From NeoWiki

This will detail how to setup a Tor hidden service that points to your UnrealIRCd install. I'm only interested in providing Tor users with access to the network/server. I don't really care about UnrealIRCd leaking information which might make the hidden service not so hidden.

Contents 1 Install Tor 2 Configure torrc 3 Configure UnrealIRCd 4 Test the connection

[edit] Install Tor

I'd recommend installing tor using your distribution's package manager because your binaries will be automatically updated (when you run yum update or apt-get update && apt-get upgrade.) Unfortunately, Much of the time binaries released by your distribution will be stale. For this reason (and probably others), the Tor project provides its own binary repositories for Debian, Knoppix, and Ubuntu (apt/deb) as well as Fedora, CentOS, and Suse (yum/rpms.)

If the Tor Project doesn't provide binaries for your OS don't despair, your OS package maintainers might already have packaged it for you. Of course, if the package is out of date you'll need to compile from source to ensure that all security updates are applied. Make sure that if you choose this route you subscribe to Tor's or-announce mailing list to keep on top of all new releases.

Whatever you end up doing, make sure you keep Tor up-to-date or else your box and your connection might be left vulnerable to attack.

[edit] Configure torrc

As described in Configuring Hidden Services for Tor you want to add the following two lines to Tor's main configuration file torrc:

# grep HiddenService < /etc/tor/torrc
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 6667 127.0.0.239:6667

You can change hidden_service to something more descriptive like unreal-hidden-service.

The important thing to note here is that we used 127.0.0.239 (or any unique IP in 127.0.0.0/8) instead of 127.0.0.1 as this will allow UnrealIRCd to track which users are connecting from tor.

Now restart Tor. If you're using Debian and you've installed Debian's Tor package run:

/etc/init.d/tor restart

Tor should have created two files in /var/lib/tor/hidden_service

# ls /var/lib/tor/hidden_service
hostname  private_key

The private_key is a public/private keypair and should be kept secret. Back it up so in case of a server failure you can bring back your hidden service at the same address.

The hostname is your hidden service's .onion address. Share it with anyone you want to connect to your server.

# cat /var/lib/tor/hidden_service/hostname
qnwpupud3hyir6qp.onion

[edit] Configure UnrealIRCd

Now that you've set up Tor you have to setup UnrealIRCd to treat Tor users differently than normal users. Yes, unfortunately we live in an unequal world.

Switch to your UnrealIRCd user. If you've followed the UnrealIRCd article on NeoWiki this user should be ircd. Then switch to the folder with Unreal's configuration.

# su ircd
$ cd ~/Unreal3.2

Add the following to unrealircd.conf:

class tor
{
        maxclients 5; # change this depending on how many Tor users you want to allow
        pingfreq 90;
        sendq 100000;
        recvq 3000;
};
# add this after your *@* allow block
allow {
        ip *@127.0.0.239; # change this depending on what you choose in the above steps
        hostname *@localhost;
        class tor;
        maxperip 5; # remember to change this if you change it from above
        options {
                useip;
        };
};

Save the file and rehash UnrealIRCd with the new configuration.

$ ./unreal rehash

The start/stop/restart/rehash script should exit without error and you should be able to accept connections from Tor users.

[edit] Test the connection

Before you make your .onion url public you should probably check to see that you can connect. See the Connecting through Tor NeoWiki article for more information.