Tor Switch
🛡️ File Information
| Property | Value |
|---|---|
| Binary Name | tor-switch |
| Version | 9.0.1 |
| File Size | 13.6MB |
| Author | Warith Al Maawali |
| License | Proprietary |
| Category | Network & Routing |
| Description | Tor configuration and routing management for Kodachi OS |
| JSON Data | View Raw JSON |
SHA256 Checksum
🛡️ Key Features
Tor Network Management
| Feature | Description |
|---|---|
| System-wide Torrification | Route all system traffic through Tor with one command |
| Multi-instance Support | Create and manage multiple Tor instances for load balancing |
| Exit Node Control | Choose specific countries for your traffic to exit through |
| Automatic IP Rotation | Schedule automatic IP address changes at custom intervals |
Why Tor Switch is Essential
| Benefit | Description |
|---|---|
| Complete Anonymity | Ensures all network traffic is routed through the Tor network |
| Geographic Freedom | Bypass geo-restrictions by selecting specific exit countries |
| Load Balancing | Distribute traffic across multiple Tor instances for better performance |
| DNS Leak Prevention | Ensures DNS queries don't reveal your real location |
| Firewall Integration | Works with both iptables and nftables for maximum compatibility |
🛡️ ⚡ TL;DR - Essential Commands
PRIVILEGE REQUIREMENTS
Most tor-switch commands require sudo (root privileges) as they:
- Modify iptables/nftables firewall rules
- Start/stop system services (Tor daemon)
- Configure network routing tables
- Manage system-wide torrification
SECURITY: Only run tor-switch with sudo on trusted systems.
🔹 Basic Tor Management
sudo tor-switch start_tor # Start the Tor daemon service
sudo tor-switch stop_tor # Stop the Tor daemon service
🔹 System Torrification (Route ALL Traffic Through Tor)
sudo tor-switch torrify_system_nftables # Route all traffic through Tor (RECOMMENDED - modern & faster)
sudo tor-switch torrify_system_iptables # Route all traffic through Tor (legacy support)
# Prefer nftables in overview examples for consistency with modern stacks
FIREWALL RECOMMENDATION
- nftables (RECOMMENDED) - Modern, faster, and more secure
- iptables (Legacy support) - Use only if nftables unavailable
Always prefer nftables commands for optimal performance and security.
🔹 Load Balancing Setup (Multiple Tor Instances)
sudo tor-switch set_load_balancing_mode round-robin # Set sequential rotation mode
sudo tor-switch torrify_system_nftables_load_balanced # Apply load balanced routing
🔹 DNS Routing Through Tor
🔹 Verification Commands
tor-switch torverify # Check if traffic is going through Tor
ip-fetch check-tor --json # Cross-verify using independent IP/ASN check
tor-switch verify_tor_dns # Verify DNS is routed through Tor
# Verify with IP Fetch for complete confirmation
ip-fetch check-tor # Comprehensive Tor verification with geolocation
ip-fetch --refresh-cache # Get fresh IP after Tor connection
🔹 Emergency Commands
sudo tor-switch flush_iptables # Clear ALL iptables rules (emergency reset)
sudo tor-switch flush_nftables # Clear ALL nftables rules (emergency reset)
WARNING
These commands remove ALL firewall rules, returning to direct connection.
🛡️ Understanding Tor Routing
What is Torrification?
Torrification means routing all your internet traffic through the Tor network, providing multiple layers of encryption and anonymity by bouncing your traffic through several relay nodes before it reaches its destination.
# Enable full system torrification with modern nftables (RECOMMENDED)
sudo tor-switch torrify_system_nftables
# Or use legacy iptables if nftables isn't available
sudo tor-switch torrify_system_iptables
# Check if torrification is active
tor-switch torverify
How Torrification Works
| Component | Description |
|---|---|
| Firewall Rules | Creates NAT (Network Address Translation) rules that intercept all TCP traffic |
| SOCKS Proxy Redirect | Routes intercepted traffic to Tor's SOCKS proxy (port 9050 by default) |
| Transparent Proxy | Uses Tor's TransPort (9040) for applications that don't support SOCKS |
| DNS Redirection | Optionally routes DNS queries through Tor's DNSPort (9053) to prevent leaks |
Torrification Benefits
| Benefit | Description |
|---|---|
| IP Protection | Hides your real IP address from websites and services |
| Multi-hop Encryption | Encrypts traffic through multiple relay nodes (typically 3 hops) |
| Surveillance Prevention | Prevents network surveillance and tracking |
| Onion Access | Allows access to .onion sites on the dark web |
| Transparent Operation | Works transparently for all applications (no per-app configuration needed) |
Load Balancing Modes
When using multiple Tor instances, tor-switch provides three native kernel-level load balancing modes:
1. Round-Robin (Sequential Distribution)
sudo tor-switch set_load_balancing_mode round-robin
sudo tor-switch torrify_system_nftables_load_balanced
| Aspect | Description |
|---|---|
| How it works | Each new connection goes to the next Tor instance in sequence. Pattern follows Instance 1 → Instance 2 → Instance 3 → Instance 1 (repeat). The kernel maintains a counter and routes connections sequentially. |
| Best for | General use cases with even distribution of traffic and regular IP rotation. |
| Example | Connection 1 → Instance A, Connection 2 → Instance B, Connection 3 → Instance C, Connection 4 → Instance A (cycle repeats) |
2. Weighted Distribution (Priority-Based)
sudo tor-switch set_load_balancing_mode weighted
sudo tor-switch set_instance_weight tor1 50 # 50% of traffic
sudo tor-switch set_instance_weight tor2 30 # 30% of traffic
sudo tor-switch set_instance_weight tor3 20 # 20% of traffic
sudo tor-switch torrify_system_nftables_load_balanced
| Aspect | Description |
|---|---|
| How it works | Distributes traffic based on assigned weights. The kernel uses probability-based selection where instances with higher weights receive more connections. |
| Best for | Prioritizing faster or more reliable instances, testing setups with controlled traffic distribution, or balancing load based on instance capacity. |
| Example | Instance A (weight 60) gets ~60% of connections, Instance B (weight 30) gets ~30% of connections, Instance C (weight 10) gets ~10% of connections |
3. Consistent Hashing (Source IP Affinity)
sudo tor-switch set_load_balancing_mode consistent-hashing
sudo tor-switch torrify_system_nftables_load_balanced
| Aspect | Description |
|---|---|
| How it works | The same source IP always routes to the same Tor instance using a hash function for consistent mapping. This maintains session persistence - your IP won't change during a session. |
| Best for | Services that block frequent IP changes including banking, financial services, streaming platforms, and social media sessions. |
| Example | Device A always uses Instance B, Device B always uses Instance A, Device C always uses Instance C. Each device maintains the same exit IP throughout the session. |
HAProxy Integration (Application-Level Proxy)
For more advanced load balancing, tor-switch can generate HAProxy configurations:
# Generate HAProxy config with different algorithms
sudo tor-switch generate_haproxy_config roundrobin 9055 # Sequential distribution
sudo tor-switch generate_haproxy_config source 9055 # Source IP persistence
sudo tor-switch generate_haproxy_config leastconn 9055 # Least connections
sudo tor-switch generate_haproxy_config random 9055 # Random selection
# Start HAProxy
sudo tor-switch haproxy_start
HAProxy vs Native Load Balancing
| Type | Description |
|---|---|
| Native (iptables/nftables) | Kernel-level operation with lower overhead, works transparently without requiring additional software. |
| HAProxy | Application-level proxy offering more load balancing algorithms, detailed statistics and monitoring, plus health checks for instances. |
Using a SOCKS Proxy
If you prefer application-level proxy configuration instead of system-wide torrification:
# Default Tor SOCKS proxy is available at:
# Host: 127.0.0.1
# Port: 9050
# For specific instances:
# Instance 1: Port 9050
# Instance 2: Port 9051
# Instance 3: Port 9052
# (and so on...)
# Configure your browser/application to use:
# SOCKS5 Proxy: 127.0.0.1:9050
Performance Note
While Tor provides strong anonymity, it may slow down your internet connection due to the multiple relay hops. Using load balancing across multiple instances can improve performance.
🛡️ Advanced Commands
For the complete list of all available commands and detailed options, please refer to the auto-generated command reference which includes:
| Feature | Description |
|---|---|
| Instance Management | Complete instance management commands |
| HAProxy Integration | HAProxy integration for advanced load balancing |
| DNS Commands | DNS verification and routing commands |
| Configuration | Configuration backup and restore |
| Firewall Management | Firewall rule management |
| Debug Tools | Debug and diagnostic tools |
| CLI Reference | All command-line flags and parameters |
🛡️ Security Notes
Important Security Practices:
| Practice | Description |
|---|---|
| Verify Torrification | Always verify torrification with torverify after enabling |
| Rotate Exit Nodes | Avoid using the same exit node for extended periods |
| Multi-instance Setup | Use multi-instance setup for sensitive operations |
| Circuit Rotation | Regularly change circuits with new_tor_circuit for better anonymity |
| Firewall Check | Check firewall rules are active with which_is_active command |
🛡️ Performance
| Metric | Value | Description |
|---|---|---|
| Connection Time | < 5 seconds | Typical connection establishment |
| Memory Usage | ~50MB | Per Tor instance |
| CPU Usage | < 10% active, < 1% idle | Resource consumption |
| Bandwidth Overhead | ~10-20% | Due to encryption |
| Recommended Instances | 3-5 | For optimal performance |
🛡️ Support
| Resource | Link |
|---|---|
| Website | digi77.com |
| Anonymity Verifier | kodachi.cloud |
| Discord Support | discord.gg/KEFErEx |
| GitHub | github.com/WMAL |