How to use NetGuard with Orbot?

Today I will try to explain how to use Orbot, for traffic routing through the Tor network, through NetGuard, which provides simple and advanced ways to block access to the internet for certain applications.

Step 1

To do this you will need to install :

This two apps can be downloaded through the F-Droid app, a catalogue of FOSS applications: https://f-droid.org/

Step 2

Open and start Orbot to connect to TOR. In Orbot’s settings (three dots in the top corner), ensure “Start Orbot on Boot” is selected.

Screenshot_20220517_124438_org.torproject.android.jpg Screenshot_20220517_124444_org.torproject.android.jpg

Step 3

Open Netguard, click on the three dots in the top corner and go to Settings > Advanced options and scroll down to activate “Filter traffic” and “Use SOCKS5 proxy”.

For the SOCKS5 Address enter 127.0.0.1 (the default Orbot address) and for the SOCKS5 port enter 9050 (also default in Orbot), these can be changed in Orbot if required for some reason.

Screenshot_20220517_124538_eu.faircode.netguard.jpg Screenshot_20220517_124542_eu.faircode.netguard.jpg

Step 4

Ensure that Orbot is not being filtered by Netguard, otherwise it will just start a feedback loop and no connection will be made.

Go go back to NetGuard main page, search for “Orbot” and deactivate the “Apply rules and conditions” option.

Screenshot_20220517_124608_eu.faircode.netguard.jpg

Step 5

Activate NetGuard (top left corner).

To test if its working, open your normal browser (not Tor Browser) and go to www.dnsleaktest.com or similar to confirm the IP address its showing is the same as Orbot.

Screenshot_20220517_125329_org.mozilla.firefox.jpg Screenshot_20220517_125338_org.mozilla.firefox.jpg

Unfortunately, this setup cannot route UDP requests through Tor, so there will be a DNS leak. However, in NetGuard settings you can change the DNS server to one other than your ISP.