Hi Talk & Operator lists,
First of all apologies for cross posting, I would assume this better firsts the operators list; however that seems such a low volume list, I thought maybe talk would be better. When the ooniprobe app was released for IOS I decided to run it, but the manual triggering made my participation somewhat low.
However despite no RPM's being available, I decided to add ooniprobe to my Tor relay as well. It was a little tricky getting it to work with the Tor running. But now I'm faced with some false positives on the reports and no clear way where to look or check for fixes as they are not actually blocked or filtered.
For the Tor check itself I get: "Evidence of possible censorship / Tor version 0.2.9.10 appears to be blocked." But when I check the Tor "tcp connect" then it's about 50% hit / miss ratio. Even the normal "Web connectivity" fails for https://mail.yahoo.com but when I'm checking manually;
[root@tornode ~]# curl https://mail.yahoo.com
<!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
It seems just fine.
Maybe it's all due to the fact I'm not running ooniprobe as root but as an unprivileged user. This kind of brings me to the next thing. Documentation, I have found the wiki, tickets on Tor's Trac and Issues on github, but it's not clear to me where to find more documentation. The installation guide on the ooni portal doesn't mention whether one should be running as root, or actually suggests not to.
Please advice. Thanks, Stijn
Info about platform: - Centos7 X86_64 - No NAT, Dualstack IPv4/IPv6 - Runs Tor as Relay version 0.2.9.10 - Ooniprobe 2.2.0 installed via pip install github.com/<..>/master.zip - Ooniprobe (and Tor) run each as unprivileged users (other accounts) - Host performs no other tasks/functions - IPtables active, rule based on user: allow all outbound - No oddities in messages,secure,audit etc. - Not sure how to get usefull bits out of measurements.njson; -- happy to be pointed at someplace. As maybe this has where things go wrong.
Hi Stijn,
Stijn Jonker:
First of all apologies for cross posting, I would assume this better firsts the operators list; however that seems such a low volume list, I thought maybe talk would be better. When the ooniprobe app was released for IOS I decided to run it, but the manual triggering made my participation somewhat low.
However despite no RPM's being available, I decided to add ooniprobe to my Tor relay as well. It was a little tricky getting it to work with the Tor running. But now I'm faced with some false positives on the reports and no clear way where to look or check for fixes as they are not actually blocked or filtered.
Just a warning: Since many websites and internet resources are using automated IP blocklists or software that filters and bans Tor relays, it may not be such a good idea to run ooniprobe on a Tor relay. tha could possible explain some of the false positives that you experience with ooniprobe.
For the Tor check itself I get: "Evidence of possible censorship / Tor version 0.2.9.10 appears to be blocked." But when I check the Tor "tcp connect" then it's about 50% hit / miss ratio. Even the normal "Web connectivity" fails for https://mail.yahoo.com but when I'm checking manually;
[root@tornode ~]# curl https://mail.yahoo.com
<!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
Can you provide any more details regarding this report?
It seems just fine.
Maybe it's all due to the fact I'm not running ooniprobe as root but as an unprivileged user. This kind of brings me to the next thing. Documentation, I have found the wiki, tickets on Tor's Trac and Issues on github, but it's not clear to me where to find more documentation. The installation guide on the ooni portal doesn't mention whether one should be running as root, or actually suggests not to.
Do you see any warnings or error messages in your ooniprobe log file?
Info about platform:
- Centos7 X86_64
- No NAT, Dualstack IPv4/IPv6
- Runs Tor as Relay version 0.2.9.10
- Ooniprobe 2.2.0 installed via pip install github.com/<..>/master.zip
Please note that the master git repository branch of ooniprobe may not be production ready and could contain unexpected bugs.
- Ooniprobe (and Tor) run each as unprivileged users (other accounts)
- Host performs no other tasks/functions
- IPtables active, rule based on user: allow all outbound
I hope that your IPtables rules are not interfering with what ooniprobe tests do.
- Not sure how to get usefull bits out of measurements.njson;
-- happy to be pointed at someplace. As maybe this has where things go wrong.
You should start by reading the json report file (measurements.njson) by doing something similar to this: `python -m json.tool measurements.njson`
After finding out how an ooniprobe report file looks like you can parse it further given that you know what you are looking for. You can find documentation regarding the test specifications here: https://github.com/TheTorProject/ooni-spec
Also please have a look at the developer's documentation of ooniprobe: https://ooni.torproject.org/docs/index.html
Additionally you can also read the manual pages here: https://github.com/TheTorProject/ooni-probe/tree/master/docs/source/manual
Hope my response has cleared up the things.
Thanks for running ooniprobe!
Cheers, ~Vasilis
ooni-talk@lists.torproject.org