Hi all, it took me a year or so but I've finally managed to build Tor for iOS with a working support for TransPort, as you can see on: https://github.com/sid77/evelyn/blob/master/tor/make.sh The next natural step is to hack together full device torification as iOS jailbroken devices can run pf (without ALTQ support).
I'm not very comfortable with pf and pfctl so my first step was to head out to https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#BSDPF looking for some clue. However, jailbroken iOS' ifconfig can not bring up a second loopback interface (I think the kernel is not allowing it) so I had to test out some custom rules, my current pf.conf is as follow:
-8<- scrub in
rdr pass on lo0 inet proto tcp all -> 127.0.0.1 port 9040 rdr pass on lo0 inet proto udp to port domain -> 127.0.0.1 port domain
block return out
pass quick on lo0 keep state
pass out quick inet proto tcp user nobody flags S/SA modulate state pass out quick route-to lo0 inet proto udp to port domain keep state pass out quick route-to lo0 inet proto tcp all flags S/SA modulate state -8<-
taken from: https://github.com/sid77/mobiletor/blob/master/pf.conf I apply it running this script: https://github.com/sid77/sbsettingstor/blob/master/com.sbsettingstor.enable Tor is running as user nobody (not really secure but I still have to figure out system user management on the platform) and answering DNS queries on 127.0.0.1:53.
This solution is failing *REALLY* hard as I managed to run into a kernel panic as soon as I tried to generate some traffic with Mobile Safari or Cydia.
Is there any pf guru out there which can give me some insights?
Ciao, Marco