#!/bin/bash

apt install -y tor

echo "nameserver 127.0.0.1" > /etc/resolv.conf

cat >> /etc/tor/torrc << EOF
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsSuffixes .onion,.exit
AutomapHostsOnResolve 1
TransPort 0.0.0.0:9040
DNSPort 0.0.0.0:53
EOF

service tor restart

cat > /etc/iptables/rules.v4 << EOF
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
EOF
iptables-restore /etc/iptables/rules.v4

iptables -t nat -A PREROUTING ! -i lo -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 22
iptables -t nat -A PREROUTING ! -i lo -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING ! -i lo -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
iptables-save > /etc/iptables/rules.v4

sed -i '/net.ipv4.ip_forward/s/^#//g' /etc/sysctl.conf
echo 1 > /proc/sys/net/ipv4/ip_forward

echo ""
echo ""
echo ""
ip a | grep "inet "

echo ""
echo "Note for Firefox :"
echo "You need to enable dot onion in about:config."
echo "network.dns.blockDotOnion = False"