# Configuring Tor for SOCKS4/5 forwarding



## Kernan Mzelikahle (Oct 19, 2016)

Greetings.
I hope this is the right forum to post, if not you may kindly advise.

I am trying to set up Tor on my localhost in-order it may act as tunnel to forward and receive SOCKS4/5 traffic. Conceptually, I intend to run Evolution behind our organization's proxy such that I can download and send email (from gmail). So far, I have Tor running, and proxychains is also running. However, when I try to run a mail client (Evolution in this case), it fails with a connection denied error. I have tried running some other applications e.g. curl and it runs well, grive and it connects to google-drive. I now think that perhaps there is something I did not cater for as regards SOCKS since I tested curl using HTTP.

Below is an excerpt of the /usr/local/etc/tor/torrc file I edited, the rest are defaults. I have edited out the organization's IP address to x.x

```
## Tor opens a SOCKS proxy on port 9050 by default -- even if you don't
## configure one below. Set "SOCKSPort 0" if you plan to run Tor only
## as a relay, and not make any local application connections yourself.
SOCKSPort 9050 # Default: Bind to localhost:9050 for local connections.

## Entry policies to allow/deny SOCKS requests based on IP address.
## First entry that matches wins. If no SOCKSPolicy is set, we accept
## all (and only) requests that reach a SOCKSPort. Untrusted users who
## can access your SOCKSPort may be able to learn about the connections
## you make.
SOCKSPolicy accept x.x.0.0/16
```

Below is my /usr/local/etc/proxychains.conf. Note that I have edited out the organization's IP addresses to x.x.x.x:

```
# proxychains.conf  VER 3.1
#
#        HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#   

# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
# strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see  chain_len) from the list.
# this option is good to test your IDS :)

# Make sense only if random_chain
#chain_len = 2

# Quiet mode (no output from library)
#quiet_mode

# Proxy DNS requests - no leak for DNS data
# proxy_dns

# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000

# ProxyList format
#       type  host  port [user pass]
#       (values separated by 'tab' or 'blank')
#
#
#        Examples:
#
#               socks5   192.168.67.78     1080   lamer   secret
#               http        192.168.89.3      8080    justu     hidden
#               socks4   192.168.1.49      1080
#               http        192.168.39.93    8080   
#       
#
#       proxy types: http, socks4, socks5
#        ( auth types supported: "basic"-http  "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
http        x.x.x.x       3128
http        x.x.x.x       3128
socks4   x.x.x.x        3128
socks5   x.x.x.x        3128
ftp          x.x.x.x       3128
# meanwile
# defaults set to "tor"
socks4    127.0.0.1   9050
```

When I run evolution by command `% proxychains evolution`, I receive the following errors (Note, I again edit out the IPs ):

```
ProxyChains-3.1 (http://proxychains.sf.net)
|D-chain|-<>-x.x.x.x:3128-<>-127.0.0.1:9050-<--denied
|D-chain|-<>-x.x.x.x:3128-<><>-108.177.15.109:993-<--denied
|D-chain|-<>-x.x.x.x:3128-<><>-108.177.15.108:993-<--denied
```

I thank you in advance for your support.


----------

