DISCLAIMER: The most trustworthy information on this topic can be found on the Tor Project Wiki. Do not trust the advice on this blog if your life or well-being could be in danger. And you probably shouldn't trust Tor either. Or anyone.
Forcing all network traffic through Tor will hopefully reduce the chance of your anonymity being compromised by application-level issues that result in 'leaks'. Please note that the recommended way to browse the Internet anonymously is to use the Tor Browser Bundle, which is maintained by the Tor Project itself.
We will be using iptables to direct all DNS queries to the local Tor
DNSPort, which can then anonymously resolve domain
We will also redirect all TCP traffic to the Tor service's
TransPort, which acts as a transparent proxy.
There are some things to bear in mind. It doesn't matter how bullet-proof your firewall rules are, applications can still inadvertently leak information. Browser fingerprinting and personal information leaks can compromise your anonymous identity, while DNS leaks can reveal your IP address. The Tor Browser Bundle has some mitigations to prevent such leaks from occurring.
First, add the following lines to your
AutomapHostsOnResolve 1 DNSPort 53530 TransPort 9040
Make sure Tor is allowed by SELinux to bind to the transparent proxy:
semanage port -a -t tor_port_t -p tcp 9040
Restart the Tor service:
systemctl restart tor.service
firewalld is the default firewall in Fedora. In order to use iptables instead, perform the following commands:
systemctl disable firewalld.service yum -y install iptables-services systemctl enable iptables.service ip6tables.service
Now we can load the firewall rules. I've added some explanatory comments to these rules, but you'll need some basic knowledge of iptables if you want to customize the rules to your own requirements.
wget https://jamielinux.com/pub/2013/iptables.tor.txt iptables-restore < iptables.tor.txt
Finally, navigate to https://check.torproject.org in your browser to check if everything is working.