kali-autosetup/roles/tor_gateway/tasks/main.yml

- name: Install tor
  apt:
    name: tor
    update_cache: yes

- name: Set torrc file
  template:
    src: torrc.j2
    dest: /etc/tor/torrc

- name: Forward IPv4 TCP traffic to TOR
  become: yes
  iptables:
    ip_version: ipv4
    table: nat
    chain: PREROUTING
    in_interface: "{{ vm_net_interface_name }}"
    ctstate: NEW
    protocol: tcp
    jump: REDIRECT
    to_ports: "{{ tor_trans_port }}"
  notify: persist iptables

- name: Forward IPv6 TCP traffic to TOR
  become: yes
  iptables:
    ip_version: ipv6
    table: nat
    chain: PREROUTING
    in_interface: "{{ vm_net_interface_name }}"
    ctstate: NEW
    protocol: tcp
    jump: REDIRECT
    to_ports: "{{ tor_trans_port }}"
  notify: persist iptables

- name: Forward IPv4 DNS traffic to TOR
  become: yes
  iptables:
    ip_version: ipv4
    table: nat
    chain: PREROUTING
    in_interface: "{{ vm_net_interface_name }}"
    protocol: udp
    jump: REDIRECT
    to_ports: "{{ tor_dns_port }}"
  notify: persist iptables

- name: Forward IPv6 DNS traffic to TOR
  become: yes
  iptables:
    ip_version: ipv6
    table: nat
    chain: PREROUTING
    in_interface: "{{ vm_net_interface_name }}"
    protocol: udp
    jump: REDIRECT
    to_ports: "{{ tor_dns_port }}"
  notify: persist iptables

- name: Ensure log file exists
  file:
    path: "{{ tor_logfile_path }}"
    state: touch
    owner: debian-tor
    mode: 0644

- name: Start and enable tor service
  service:
    name: tor
    state: started
    enabled: yes
    daemon_reload: yes
Initial commit 2022-07-28 19:14:01 +02:00			`- name: Install tor`
			`apt:`
			`name: tor`
			`update_cache: yes`

			`- name: Set torrc file`
			`template:`
			`src: torrc.j2`
			`dest: /etc/tor/torrc`

			`- name: Forward IPv4 TCP traffic to TOR`
			`become: yes`
			`iptables:`
			`ip_version: ipv4`
			`table: nat`
			`chain: PREROUTING`
			`in_interface: "{{ vm_net_interface_name }}"`
			`ctstate: NEW`
			`protocol: tcp`
			`jump: REDIRECT`
			`to_ports: "{{ tor_trans_port }}"`
			`notify: persist iptables`

			`- name: Forward IPv6 TCP traffic to TOR`
			`become: yes`
			`iptables:`
			`ip_version: ipv6`
			`table: nat`
			`chain: PREROUTING`
			`in_interface: "{{ vm_net_interface_name }}"`
			`ctstate: NEW`
			`protocol: tcp`
			`jump: REDIRECT`
			`to_ports: "{{ tor_trans_port }}"`
			`notify: persist iptables`

			`- name: Forward IPv4 DNS traffic to TOR`
			`become: yes`
			`iptables:`
			`ip_version: ipv4`
			`table: nat`
			`chain: PREROUTING`
			`in_interface: "{{ vm_net_interface_name }}"`
			`protocol: udp`
			`jump: REDIRECT`
			`to_ports: "{{ tor_dns_port }}"`
			`notify: persist iptables`

			`- name: Forward IPv6 DNS traffic to TOR`
			`become: yes`
			`iptables:`
			`ip_version: ipv6`
			`table: nat`
			`chain: PREROUTING`
			`in_interface: "{{ vm_net_interface_name }}"`
			`protocol: udp`
			`jump: REDIRECT`
			`to_ports: "{{ tor_dns_port }}"`
			`notify: persist iptables`

			`- name: Ensure log file exists`
			`file:`
			`path: "{{ tor_logfile_path }}"`
			`state: touch`
			`owner: debian-tor`
			`mode: 0644`

			`- name: Start and enable tor service`
			`service:`
			`name: tor`
			`state: started`
			`enabled: yes`
			`daemon_reload: yes`