Torset now rewritten in Rust

Torset is an application I wrote 5 years ago in C++.

It parses a tor microdescriptor file, extracting ip adresses and ports to generate an ipset or an nftables variable allowing you to filter traffic based on whether it goes to/comes from a tor node or not.

I use it to make firewall rules assuring that programs on my system that I want to proxy through tor cannot leak anything to other networks.

It also allows conditional redirection to tor to make a transparent proxy, avoiding double torifying for applications that already use tor.

Torset is a native application so you don't have to install stem (python) on small routers for limiting dependencies and improving performance.

It can be found at: GitHub - najamelan/torset: parse a tor microdescriptor consensus file and generate an ipset or nftables variable


It'll be great if you can also share your experience of the rewrite -- what worked great for you, what didn't :slight_smile:.

@gurry Actually the application is really simple. It gets a string from from the microdescriptor file. This file has a very consistent and simple format, so it's a matter of reading space delimited fields in a line.

Creating the output is a matter of some string concatenation. There is nothing difficult like multithreading or async, ... So the conversion to rust was really straight forward.

I enjoyed being able to use clap to generate the CLI interface. Given that working in Rust is rather productive, I easily expanded the featureset from the C++ version, allowing to choose for ports to be included or not, to take input from STDIN and to specify an output file.

It all went really fast. Of course the standard convenience of having built in unit testing is very pleasant. I found Rust really convenient for this kind of CLI application.

The one area where there's no batteries included is for installation. I used ronn to write my man page in markdown and I used cargo make to copy files on installation to avoid using an old school Makefile. However this does require that people install cargo-make for something that could be done easily in an Not sure what the best option is here.

I just now discover that there is something like cargo-deb for creating debian packages. And cargo-pkgbuild for Arch. And more: cargo-wix for windows installers. Some sort of centralized integrated functionality for this would be pretty cool!


Now stumbled on cargo bundle, which also seems to work on installation. Only seems to do .deb for linux though.