Tor (“The Onion Router”) is a security protocol that increases the anonymity of Internet traffic. Tor's “Onion” routing is implemented at the OSI application layer. The Tor network is a free, worldwide, volunteer-run overlay network of more than 7,000 relays.

When you use the Tor browser, the Tor network doesn't directly connect your computer to that website. Instead, traffic from your browser is intercepted by TOR and bounced through a random number of other Tor users’ computers before passing the request to the final website destination. The process is reversed to enable the destination website to communicate with you, the Tor user.

The encryption process that Tor software users obscures the user's identity, requests, communications, and transactions while still enabling them to use the Internet like they normally would.

For details about how Tor works, see this posting: Skerritt Blog: How does Tor Really work?

Encryption, anonymization and multiple hops have tradeoffs. Tor slows your network traffic, since the path packets take is more complex (circuitous) than with normal traffic. You will probably not want to send interactive traffic over the Tor network. It also recommended that you do heavy downloading (such as Torrents) via Tor. The multiple hops increase latency significantly.

The Tor network includes its own internal DNS system specifically authoritative for the “.onion” domain. This domain exists only within the Tor network. Some modern browsers include built-in functions to resolve “.onion” domains which append “.link” or “.cab” to the “.onion” domain. Check your browser documentation for details.

Enable TOR: enables the Tor client. Be patient. Starting TOR can take from several seconds to several minutes.

Socks Port:

Trans Port:

DNS Port:

Data Directory: here, specify where Tor will store its temporary data.

Only resolve .onion/.exit domains: if enabled, only “.onion” domains will be redirected towards the Tor network.

Note that you must also enable the Resolve .onion using Tor (assumes Tor is enabled) option in the DHCP/DNS/TFTP menu.

Redirect all users from: lets you specify the source LANs/client IP addresses to be be permitted to use Tor.

• LANx - lets you choose specific subnets whose client devices
  will be allowed to access Tor sites.
• Selected IPs - lets you specify which IP addresses
  will be allowed to access Tor sites.

Redirect TCP Ports: narrows the Tor redirection rule to destination port/s of interest.

• HTTP only (TCP 80)
• HTTP + HTTPS (TCP 80 + TCP 443)
• Selected Ports

Custom Configuration: here, define custom/advanced parameters, found in the Tor Documentation.

Warning: if your router has 32MB of RAM or less, you must use permanent swap space to ensure proper TOR functioning.