torhound

command module
v0.0.0-...-8659126 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2026 License: MIT Imports: 18 Imported by: 0

README

TorHound

TorHound logo

TorHound is a small Go service that fetches Tor Project exit relay data, caches the latest sighting time for each IPv4 exit address in BoltDB, and emits plain-text blocklists for servers and firewalls.

The project now wears a quirky 1970s service-desk coat: grainy photoshoot texture, bulky steel car energy, a shaggy dog hanging out the window, and still a technical instrument at the center.

What It Serves

Pass a minute window in the URL. TorHound returns every Tor exit address seen inside that window.

Target Endpoint
Apache 2.4 compat rules /compat/minutes/15
Nginx deny rules /nginx/minutes/15
iptables shell script /iptables/minutes/15
Palo Alto external dynamic list /paloalto/minutes/15
Windows firewall PowerShell /powershell/minutes/15/firewall.ps1

Example:

https://www.torhound.com/compat/minutes/15

That returns IPs used by Tor exit relays in the last 15 minutes.

Build, Test, Run

go test ./...
go build ./...
TORHOUND_ADDR=:3005 ./torhound

If TORHOUND_ADDR is not set, TorHound listens on :3005.

The tracker refreshes from https://check.torproject.org/exit-addresses every five minutes. It validates IPv4 addresses, stores only normalized IP bytes, and generates deterministic sorted output for downstream configs.

How To Use It

Start the service somewhere your web servers or firewalls can reach:

go build -o torhound .
TORHOUND_ADDR=:3005 ./torhound

Pull a format-specific blocklist by choosing a time window in minutes:

curl -fsS http://localhost:3005/nginx/minutes/1440
curl -fsS http://localhost:3005/iptables/minutes/60 -o tor-iptables.sh
curl -fsS http://localhost:3005/powershell/minutes/1440/firewall.ps1 -o firewall.ps1

For Apache or Nginx, have a scheduled job write the generated config into an included file, then reload the service after a successful download:

*/5 * * * * curl -fsS http://localhost:3005/nginx/minutes/1440 -o /etc/nginx/conf.d/tor.conf && nginx -s reload

For firewall targets, review the generated output first, then wire the same pull pattern into your change-management or scheduled task flow.

Caddy Proxy Example

www.yourdomain.com {
	tls youremail@example.com
	reverse_proxy localhost:3005
}

Notes

The generated files are intended to be pulled by your own cron, scheduler, firewall, or config-management job. Review the output format in a staging environment before wiring it into production reloads.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.