brainfucksec / kalitorify

Transparent proxy through Tor for Kali Linux OS
GNU General Public License v3.0
1.04k stars 225 forks source link

Stuck at "setup new iptables rules" after "kalitorify -t" on Raspberry Pi 3 #25

Closed rockkao2001 closed 5 years ago

rockkao2001 commented 5 years ago

Hello, I'm unable to use kalitorify as it stuck at "setup new iptables rules" forever:

==> Check default settings

==> Starting Transparent Proxy

:: Configure system's DNS resolver to use Tor's DNSPort '/etc/resolv.conf' -> '/opt/kalitorify/backups/resolv.conf.backup'

:: Disable IPv6 with sysctl net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1

:: Start Tor service [ ok ] Tor service started

:: Setup new iptables rules

I did checked syslog and found out that my date is incorrect. After setting up NTP, it's still not working, so I started to find solutions on the Internet.

Disabling IPv6, no use. IPtable issue with instructions shown in following link, no use: https://forums.kali.org/showthread.php?43649-Solving-iptables-issue-on-Kali-Linux-2019-1-ARM-32-bit-image-(kalitorify-kali-anonsurf)

In syslog, I only see Aug 28 02:46:43 Korn Tor[22911]: Interrupt: exiting cleanly. Aug 28 02:46:43 Korn systemd[1]: Stopping Anonymizing overlay network for TCP... Aug 28 02:46:43 Korn systemd[1]: tor.service: Succeeded. Aug 28 02:46:43 Korn systemd[1]: Stopped Anonymizing overlay network for TCP (multi-instance-master). Aug 28 02:46:43 Korn systemd[1]: tor@default.service: Succeeded. Aug 28 02:46:43 Korn systemd[1]: Stopped Anonymizing overlay network for TCP. Aug 28 02:46:46 Korn systemd[1]: Starting Anonymizing overlay network for TCP... Aug 28 02:46:46 Korn systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)... Aug 28 02:46:46 Korn systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master). Aug 28 02:46:46 Korn tor[22359]: Aug 28 10:46:46.895 [notice] Tor 0.4.0.5 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1c, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.8. Aug 28 02:46:46 Korn tor[22359]: Aug 28 10:46:46.895 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Aug 28 02:46:46 Korn tor[22359]: Aug 28 10:46:46.895 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Aug 28 02:46:46 Korn tor[22359]: Aug 28 10:46:46.895 [notice] Read configuration file "/etc/tor/torrc". Aug 28 02:46:46 Korn tor[22359]: Configuration was valid Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.114 [notice] Tor 0.4.0.5 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1c, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.8. Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.114 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.115 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.115 [notice] Read configuration file "/etc/tor/torrc". Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.137 [notice] Opening Socks listener on 127.0.0.1:9050 Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.138 [notice] Opened Socks listener on 127.0.0.1:9050 Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.138 [notice] Opening DNS listener on 127.0.0.1:5353 Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.138 [notice] Opened DNS listener on 127.0.0.1:5353 Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.138 [notice] Opening Transparent pf/netfilter listener on 127.0.0.1:9040 Aug 28 02:46:47 Korn tor[22369]: Aug 28 10:46:47.138 [notice] Opened Transparent pf/netfilter listener on 127.0.0.1:9040 Aug 28 02:46:47 Korn Tor[22369]: Tor 0.4.0.5 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1c, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.8. Aug 28 02:46:47 Korn Tor[22369]: Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Aug 28 02:46:47 Korn Tor[22369]: Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Aug 28 02:46:47 Korn Tor[22369]: Read configuration file "/etc/tor/torrc". Aug 28 02:46:47 Korn Tor[22369]: Opening Socks listener on 127.0.0.1:9050 Aug 28 02:46:47 Korn Tor[22369]: Opened Socks listener on 127.0.0.1:9050 Aug 28 02:46:47 Korn Tor[22369]: Opening DNS listener on 127.0.0.1:5353 Aug 28 02:46:47 Korn Tor[22369]: Opened DNS listener on 127.0.0.1:5353 Aug 28 02:46:47 Korn Tor[22369]: Opening Transparent pf/netfilter listener on 127.0.0.1:9040 Aug 28 02:46:47 Korn Tor[22369]: Opened Transparent pf/netfilter listener on 127.0.0.1:9040 Aug 28 02:46:47 Korn Tor[22369]: Parsing GEOIP IPv4 file /usr/share/tor/geoip. Aug 28 02:46:48 Korn Tor[22369]: Parsing GEOIP IPv6 file /usr/share/tor/geoip6. Aug 28 02:46:49 Korn Tor[22369]: Bootstrapped 0% (starting): Starting Aug 28 02:46:51 Korn Tor[22369]: Starting with guard context "default" Aug 28 02:46:51 Korn Tor[22369]: Signaled readiness to systemd Aug 28 02:46:51 Korn systemd[1]: Started Anonymizing overlay network for TCP. Aug 28 02:46:51 Korn Tor[22369]: Bootstrapped 5% (conn): Connecting to a relay Aug 28 02:46:51 Korn Tor[22369]: Opening Control listener on /run/tor/control Aug 28 02:46:51 Korn Tor[22369]: Opened Control listener on /run/tor/control Aug 28 02:46:51 Korn Tor[22369]: Bootstrapped 10% (conn_done): Connected to a relay Aug 28 02:46:52 Korn Tor[22369]: Bootstrapped 14% (handshake): Handshaking with a relay Aug 28 02:46:52 Korn Tor[22369]: Bootstrapped 15% (handshake_done): Handshake with a relay done Aug 28 02:46:52 Korn Tor[22369]: Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits Aug 28 02:46:52 Korn Tor[22369]: Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits Aug 28 02:46:52 Korn Tor[22369]: Bootstrapped 95% (circuit_create): Establishing a Tor circuit Aug 28 02:46:53 Korn Tor[22369]: Bootstrapped 100% (done): Done

Is there anything I've done wrong?

brainfucksec commented 5 years ago

Hi @rockkao2001. From the system logs it seems that tor and the iptables with their settings have started correctly, if I'm not wrong this line indicates the correct start of the iptables:

Aug 28 02:46:47 Korn Tor[22369]: Opened Transparent pf/netfilter listener on 127.0.0.1:9040

But for some reason kalitorify does not display all messages, from the logs I read 'Korn', do you use the korn shell?

rockkao2001 commented 5 years ago

Hello,

Thanks for the response. Korn is my hostname, I'm using Kali Linux on Raspberry Pi3, sorry that I didn't mention this is the beginning.

Is it normal that kalitorify -t stuck at Setup new iptables rules for minutes? (almost an hour)

Thanks again.

brainfucksec commented 5 years ago

True, the hostname is written in the syslog output immediately after the date, my bad :( However, kalitorify sets everything up in seconds, so this behavior is not normal, The error is due to the fact that the program is running on Raspberry Pi 3 (as you've already seen), check if you've done everything right, in these links there are instructions on how to correctly set the iptables on this device:

I hope they can help you @rockkao2001.

brainfucksec commented 5 years ago

Since it’s been more than one month, I hope things are working well for you now. I’ll close the issue until we can confirm it’s still happening. I’m happy to continue further discussion whenever needed.

FireLife1 commented 2 years ago

???