.. Different methods to Torify a VM in FreeBSD

An exploration of ways to force all virtual machine traffic through Onion routing. Although these methods are FreeBSD and bhyve specific, they should translate easily to other VMs and OSes.

Method One: Only allow VM to see host SOCKS port




kld_list="nmdm vmm"
ifconfig_bridge0="inet up addm wlan0 up addm tap0 up"

Run pkg install rinetd.

/usr/local/etc/rinetd.conf:     9050         9050


pkg install grub2-bhyve
kldload vmm nmdm 
service netif restart
service rinetd restart
bhyve -c 2 -m 4G -w -u -H \
        -s 0,amd_hostbridge \
        -s 3,virtio-blk,/dev/zvol/zroot/vm/openbsd.img \
        -s 5,virtio-net,tap0 \
        -s 29,fbuf,tcp=,w=800,h=600,vga=off,wait \
        -s 30,xhci,tablet \
        -s 31,lpc -l com1,stdio \
        -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \

In the VM:

ifconfig vio0 netmask up
curl --socks5-hostname https://check.torproject.org

Author: Joe White

Email: scobiehague@driftshell.com

Enlive 1.1.6