How to Set Up Tor on OpenWRT (GL.iNet Router): Step-by-Step Guide

By Jasper MonroeLinux Commands

Setting Up Tor on OpenWRT (GL.iNet Router)

This article provides a simple and accessible guide to configuring your router to bypass internet restrictions and browse anonymously using Tor. One of the main advantages of this method is that it requires no changes to your computer’s operating system—your entire internet traffic will be routed through the Tor network at the router level.

What You’ll Need

  • Any router running OpenWRT (make sure your router has enough memory to install the required packages).

OpenWRT is an embedded operating system based on the Linux kernel, primarily designed for home routers.

Instructions for installing OpenWRT on your specific router can be found on various specialized forums. This article does not cover the installation process, as it may differ depending on your router model.

Initial Setup

  1. After installing OpenWRT, connect your router to the internet (for example, you can use your OpenWRT router as a bridge).
  2. Once connected, access your router via SSH from your computer.

Connecting via SSH

  • On Windows: Use the PuTTY program. Download it, then enter your router’s IP address and SSH login (default is root).
  • On UNIX-like systems (Linux, macOS, BSD): Open a terminal and enter:
    ssh ssh_login@router_ip_address
    For example:
    ssh [email protected]

After entering the command, you’ll be prompted for the password you set in the router’s web panel. If successful, you should see a terminal prompt similar to:

router_openwrt_ssh_en_img1.jpg

Installing Tor

To make setup as quick as possible, we’ll use a script for automatic installation and configuration of Tor. Enter the following commands in your terminal, one by one:

opkg update
opkg install libustream-mbedtls
URL="https://openwrt.org/_export/code/docs/guide-user/services/tor"
cat << EOF > tor-client.sh
$(uclient-fetch -O - "${URL}/client?codeblock=0")
$(uclient-fetch -O - "${URL}/client?codeblock=1")
$(uclient-fetch -O - "${URL}/client?codeblock=2")
$(uclient-fetch -O - "${URL}/client?codeblock=3")
$(uclient-fetch -O - "${URL}/client?codeblock=4")
EOF
sh tor-client.sh

After running these commands, reboot your router. Now, all your internet traffic will be routed through the Tor network.

To check Tor logs, use:

logread -e Tor

That’s it—your router is now configured!

Additional Notes

  • This setup provides a great hardware solution for anonymizing your traffic and bypassing restrictions. However, remember that Tor is not a cure-all for anonymity. If you plan to do anything illegal, you should also install and configure obfs4proxy on your router.
  • To access websites that block Tor connections, configure your browser to use a SOCKS5 proxy.

All steps above were performed on an ASUS RT-N14U router running OpenWRT 19.07.

Tor Bridges Proxy – OpenWRT LuCI Module

I decided to move some services from Docker containers on my home server to the router itself, including Tor. However, there wasn’t a ready-made LuCI module with minimal functionality for this purpose in the repository. To address this, here’s an OpenWRT LuCI module for Tor with a SOCKS5 proxy server and support for bridges. Note: This does not provide an exit node function—only a SOCKS5 proxy.

Installing Dependencies

opkg install wget-ssl tor tor-geoip obfs4proxy

Installing luci-app-torbp

cd /tmp
wget https://github.com/zerolabnet/luci-app-torbp/releases/download/1.0/luci-app-torbp_1.0-1_all.ipk
opkg install luci-app-torbp_1.0-1_all.ipk
rm *.ipk

Default Ports

  • 9150 – SOCKS5 proxy port for Tor network traffic

Using with OpenClash

- name: "Tor"
  type: socks5
  server: ROUTER_IP
  port: 9150

Sources

  1. BDF Club
  2. https://zerolab.net/luci-app-torbp/

Onion Market — a free P2P exchange on Telegram. We support XMR, BTC, and USDT.TRC20.

Leave a Reply