Tor Browser, Socks Ports, Proxies

Support
1

Thanks Patrick & Whonix Devs for all of your hard work!

  1. If I use TorButton → Preferences to add a 3rd party proxy server, how does my Tor Browser traffic get routed through Whonix? Does it continue to go through Socks Port 9150 or does it now route through the TransPort? Is a proxychain required to use a Socks Port as well as the Proxy Server?

  2. Unrelated question: I’m interested in setting up 2 Tor Browsers with Stream Isolation. I can leave the default installation going to 127.0.0.1: 9150 → 10.152.152.10: 9150. I believe I read that 9152 can be used for the second browser (installed in its own directory). How do I know that port 9152 is free? Is there a list of available ports I can use? Is it correct to assume that /etc/rinetd.conf needs to be updated by adding the following lines:

Tor Browser 2 Socks Port

127.0.0.1 9152 10.152.152.10 9152

Tor Browser 2 Control Port

127.0.0.1 9153 10.152.152.10 9052

Then, all that remains is to change the 2nd browser’s TorButton → Preferences to 127.0.0.1: 9152?

Sorry if anything is overly obvious. Was not able to find this info on the following pages:

Thanks in advance.

2
1. If I use TorButton -> Preferences to add a 3rd party proxy server, how does my Tor Browser traffic get routed through Whonix? Does it continue to go through Socks Port 9150 or does it now route through the TransPort?
Tor Browser -> TransPort -> Tor -> proxy -> destination
Is a proxychain required to use a Socks Port as well as the Proxy Server?
proxychains works through TransPort. When Whonix was not involved, "TransPort", i.e. whatever the operating system provides, is the default operating mode of proxychains.

The proxy server does not need to have proxychains installed.

2. Unrelated question: I'm interested in setting up 2 Tor Browsers with Stream Isolation. I can leave the default installation going to 127.0.0.1: 9150 -> 10.152.152.10: 9150.
Yes.
I believe I read that 9152 can be used for the second browser (installed in its own directory).
Yes, buti if you change IP anyhow, don't go through rinetd. It only complicates stuff. Point it at Whonix-Gateway IP / port directly.

[Wondering why it’s installed by default it in the first place? So unmodified, self downloaded TBB’s work in Whonix out of the box without Tor over Tor.]

How do I know that port 9152 is free?
sudo netstat -tulpen
Is there a list of available ports I can use?
Here: https://www.whonix.org/wiki/Stream_Isolation#Basic_Protection
3

Thank you for the quick answers.

I phrased this question poorly:

The proxy server does not need to have proxychains installed.[/quote]

What I meant to ask was: If using TBB with a Proxy, isn’t it recommended to route through the Socks Port, and how is that accomplished?

edit: replied too quickly. use uwt?

Would I put Proxy info in TorButton and use uwt for SocksPort or the other way around?

Yes, buti if you change IP anyhow, don’t go through rinetd. It only complicates stuff. Point it at Whonix-Gateway IP / port directly.[/quote]

So, in my specific case, I just need to change TorButton → Preferences to:
socks5 10.152.152.10: 9152 ?
Will TBB #2 use the same control port as TBB#1?

4
What I meant to ask was: If using TBB with a Proxy, isn't it recommended to route through the Socks Port, and how is that accomplished?

edit: replied too quickly. use uwt?

Would I put Proxy info in TorButton and use uwt for SocksPort or the other way around?


Try this:
uwt → gateway, SocksPort
TorButton → remote proxy

Might very well not work due to some other issues recently reported on IRC as well as noticed by me. Something changed in Tor Browser apparently that breaks torsocks / proxychains [for DNS and ?]. Unrelated to Whonix. I am too busy with other Whonix work to diagnose and report this issue to either torsocks, proxychains and/or Tor Browser developers, though.

So, in my specific case, I just need to change TorButton -> Preferences to: socks5 10.152.152.10: 9152 ? Will TBB #2 use the same control port as TBB#1?
Yes.