Objective of this guide
[vc_separator css=”.vc_custom_1574787126205{margin-top: -20px !important;}”]The purpose of this guide is to explain how to configure pfSense to block the Tor browser.JTVCYWRyb3RhdGUlMjBiYW5uZXIlM0QlMjIzJTIyJTVEHardware and software environment used
[vc_separator css=”.vc_custom_1574787126205{margin-top: -20px !important;}”]Tested hardware: We performed the configuration on a single hardware system as, in fact, the configuration can be replicated on any device compatible with the pfSense system. However, we recommend not using a lower power system than the system used in our tests.Tested Corporate Firewall:
The entire Compact Small UTM line
All the Small UTM line
The software used on the appliance is pfSense® version 2.4.4-RELEASE-p3
Configuration
[vc_separator css=”.vc_custom_1574787126205{margin-top: -20px !important;}”]The TOR browser, when started, first establishes a connection with a server, with which it establishes a tunnel. Once the tunnel has been created, the user will have free access to the resources provided by the TOR network. To avoid this you need to prevent the TOR browser from connecting.Here is the Tor connection screen:[vc_single_image image=”18739″ img_size=”full” onclick=”link_image”]Below is a possible configuration of pfSense to block Tor:
- First install pfBlockerNG;
- From System->Package Manage, locate the pfBlockerNG package and by clicking on the + Install button, install it.
https://unlockforus.com/pfblockerng/tor_nodes_ipv4.txt
We offer only one URL, which is reasonably effective.
In particular configured: “Alias Name“, “ipv4 Lists“, “Lists Action“, “Update Frequency“[vc_single_image image=”18749″ img_size=”full” onclick=”link_image”]Save[vc_single_image image=”18751″ img_size=”full” onclick=”link_image”]Click on “Update“, select “Reload” and click on “Run“, then select “Update” and click on “Run“.[vc_single_image image=”18753″ img_size=”full” onclick=”link_image”]If you launch the Tor browser it should return an error similar to this one[vc_single_image image=”18755″ img_size=”full” onclick=”link_image”]The configuration of pfBlockerNG can be very complex; in our example it is used only to block the TOR network. To block other similar networks, it will be sufficient to find a “URL” that contains the IPs to be blocked and insert it in the configuration.
Firewall->pfBlockerNG->IPv4, in the “IPV4 lists” field.