Hulios
A Rust-based transparent Tor proxy that routes all system traffic through the Tor network enhanced security, proper DNS isolation, and modern Linux compatibility.
Install / Use
/learn @ghaziwali/HuliosREADME
Hardened Universal Linux Invisibility and Onion System
The name HULIOS is inspired by both Rust, the programming language, and Helios, the Greek god of the sun. It reflects the project's goals of robustness, clarity, and pervasive reach in Linux systems.
A Rust-based transparent Tor proxy that routes all system traffic through the Tor network enhanced security, proper DNS isolation, and modern Linux compatibility.
<p align="center"> <img src="https://img.shields.io/badge/Rust-1.70+-orange?logo=rust" alt="Rust"> <img src="https://img.shields.io/badge/License-MIT-blue" alt="License"> <img src="https://img.shields.io/badge/Platform-Linux-green?logo=linux" alt="Platform"> </p>Features
- Complete Traffic Anonymization - All TCP traffic routed through Tor
- DNS Leak Prevention - System resolver neutralized, DNS forced through Tor
- Default-Deny Firewall - Only Tor user can access the internet
- IPv6 Blocked - Prevents bypass via IPv6
- Tor Crash Monitoring - Alerts if Tor dies unexpectedly
- Aggressive Resolver Handling - Masks systemd-resolved to prevent resurrection
Security Model
HULIOS implements a strict security model:
- Default-Deny Policy - OUTPUT chain policy is DROP
- Tor-Only Internet Access - Only the
toruser can reach external networks - DNS Ownership -
/etc/resolv.confpoints to localhost, made immutable - No Private Network Bypasses - Router/LAN DNS cannot leak
- Encrypted DNS Blocked - DoT (853) and QUIC (443/UDP) dropped
- IPv6 Killed - All IPv6 traffic blocked at kernel level
Requirements
- Linux (only tested on Arch)
- Rust 1.70+
- Tor
- iptables (nftables compatible)
- Root privileges
Installation
From AUR (Arch Linux)
If you are using an AUR helper like paru or yay, you can install HULIOS directly:
# Using paru
paru -S hulios-git
# Using yay
yay -S hulios-git
From Source
# Clone the repository
git clone https://github.com/ghaziwali/hulios.git
cd hulios
# Build
cargo build --release
# Install (optional)
sudo cp target/release/hulios /usr/local/bin/
Dependencies (Arch Linux)
sudo pacman -S tor iptables resolvectl
Dependencies (Debian/Ubuntu)
sudo apt install tor iptables resolvectl
Usage
# Start HULIOS (routes all traffic through Tor)
sudo hulios start
# Check status and current IP
hulios status
# Restart (get new Tor circuit)
sudo hulios restart
# Stop and restore normal networking
sudo hulios stop
# Flush firewall rules only
sudo hulios flush
How It Works
Traffic Flow
┌─────────────────────────────────────────────────────────────┐
│ Your System │
├─────────────────────────────────────────────────────────────┤
│ Application (curl, browser, etc.) │
│ │ │
│ ▼ │
│ ┌─────────────────┐ │
│ │ System Resolver │ ──→ /etc/resolv.conf = 127.0.0.1 │
│ └─────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────┐ │
│ │ iptables NAT │ │
│ │ DNS (port 53) → REDIRECT → 127.0.0.1:9061 (Tor DNS) │
│ │ TCP → REDIRECT → 127.0.0.1:9051 (Tor Trans) │
│ └─────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────┐ │
│ │ iptables FILTER │ │
│ │ Policy: DROP (deny-all) │ │
│ │ ACCEPT: loopback, tor user, established│ │
│ │ DROP: everything else │ │
│ └─────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────┐ │
│ │ Tor Process │ ──→ Tor Network ──→ Internet │
│ │ (user: tor) │ │
│ └─────────────────┘ │
└─────────────────────────────────────────────────────────────┘
Key Components
| Port | Service | Purpose | |------|---------|---------| | 9050 | SOCKSPort | SOCKS5 proxy (optional direct use) | | 9051 | TransPort | Transparent TCP proxy | | 9061 | DNSPort | DNS resolution via Tor |
Verification
Check Your IP
hulios status
# Output:
# [+] Status: true
# [+] Ip: 185.220.101.xxx (Tor exit node)
Verify No DNS Leaks
# Terminal 1: Monitor external interface
sudo tcpdump -i wlan0 port 53 -n
# Should show: 0 packets captured
# Terminal 2: Monitor Tor DNS port
sudo tcpdump -i lo port 9061 -n
# Should show: UDP traffic to 127.0.0.1:9061
Online Leak Tests
Configuration
HULIOS uses a temporary Tor configuration at /tmp/hulios_torrc:
RunAsDaemon 1
User tor
DataDirectory /tmp/hulios_tor_data
SOCKSPort 9050
TransPort 9051
DNSPort 9061
VirtualAddrNetwork 10.66.0.0/255.255.0.0
AutomapHostsOnResolve 1
Notifications
HULIOS sends desktop notifications for:
| Event | Notification | |-------|-------------| | Start | "HULIOS Started - All traffic now routed through Tor " | | Restart | "HULIOS Restarted - Tor connection refreshed " | | Stop | "HULIOS Stopped - Normal network restored" | | Tor Crash | "⚠️ HULIOS CRITICAL - Tor process crashed!" |
Works on both X11 and Wayland (Hyprland, Sway, GNOME, KDE...).
Troubleshooting
DNS Not Working
# Check if Tor is running
ps aux | grep tor
# Check if DNSPort is listening
sudo ss -tulpn | grep 9061
# Check Tor logs
cat /tmp/tor_debug.log
Tor Fails to Bootstrap
Wait longer (some networks are slow) or check if Tor is blocked:
# View bootstrap progress
tail -f /tmp/tor_debug.log
Contributing
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Submit a pull request
License
MIT License - See LICENSE for details.
Disclaimer
This tool is for educational and legitimate privacy purposes only. The authors are not responsible for misuse. Always comply with local laws and terms of service.
⚠️ Security Notice
This repository is the only official source maintained by the original author. Third-party copies or redistributions may contain changes that are not reviewed or endorsed here. For security reasons, only use releases published from this repository.
Credits
- Tor Project for the Tor network
- NIPE as an inspiration
