Reverse proxy for hosting a clearnet URL for a hidden service
Merge branch 'master' of git.sr.ht:~foss/cleartor
Add gitlab CI for building
Move client outside of service closure so it isn't reinitialized all the time


browse  log 



You can also use your local clone with git send-email.



A simple reverse-proxy to forward clearnet traffic to an onion URL.

The use case for this is to host a server behind a firewall that's only exposed with an onion address and hosting a (anonymous) lightweight VPS that forwards all traffic received on a regular DNS address to the server.

It's similar to web2tor except it only forwards to 1 specific onion link.

cleartor doesn't log anything except when run in debug mode.


You need at least libc, pkg-config and openssl to build, and tor to run

sudo apt install build-essential pkg-config libssl-dev tor

To install cleartor just run

cargo install cleartor

The following should be added to /etc/tor/torrc

# The port cleartor will bind on
SocksPort 9050
# Only allow local traffic
SocksPolicy accept
SocksPolicy reject *

Restart the Tor service after changing the config

sudo service tor restart


Using the config in /etc/cleartor.toml


Using another config

./cleartor -c other-location/cleartor.toml

Run it on the background and never quit

nohup cleartor > /dev/null 2>&1 &

Run it as a non-root user and still be able to bind to port 80

sudo apt install libcap2-bin
sudo setcap 'cap_net_bind_service=+ep' ~/.cargo/bin/cleartor

#Example Config


# The address and port to listen on
# to listen to all connections
# to listen to local only connections
listen_ip = ""
# Set the port to 0 to receive a port from the OS
listen_port = 80
# The socks port as defined as 'SocksPort' in /etc/tor/torrc, without the address
tor_socks_port = 9050

# This section is optional
# Where to save the log
file = "/var/log/cleartor.log"
# What to log
file_level = "DEBUG"
# What to print to the console
print_level = "INFO"

# The LOCATION HTTP header will be replaced with this instead of the .onion URL when you receive a response
# This field is probably misconfigured if forms aren't working
domain = "torproject.org"
# The onion address to forward all traffic to
onion = "expyuzz4wqqyqhjn.onion"

# Alternatively you can also add here to route traffic from your machine for testing purposes
domain = ""
onion = "expyuzz4wqqyqhjn.onion"

Run with

sudo cleartor -c /etc/cleartor.toml


Licensed under AGPLv3.