Hardened Universal Linux Invisibility and Onion System
The name HULIOS is inspired by both Rust, the programming language, and Helios, the Greek god of the sun. It reflects the project's goals of robustness, clarity, and pervasive reach in Linux systems.
A Rust-based transparent Tor proxy that routes all system traffic through the Tor network enhanced security, proper DNS isolation, and modern Linux compatibility.
- Complete Traffic Anonymization - All TCP traffic routed through Tor
- DNS Leak Prevention - System resolver neutralized, DNS forced through Tor
- Default-Deny Firewall - Only Tor user can access the internet
- IPv6 Blocked - Prevents bypass via IPv6
- Tor Crash Monitoring - Alerts if Tor dies unexpectedly
- Aggressive Resolver Handling - Masks systemd-resolved to prevent resurrection
HULIOS implements a strict security model:
- Default-Deny Policy - OUTPUT chain policy is DROP
- Tor-Only Internet Access - Only the
toruser can reach external networks - DNS Ownership -
/etc/resolv.confpoints to localhost, made immutable - No Private Network Bypasses - Router/LAN DNS cannot leak
- Encrypted DNS Blocked - DoT (853) and QUIC (443/UDP) dropped
- IPv6 Killed - All IPv6 traffic blocked at kernel level
- Linux (only tested on Arch)
- Rust 1.70+
- Tor
- iptables (nftables compatible)
- Root privileges
If you are using an AUR helper like paru or yay, you can install HULIOS directly:
# Using paru
paru -S hulios-git
# Using yay
yay -S hulios-git# Clone the repository
git clone https://github.com/ghaziwali/hulios.git
cd hulios
# Build
cargo build --release
# Install (optional)
sudo cp target/release/hulios /usr/local/bin/sudo pacman -S tor iptables resolvectlsudo apt install tor iptables resolvectl# Start HULIOS (routes all traffic through Tor)
sudo hulios start
# Check status and current IP
hulios status
# Restart (get new Tor circuit)
sudo hulios restart
# Stop and restore normal networking
sudo hulios stop
# Flush firewall rules only
sudo hulios flushβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Your System β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Application (curl, browser, etc.) β
β β β
β βΌ β
β βββββββββββββββββββ β
β β System Resolver β βββ /etc/resolv.conf = 127.0.0.1 β
β βββββββββββββββββββ β
β β β
β βΌ β
β βββββββββββββββββββββββββββββββββββββββββββ β
β β iptables NAT β β
β β DNS (port 53) β REDIRECT β 127.0.0.1:9061 (Tor DNS) β
β β TCP β REDIRECT β 127.0.0.1:9051 (Tor Trans) β
β βββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β βββββββββββββββββββββββββββββββββββββββββββ β
β β iptables FILTER β β
β β Policy: DROP (deny-all) β β
β β ACCEPT: loopback, tor user, establishedβ β
β β DROP: everything else β β
β βββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β βββββββββββββββββββ β
β β Tor Process β βββ Tor Network βββ Internet β
β β (user: tor) β β
β βββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Port | Service | Purpose |
|---|---|---|
| 9050 | SOCKSPort | SOCKS5 proxy (optional direct use) |
| 9051 | TransPort | Transparent TCP proxy |
| 9061 | DNSPort | DNS resolution via Tor |
hulios status
# Output:
# [+] Status: true
# [+] Ip: 185.220.101.xxx (Tor exit node)# Terminal 1: Monitor external interface
sudo tcpdump -i wlan0 port 53 -n
# Should show: 0 packets captured
# Terminal 2: Monitor Tor DNS port
sudo tcpdump -i lo port 9061 -n
# Should show: UDP traffic to 127.0.0.1:9061HULIOS uses a temporary Tor configuration at /tmp/hulios_torrc:
RunAsDaemon 1
User tor
DataDirectory /tmp/hulios_tor_data
SOCKSPort 9050
TransPort 9051
DNSPort 9061
VirtualAddrNetwork 10.66.0.0/255.255.0.0
AutomapHostsOnResolve 1
HULIOS sends desktop notifications for:
| Event | Notification |
|---|---|
| Start | "HULIOS Started - All traffic now routed through Tor " |
| Restart | "HULIOS Restarted - Tor connection refreshed " |
| Stop | "HULIOS Stopped - Normal network restored" |
| Tor Crash | " |
Works on both X11 and Wayland (Hyprland, Sway, GNOME, KDE...).
# Check if Tor is running
ps aux | grep tor
# Check if DNSPort is listening
sudo ss -tulpn | grep 9061
# Check Tor logs
cat /tmp/tor_debug.logWait longer (some networks are slow) or check if Tor is blocked:
# View bootstrap progress
tail -f /tmp/tor_debug.logContributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Submit a pull request
MIT License - See LICENSE for details.
This tool is for educational and legitimate privacy purposes only. The authors are not responsible for misuse. Always comply with local laws and terms of service.
- Tor Project for the Tor network
- NIPE as an inspiration