tools.tor_transproxy_tools module

Per-process transparent Tor proxy via cgroup v2 + iptables NAT.

Moves a PID into a dedicated cgroup v2 slice and adds OUTPUT nat rules that REDIRECT TCP and DNS (UDP/53) to Tor’s TransPort and DNSPort. Linux iptables cannot match by PID directly; cgroup path matching is used instead.

Requires: Tor with TransPort/DNSPort (see /etc/tor/torrc), cgroup v2 mounted at /sys/fs/cgroup, iptables xt_cgroup match ( cgroup directory must exist before adding rules). Transparent TCP only except DNS; other UDP is not routed via Tor.

All tools require the UNSANDBOXED_EXEC privilege.

tools.tor_transproxy_tools.parse_tor_trans_dns_ports()[source]

Read TransPort and DNSPort from torrc; fall back to Tor defaults.

Return type:: tuple[int, int]