torsocks

Run a command using Tor

$ torsocks [command]

$ . torsocks [on|off]

$ torsocks --shell

$ torsocks show

$ torsocks [[-i|--isolate]] [curl https://check.torproject.org/api/ip]

$ torsocks [[-a|--address]] [ip] [[-P|--port]] [port] [command]

torsocks [options] command [command arguments]
Example: torsocks wget https://example.com

--help, -h
    Display help information and exit.

--usage, -u
    Display a short usage message and exit.

--ignore-socks-errors, -i
    Ignore SOCKS-related errors and allow connections to go direct if the proxy fails.

--quiet, -q
    Suppress all torsocks messages, only displaying output from the wrapped command.

--verbose, -v
    Display verbose torsocks messages, useful for debugging.

--stream-isolation, -s
    Enable stream isolation for the wrapped process. This forces new Tor circuits for all connections, preventing linkability.

--proxy-ip , -p
    Specify the SOCKS proxy IP address. Overrides configuration file settings.

--proxy-port , -a
    Specify the SOCKS proxy port. Overrides configuration file settings.

--proxy-username , -d
    Specify the username for SOCKS authentication.

--proxy-password , -o
    Specify the password for SOCKS authentication.

--resolve-host-remotely, -R
    Resolve hostnames remotely via the SOCKS proxy (SOCKS5 only). This is the default behavior when using Tor.

--no-resolve-host-remotely, -N
    Resolve hostnames locally before sending the IP address to the SOCKS proxy.

--status, -S
    Print the status of the torsocks library and exit. Useful for checking if torsocks is properly configured.

torsocks is a utility that allows applications to transparently use a SOCKS proxy, typically Tor, for their network connections.
It works by intercepting network-related system calls, such as connect() and getaddrinfo(), from the program it wraps. Instead of making direct connections to the Internet, torsocks redirects these calls through a configured SOCKS proxy, ensuring that the application's traffic is routed through the proxy.
This is particularly useful for applications that do not natively support SOCKS proxies, or for users who wish to enforce proxy usage for specific commands without altering their configuration.
By default, torsocks attempts to use Tor as its proxy, looking for its configuration in files like /etc/torsocks.conf or ~/.torsocks.conf.
It supports both SOCKS4 and SOCKS5 protocols, providing a convenient way to enhance privacy and security for command-line tools and scripts.

• torsocks primarily handles TCP connections. UDP proxying is generally not reliable or fully supported.
• It cannot safely proxy setuid/setgid binaries due to security implications and library preloading restrictions.
• Not all network operations can be reliably intercepted. For example, some low-level ICMP or raw socket operations might bypass the proxy.
• torsocks relies on library preloading (LD_PRELOAD), which might conflict with other preloaded libraries or specific system configurations.

torsocks uses a configuration file, typically /etc/torsocks.conf or ~/.torsocks.conf, to define the SOCKS proxy details and other behaviors. This allows for persistent settings without needing to specify them on the command line every time.
The default configuration usually points to a Tor SOCKS proxy running on 127.0.0.1:9050 or 127.0.0.1:9150 (for Tor Browser bundle).

Many torsocks behaviors and settings can also be controlled via environment variables, such as TORSOCKS_CONF_FILE (to specify a custom config file), TORSOCKS_DEBUG, TORSOCKS_ALLOW_INBOUND, and TORSOCKS_ALLOW_UDP. These provide flexible ways to modify torsocks's operation for specific use cases or scripts.

tor(1), torsocks.conf(5), proxychains(1)