本文主要讲述如何通过 Docker 搭建 Tor 网络网关客户端。

笔者在搭建 Tor 网关时需要用到上一篇文章的 Trojan 客户端 《Docker 中的 Trojan 客户端》，将这篇文章运行的 Docker 容器链接到 Tor 容器中。

1. 通过 git 将项目下载到本地

   git clone https://github.com/tor-on-synology/tor-client-minimal.git
   

2. 同上文一样修改 Dockerfile 文件

3. 构建 Docker 镜像

   docker build -t tor .
   

4. 准备你的 Tor 配置文件

   笔者使用的目录为 /Users/ismdeep/Data/tor-config

   在上述文件夹中写入配置文件 torrc

   ## The directory for keeping all the keys/etc
   DataDirectory /var/lib/tor
   
   ## Socks5Proxy
   Socks5Proxy trojan:1080
   
   ## Tor opens a socks proxy on port 9150
   SocksPort 0.0.0.0:9150
   
   ## Entry policies to allow/deny SOCKS requests based on IP address.
   ## SocksPolicy accept 192.168.1.0/24
   SocksPolicy accept 172.17.0.0/16
   SocksPolicy reject *
   
   ## Logs go to stdout at level "notice"
   Log notice stdout
   
   ControlPort 9051
   
   # Try for at most NUM seconds when building circuits. If the circuit isn't open in that time, give up on it. (Default: 1 minute.)
   CircuitBuildTimeout 5
   # Send a padding cell every N seconds to keep firewalls from closing our connections while Tor is not in use.
   KeepalivePeriod 60
   # Force Tor to consider whether to build a new circuit every NUM seconds.
   NewCircuitPeriod 15
   # How many entry guards should we keep at a time?
   NumEntryGuards 8
   

   解释以上配置文件：

   Socks5Proxy trojan:1080 trojan 为上文中创建的 trojan 容器，在下面创建 Docker 容器时会用到

   SocksPort 0.0.0.0:9150 则监听 9150 端口

5. 创建 Docker 容器并运行

   docker run --name tor --link trojan:trojan -v /Users/ismdeep/Data/tor-config:/etc/tor -p 9150:9150 -d tor