and connection has Tor protection?
Thank you
netstat -tln | grep 9050
should produce something like that:
tcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN
for a recent curl version it should be:
curl --socks5-hostname localhost:9050 https://check.torproject.org/
you have to check every tool for the ability to use a socks proxy…
e.g.
man curl
Thank again for you help. A couple more clarifications.
1 - I am running Tor browser and I am not seeing anything from netstat -tln | grep 9050 like:
tcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN
Same is true when I run Tor in iterm tab Strange.
What is full list of possible netstat rows that I need to check to find if Tor is running? Could this be a different problem?
2 - curl is well documented but not all command tools have good documentation. Is possible to check another way if socks is supported by a particular tool even if there is not infomation about it in documentation?
with Tor Browser you need to use port 9150:
curl --socks5-hostname localhost:9150 https://check.torproject.org/
maybe you should not rely on non-documented software, when you expect to get privacy features
So there is no way to force all or particular traffic thru Tor?
Thank you again!
There are multiple ways to setup something like that - see this discussion:
There is.
The long and short is apple has a number of safeties build in to filter malicious traffic or software that attempts to redirect connections to legitimate servers for example.
Some commands in terminal are system protected from being tcp wrapped.
It took me a while to figure this out.
Use Mac ports to install the gnu curl and such, and then add the bin directory mac ports uses to your shell profile, and add it to the front of the list in /etc/paths.d, restart your Mac for system changes to take effect. You may need to disable sip for this last part, or chmod 755 to edit the file, but root should be able to do it if all else fails. Which can be enabled in the apple drop down when the directory utility app is open.
The system built curl, wget, etc that reside in protected directories will refuse wrapping. It doesn’t matter what you do. Believe me. I’ve tried. You must use tools you compile yourself, or macports/brew has a clone for. They must be in the system path to be checked first to ensure the command called by shell is in a directory not under the umbrella of SIP.