Block TOR Client with IPTABLES

Managing network traffic is one of the toughest tasks that system administrators must deal with. We must specify that the users of the connected system meet the incoming and outgoing requirements of the firewall to ensure that the system is protected from attack. Many users use IPTables in Linux as a firewall, and from a strict point of view, IPTables is just a command-line tool that helps administrators define rules and communicate with Linux Kernel. It is only to help administrators configure the network traffic incoming, outgoing rules list, the specific implementation is actually in the Linux kernel.

IPTables includes a set of built-in and user-defined rules for the chain, and administrators can attach various packet processing rules to the chain.

I  am going to guide how to Block TOR Client with IPTABLES

  1. Create bash script as below
    #!/bin/bash
    
    # Block Tor Exit nodes
    IPTABLES_TARGET="DROP"
    IPTABLES_CHAINNAME="TOR”
    if ! iptables -L TOR -n >/dev/null 2>&1 ; then
    iptables -N TOR >/dev/null 2>&1
    iptables -A INPUT -p tcp -j TOR 2>&1
    fi
    cd /tmp/
    echo -e "\n\tGetting TOR node list from dan.me.uk\n"
    wget -q -O - "https://www.dan.me.uk/torlist/" -U SXTorBlocker/1.0 > /tmp/full.tor
    sed -i 's|^#.*$||g' /tmp/full.tor
    iptables -F TOR CMD=$(cat /tmp/full.tor | uniq | sort)
    for IP in $CMD; do
    let COUNT=COUNT+1
    iptables -A TOR -s $IP -j DROP
    done
  2.  Run iptables command
    iptables -A TOR -j RETURN echo -e "\n\tiptables is now blocking TOR connections\n”
  3. Enjoy