Torblade is a minimalist, transparent Tor proxy gateway. It transforms a Linux VM into a secure bridge that forces all downstream client traffic through the Tor network, preventing leaks by design.
- Zero-Leak Policy: Non-Tor packets are strictly blocked at the firewall level.
- Automatic Networking: Integrated DHCP server for easy client connectivity.
- Secure DNS: DNS over HTTPS (DoH) routed through Tor, including
.onionresolution. - Hardened Traffic: Default configuration limits traffic to SSH and HTTPS (customizable).
This setup is tested and optimized for VirtualBox.
Configure your VM with two Network Adapters:
- Adapter 1: NAT (For internet access)
- Adapter 2: Internal Network (Name it
torblade-net, disable DHCP in VB settings)
Initialization:
# Set up host IP and network interfaces
./iptables.sh fix_my_ip
# Spin up the Tor and DNS containers
./docker.sh start
# Apply the transparent proxy and firewall rules
sudo ./iptables.sh apply
Configure your client VM (Kali, Tails, or any Linux/Windows) with:
- Adapter 1: Internal Network (Use the same name:
torblade-net)
The client will automatically receive an IP via DHCP and route all traffic through the Torblade gateway.
By default, Torblade only allows SSH and HTTPS traffic for maximum security. If you need to allow all protocols through the Tor circuit:
- Open
iptables.sh. - Uncomment the rule explicitly marked to allow all traffic over Tor.
Once connected, use these links within the Client VM to verify your anonymity:
| Service | Purpose |
|---|---|
| Check Tor IP | Confirms you are routing through the Tor network. |
| Cloudflare Help | Verify that DNS is not leaking and is using DoH. |
| CIA.onion | Test .onion address resolution. |
Note: This project aims for simplicity. You can understand the entire logic in under 10 minutes by reading the shell scripts.