Thanks for reply. I’m not familiar with all process so I search around and have more question:
first check if the proxy is running:
Not sure what to search for. I check this guide and search for the numbers 9050, 9150 and 9151 in netstat output but still am not confident what to look for because netstat output has lots of rows. How do I know Tor proxy is running?
make sure your tools are able to use a SOCKS proxy
1 - When you say tool, you mean the terminal tool I am using, e.g. Curl?
2 - I’m not sure how to check. Some tools maybe have information about SOCKS support, but others do not. What can I do to check a specific tool and connection has Tor protection?
Thank again for you help. A couple more clarifications.
1 - I am running Tor browser and I am not seeing anything from netstat -tln | grep 9050 like:
tcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN
Same is true when I run Tor in iterm tab Strange.
What is full list of possible netstat rows that I need to check to find if Tor is running? Could this be a different problem?
2 - curl is well documented but not all command tools have good documentation. Is possible to check another way if socks is supported by a particular tool even if there is not infomation about it in documentation?
The long and short is apple has a number of safeties build in to filter malicious traffic or software that attempts to redirect connections to legitimate servers for example.
Some commands in terminal are system protected from being tcp wrapped.
It took me a while to figure this out.
Use Mac ports to install the gnu curl and such, and then add the bin directory mac ports uses to your shell profile, and add it to the front of the list in /etc/paths.d, restart your Mac for system changes to take effect. You may need to disable sip for this last part, or chmod 755 to edit the file, but root should be able to do it if all else fails. Which can be enabled in the apple drop down when the directory utility app is open.
The system built curl, wget, etc that reside in protected directories will refuse wrapping. It doesn’t matter what you do. Believe me. I’ve tried. You must use tools you compile yourself, or macports/brew has a clone for. They must be in the system path to be checked first to ensure the command called by shell is in a directory not under the umbrella of SIP.