HI everyone , i wish everything going well , today we going to know how to block TOR browser Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships or protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol. you can downlaod TOR browser from the following link [1] after discovering which destination this TOR browser is trying to connect to , we made a list with and and we added it in firewall address list ip firewall address-list add address=98.206.110.253 comment="" disabled=no list=TOR-SERVERS add address=80.237.226.75 comment="" disabled=no list=TOR-SERVERS add address=199.48.147.35 comment="" disabled=no list=TOR-SERVERS add address=173.254.192.37 comment="" disabled=no list=TOR-SERVERS add address=88.198.35.251 comment="" disabled=no list=TOR-SERVERS add address=77.247.181.164 comment="" disabled=no list=TOR-SERVERS add address=173.254.192.38 comment="" disabled=no list=TOR-SERVERS add address=192.251.226.205 comment="" disabled=no list=TOR-SERVERS add address=85.112.165.71 comment="" disabled=no list=TOR-SERVERS add address=76.73.48.211 comment="" disabled=no list=TOR-SERVERS add address=217.115.137.222 comment="" disabled=no list=TOR-SERVERS add address=76.73.48.210 comment="" disabled=no list=TOR-SERVERS add address=199.48.147.41 comment="" disabled=no list=TOR-SERVERS add address=83.142.228.14 comment="" disabled=no list=TOR-SERVERS add address=77.247.181.163 comment="" disabled=no list=TOR-SERVERS add address=188.138.82.143 comment="" disabled=no list=TOR-SERVERS add address=77.247.181.165 comment="" disabled=no list=TOR-SERVERS add address=184.172.20.159 comment="" disabled=no list=TOR-SERVERS add address=199.48.147.38 comment="" disabled=no list=TOR-SERVERS add address=173.254.192.36 comment="" disabled=no list=TOR-SERVERS add address=87.225.253.174 comment="" disabled=no list=TOR-SERVERS add address=216.17.108.63 comment="" disabled=no list=TOR-SERVERS add address=137.56.163.46 comment="" disabled=no list=TOR-SERVERS add address=199.48.147.36 comment="" disabled=no list=TOR-SERVERS add address=204.45.133.189 comment="" disabled=no list=TOR-SERVERS add address=91.143.81.16 comment="" disabled=no list=TOR-SERVERS add address=85.228.194.157 comment="" disabled=no list=TOR-SERVERS add address=213.103.195.84 comment="" disabled=no list=TOR-SERVERS add address=137.56.163.64 comment="" disabled=no list=TOR-SERVERS add address=82.94.251.204 comment="" disabled=no list=TOR-SERVERS add address=199.48.147.40 comment="" disabled=no list=TOR-SERVERS
we note also that TOR browser is using port 22 and 443
so now we can match on users that is using TOR browser by the following rules ip firewall mangle add action=add-src-to-address-list address-list="New Tor-Users" \ address-list-timeout=5m chain=prerouting comment="New Tor Version" \ disabled=no dst-port=22 protocol=tcp add action=add-src-to-address-list address-list=Tor-Users \ address-list-timeout=5m chain=prerouting comment="Tor Users" disabled=no \ dst-address-list=TOR-SERVERS dst-port=443 protocol=tcp and then we can block all traffic that is coming from TOR users by the following rules ip firewall filter add action=drop chain=forward comment="Drop new TOR version" disabled=no \ src-address-list="New Tor-Users" add action=drop chain=forward comment="Block TOR browser" disabled=no \ src-address-list=Tor-Users also note that these rules we have applied on Mikrotik ROS 3.30 only , but we think it may work out on newer versions