What is OnionCat?

  • With Tor itself, it is only possible to do TCP due to SOCKS5 limitations. OnionCat allows you to do more than TCP through Tor; how does this work?

    title asks one question, then detail partially answers question and asks a second one

  • OnionCat is a Tor-based decentralized peer-to-peer VPN. It acts like a single IPv6 subnet hidden inside Tor permitting a hidden service to be transformed into an IPv6 address on the subnet. In BSD land this shows up as a tun(4) device. One can do udp (dns, nfs, etc) or tcp or even IPSec between OnionCat instances (and only between OnionCat instances; not out to the clearnet).

    As the OpenBSD ports tree states:

    OnionCat creates a transparent IP layer on top of Tor's hidden services. It transmits any kind of IP-based data transparently through the Tor network on a location hidden basis. You can think of it as a point-to-multipoint VPN between hidden services.

    More info can be found here. OnionCat is not officially associated with the Tor Project.

  • I try an alternative simplistic explanation.

    OnionCat :

    • connects from hidden service to hidden service.
    • provides an IPv6 for you
    • provides an IPv6 for your partner

    Now you can use IPv6, TCP and UDP with your partner.

    What is OnionCat NOT:

    Tor does support IPv6 for most things, more are coming.

    Could you run SIP through the setup explained above? ie lets say you and your partner setup a hidden service each, and created an OnionCat tunnel between you, could you now run SIP server such as FreeSWITCH or Asterisk and a SIP client such as Jitsi or Linphone between them for voice and video? That would mean running SIP/SRTP/ZRTP through the tunnel.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM