torify

Route traffic via Tor

$ torify [command]

$ torify [on|off]

$ torify --shell

$ torify show

$ torify -c [config-file] [command]

$ torify -P [proxy] [command]

$ torify [command] > [path/to/output]

torify [OPTIONS] COMMAND [ARGUMENT...]

COMMAND
    The command or executable to be run, whose network traffic will be routed through Tor.

ARGUMENT...
    Any arguments that need to be passed to the COMMAND.

-h, --help
    Displays the help message and exits.

-u, --unrestrict
    Instructs torsocks to allow the specified command to use Tor, even if it is normally blacklisted in the configuration file. Useful for overriding default restrictions.

-i, --ignore
    Ignores the TORSOCKS_CONF_FILE environment variable, forcing torsocks to use its default configuration file locations (e.g., ~/.torsocks.conf or /etc/torsocks.conf).

-v, --verbose
    Enables verbose logging output from torsocks, useful for debugging connection issues or understanding its behavior.

-l LIBRARY, --library LIBRARY
    Specifies an alternative path to the torsocks shared library (e.g., libtorsocks.so) to be preloaded.

-C CONFIG_FILE, --conf CONFIG_FILE
    Uses an alternative torsocks configuration file instead of the default ones. This allows for specific proxy settings or rules for a particular command.

torify is a powerful command-line utility that simplifies routing the network traffic of almost any application through the Tor anonymity network. It acts as a convenient wrapper for the torsocks library, which transparently intercepts and redirects an application's outgoing TCP connections to a local Tor SOCKS proxy. This mechanism is crucial for enhancing privacy and anonymity by making it difficult to trace the origin of the network traffic.

It achieves this by leveraging the LD_PRELOAD environment variable to inject the libtorsocks.so shared library into the application's process. Consequently, most network-aware programs launched via torify will automatically attempt to route their connections through Tor, without requiring explicit SOCKS proxy configuration within the application itself.

While highly effective, users must be aware of potential limitations such as DNS leaks, especially if the application performs its own DNS resolution and torsocks is not properly configured to handle DNS requests via Tor. It is particularly valuable for command-line tools and scripts that lack built-in proxy support, providing an easy way to anonymize their network interactions.

torify, as a wrapper for torsocks, has several important caveats and limitations:

1. DNS Leaks: While torsocks attempts to intercept DNS requests, some applications might perform their own DNS resolution in ways that bypass torsocks, leading to potential DNS leaks and revealing your real IP address.
2. UDP Traffic: torsocks primarily handles TCP connections. UDP traffic is generally not routed through Tor and will likely leak.
3. Performance Impact: Routing traffic through the Tor network inherently adds significant latency, which can slow down applications and transfers.
4. Not All Applications: Highly complex applications or those using non-standard networking methods (e.g., raw sockets, specific kernel interfaces) may not function correctly or at all with torify.
5. SUID/SGID Binaries: The LD_PRELOAD mechanism (which torsocks relies on) typically does not work with SUID or SGID binaries due to security restrictions.
6. Running Tor Daemon: torify requires a running Tor daemon on the local system, accessible via its SOCKS proxy port (default 9050 or 9150 for Tor Browser bundle).

torsocks (and thus torify) reads its configuration from specific files. The typical search order is: the file specified by the TORSOCKS_CONF_FILE environment variable, then ~/.torsocks.conf in the user's home directory, and finally /etc/torsocks.conf. These files define the SOCKS proxy address, port, and rules for traffic routing.

torify works by setting the LD_PRELOAD environment variable to point to the torsocks shared library (e.g., /usr/lib/libtorsocks.so). When a program starts, the dynamic linker loads this library before any other, allowing torsocks to 'hook' or 'intercept' standard network functions. When the application tries to make a connection, torsocks redirects it through the Tor SOCKS proxy instead of directly to the internet.

The concept behind torify and torsocks emerged from the need to easily anonymize network connections of existing applications without requiring them to have built-in SOCKS proxy support. torsocks, the underlying library, was developed to leverage the dynamic linker's LD_PRELOAD mechanism on Unix-like systems. This allows the interception of standard networking functions (like connect(), getaddrinfo(), etc.) and redirects them through a specified SOCKS proxy, typically Tor. torify was created as a simple shell script wrapper to make the invocation of torsocks more user-friendly, setting the necessary environment variables and directly executing the target command, thus simplifying its usage for anonymizing command-line tools.

torsocks(1), tor(1), proxychains(1), ssocks(1)