tor-commits June 2014

tor-commits@lists.torproject.org

21 participants
1212 discussions

[ooni-probe/master] Rename ooni manpage to ooniprobe
by art＠torproject.org 26 Jun '14

26 Jun '14

commit bb094ece770273af0dc9a7031961fc4727465e3c Author: Arturo Filastò <art(a)fuffa.org> Date: Thu Jun 26 15:41:43 2014 +0200 Rename ooni manpage to ooniprobe --- data/ooni.1 | 1100 ------------------------------------------------------ data/ooniprobe.1 | 1100 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 1100 insertions(+), 1100 deletions(-) diff --git a/data/ooni.1 b/data/ooni.1 deleted file mode 100644 index 076b31b..0000000 --- a/data/ooni.1 +++ /dev/null @@ -1,1100 +0,0 @@ -.\" Man page generated from reStructuredText. -. -.TH "OONI" "1" "April 29, 2014" "0.1" "OONI" -.SH NAME -ooniprobe - a network censorship measurement tool. -. -.nr rst2man-indent-level 0 -. -.de1 rstReportMargin -\\$1 \\n[an-margin] -level \\n[rst2man-indent-level] -level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] -- -\\n[rst2man-indent0] -\\n[rst2man-indent1] -\\n[rst2man-indent2] -.. -.de1 INDENT -.\" .rstReportMargin pre: -. RS \\$1 -. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] -. nr rst2man-indent-level +1 -.\" .rstReportMargin post: -.. -.de UNINDENT -. RE -.\" indent \\n[an-margin] -.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] -.nr rst2man-indent-level -1 -.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] -.in \\n[rst2man-indent\\n[rst2man-indent-level]]u -.. - -.SH SYNOPSIS -.B ooniprobe -.RB [ \-hnsp ] -.RB [ --version ] -.RB [ --spew ] -.RB [ \-o -.IR reportfile ] -.RB [ \-i -.IR testdeck ] -.RB [ \-c -.IR collector ] -.RB [ \-b -.IR bouncer ] -.RB [ \-l -.IR logfile ] -.RB [ \-O -.IR pcapfile ] -.RB [ \-f -.IR configfile ] -.RB [ \-d -.IR datadir ] -.I "test_name" - -.SH DESCRIPTION -.sp -ooniprobe is tool for performing internet censorship measurements. Our goal is -to achieve a command data format and set of methodologies for conducting -censorship related research. - -.SH OPTIONS - -.TP -.BR \-\^h " or " \-\-help -Display this help and exit. -.TP -.BR \-\^n " or " \-\-no\-collector -Disable reporting the net test results to an oonib collector. -.TP -.BR \-\^s " or " \-\-list -List all of the available net tests. -.TP -.BR \-\^p " or " \-\-printdeck -Print to standard output the specified command line options as an ooniprobe test deck. -.TP -.BR \-\^o " or " \-\-reportfile -Specify the path to report file to write. -.TP -.BR \-\^i " or " \-\-testdeck -Specify as input a test deck: a yaml file containing the tests to run and their -arguments. -.TP -.BR \-\^c " or " \-\-collector -Specify the address of the collector of net test results. It is advisable to -always specify and bouncer and let it return a collector for the test or test -deck you are running. -.TP -.BR \-\^b " or " \-\-bouncer -Address of the bouncer that will inform the probe of which collector to use and -the addresses of test helpers. default: httpo://nkvphnp3p6agi5qq.onion -.TP -.BR \-\^l " or " \-\-logfile -Path to the log file to write -.TP -.BR \-\^O " or " \-\-pcapfile -Path to the pcap file name. -.TP -.BR \-\^f " or " \-\-configfile -Specify a path to the ooniprobe configuration file. -.TP -.BR \-\^d " or " \-\-datadir -Specify a path to the ooniprobe data directory -.TP -.BR \-\-spew -Print an insanely verbose log of everything that happens. -Useful when debugging freezes or locks in complex code. -.TP -.BR \-\-version -Display the ooniprobe version and exit. - -.SH OONIPROBE -.sp -Is the tool that volunteers and researches interested in contributing data to -the project should be running. -.sp -ooniprobe allows the user to select what test should be run and what backend -should be used for storing the test report and/or assisting them in the running -of the test. -.sp -ooniprobe tests are divided into two categories: \fBTraffic Manipulation\fP and -\fBContent Blocking\fP\&. -.sp -\fBTraffic Manipulation\fP tests aim to detect the presence of some sort of -tampering with the internet traffic between the probe and a remote test helper -backend. As such they usually require the selection of a oonib backend -component for running the test. -.sp -\fBContent Blocking\fP are aimed at enumerating the kind of content that is -blocked from the probes network point of view. As such they usually require to -have specified an input list for running the test. -.SS Threat Model -.sp -Our adversary is capable of doing country wide network surveillance and -manipulation of network traffic. -.sp -The goals of our adversary are: -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -Restrict access to certain content, while not degrading overall quality of -the network -.IP \(bu 2 -Monitor the network in a way that they are able to identify misuse of it in -real time -.UNINDENT -.UNINDENT -.UNINDENT -.sp -More specifc to the running of network filtering detection tests: -.INDENT 0.0 -.IP 1. 3 -Detect actors performing censorship detection tests -.IP 2. 3 -Fool people running such tests into believing that the network is -unrestricted - -.UNINDENT -.sp -\fINote\fP that while 2) => 1) it is not true that 1) => 2) as the identification of -such actors does not necessarily have to happen in real time. -While our intention is to minimize the risk of users running OONI probe to be -identified, this comes with a tradeoff in accuracy. It is therefore necessary in -certain tests to trade\-off fingerprintability in favour of tests accuracy. -.sp -This is why we divide tests based on what risk the user running it can face, -allowing the user to freely choose what threat model they wish to adere to. -.SS Installation -.sp -\fBRead this before running ooniprobe!\fP -.sp -Running ooniprobe is a potentially risky activity. This greatly depends on the -jurisdiction in which you are in and which test you are running. It is -technically possible for a person observing your internet connection to be -aware of the fact that you are running ooniprobe. This means that if running -network measurement tests is something considered to be illegal in your country -then you could be spotted. -.sp -Futhermore, ooniprobe takes no precautions to protect the install target machine -from forensics analysis. If the fact that you have installed or used ooni -probe is a liability for you, please be aware of this risk. -.SS Debian based systems -.sp -\fIsudo sh \-c \(aqecho "deb http://deb.ooni.nu/ooni wheezy main" >> /etc/apt/sources.list\(aq\fP -.sp -\fIgpg \-\-keyserver pgp.mit.edu \-\-recv\-key 0x49B8CDF4\fP -.sp -\fIgpg \-\-export 89AB86D4788F3785FE9EDA31F9E2D9B049B8CDF4 | sudo apt\-key add \-\fP -.sp -\fIsudo apt\-get update && sudo apt\-get install ooniprobe\fP -.SS Linux -.sp -We believe that ooniprobe runs reasonably well on Debian GNU/Linux wheezy as -well as versions of Ubuntu such as natty and later releases. Running ooniprobe -without installing it is supported with the following commands: -.sp -\fIgit clone https://git.torproject.org/ooni\-probe.git\fP -.sp -\fIcd ooni\-probe\fP -.sp -\fI\&./setup\-dependencies.sh\fP -.sp -\fIpython setup.py install\fP -.SS Setting up development environment -.sp -On debian based systems this can be done with: -.sp -\fIVsudo apt\-get install libgeoip\-dev python\-virtualenv virtualenvwrapper\fP -.sp -\fImkvirtualenv ooniprobe\fP -.sp -\fIpython setup.py install\fP -.sp -\fIpip install \-r requirements\-dev.txt\fP -.SS Other platforms (with Vagrant) -.sp -\fI\%Install Vagrant\fP -and \fI\%Install Virtualbox\fP -.sp -\fBOn OSX:\fP -.sp -If you don\(aqt have it install \fI\%homebrew\fP -.sp -\fIbrew install git\fP -.sp -\fBOn debian/ubuntu:\fP -.sp -\fIsudo apt\-get install git\fP -.INDENT 0.0 -.IP 1. 3 -Open a Terminal and run: -.UNINDENT -.sp -\fIgit clone https://git.torproject.org/ooni\-probe.git\fP -.sp -\fIcd ooni\-probe/\fP -.sp -\fIvagrant up\fP -.INDENT 0.0 -.IP 2. 3 -Login to the box with: -.UNINDENT -.sp -\fIvagrant ssh\fP -.sp -ooniprobe will be installed in \fI/ooni\fP\&. -.INDENT 0.0 -.IP 3. 3 -You can run tests with: -.UNINDENT -.sp -\fIooniprobe blocking/http_requests \-f /ooni/inputs/input\-pack/alexa\-top\-1k.txt\fP -.SS Using ooniprobe -.sp -\fBNet test\fP is a set of measurements to assess what kind of internet censorship is occurring. -.sp -\fBDecks\fP are collections of ooniprobe nettests with some associated inputs. -.sp -\fBCollector\fP is a service used to report the results of measurements. -.sp -\fBTest helper\fP is a service used by a probe for successfully performing its measurements. -.sp -\fBBouncer\fP is a service used to discover the addresses of test helpers and collectors. -.SS Configuring ooniprobe -.sp -You may edit the configuration for ooniprobe by editing the configuration file -found inside of \fI~/.ooni/ooniprobe.conf\fP\&. -.sp -By default ooniprobe will not include personal identifying information in the -test result, nor create a pcap file. This behavior can be personalized. -.SS Running decks -.sp -You will find all the installed decks inside of \fI/usr/share/ooni/decks\fP\&. -.sp -You may then run a deck by using the command line option \fI\-i\fP: -.sp -As root: -.sp -\fIooniprobe \-i /usr/share/ooni/decks/mlab.deck\fP -.sp -Or as a user: -.sp -\fIooniprobe \-i /usr/share/ooni/decks/mlab_no_root.deck\fP -.sp -Or: -.sp -As root: -.sp -\fIooniprobe \-i /usr/share/ooni/decks/complete.deck\fP -.sp -Or as a user: -.sp -\fIooniprobe \-i /usr/share/ooni/decks/complete_no_root.deck\fP -.sp -The above tests will require around 20\-30 minutes to complete depending on your network speed. -.sp -If you would prefer to run some faster tests you should run: -As root: -.sp -\fIooniprobe \-i /usr/share/ooni/decks/fast.deck\fP -.sp -Or as a user: -.sp -\fIooniprobe \-i /usr/share/ooni/decks/fast_no_root.deck\fP -.SS Running net tests -.sp -You may list all the installed stable net tests with: -.sp -\fIooniprobe \-s\fP -.sp -You may then run a nettest by specifying its name for example: -.sp -\fIooniprobe manipulation/http_header_field_manipulation\fP -.sp -It is also possible to specify inputs to tests as URLs: -.sp -\fIooniprobe blocking/http_requests \-f httpo://ihiderha53f36lsd.onion/input/37e60e13536f6afe47a830bfb6b371b5cf65da66d7ad65137344679b24fdccd1\fP -.sp -You can find the result of the test in your current working directory. -.sp -By default the report result will be collected by the default ooni collector -and the addresses of test helpers will be obtained from the default bouncer. -.sp -You may also specify your own collector or bouncer with the options \fI\-c\fP and -\fI\-b\fP\&. -.SS (Optional) Install obfsproxy -.sp -Install the latest version of obfsproxy for your platform. -.sp -\fI\%Download Obfsproxy\fP -.SS Bridges and obfsproxy bridges -.sp -ooniprobe submits reports to oonib report collectors through Tor to a hidden -service endpoint. By default, ooniprobe uses the installed system Tor, but can -also be configured to launch Tor (see the advanced.start_tor option in -ooniprobe.conf), and ooniprobe supports bridges (and obfsproxy bridges, if -obfsproxy is installed). The tor.bridges option in ooniprobe.conf sets the path -to a file that should contain a set of "bridge" lines (of the same format as -used in torrc, and as returned by \fI\%https://bridges.torproject.org\fP). If obfsproxy -bridges are to be used, the path to the obfsproxy binary must be configured. -See option advanced.obfsproxy_binary, in ooniprobe.conf. -.SS Setting capabilities on your virtualenv python binary -.sp -If your distributation supports capabilities you can avoid needing to run OONI as root: -.sp -\fIsetcap cap_net_admin,cap_net_raw+eip /path/to/your/virtualenv\(aqs/python\fP -.SS Core ooniprobe Tests -.sp -The source for \fI\%Content blocking tests\fP -and \fI\%Traffic Manipulation tests\fP -can be found in the nettests/blocking and nettests/manipulation directories -respectively. -.SS Content Blocking Tests -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fI\%DNSConsistency\fP -.IP \(bu 2 -\fI\%HTTP Requests\fP -.IP \(bu 2 -\fI\%TCP Connect\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS Traffic Manipulation Tests -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fI\%HTTP Invalid Request Line:\fP -.IP \(bu 2 -\fI\%DNS Spoof\fP -.IP \(bu 2 -\fI\%HTTP Header Field Manipulation\fP -.IP \(bu 2 -\fI\%Traceroute\fP -.IP \(bu 2 -\fI\%HTTP Host\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS Other tests -.sp -We also have some other tests that are currently not fully supported or still -being experimented with. -.sp -You can find these in: -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fI\%ooni/nettests/experimental\fP -.UNINDENT -.UNINDENT -.UNINDENT -.sp -Tests that don\(aqt do a measurement but are useful for scanning can be found in: -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fI\%ooni/nettests/scanning\fP -.UNINDENT -.UNINDENT -.UNINDENT -.sp -Tests that involve running third party tools may be found in: -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fI\%ooni/nettests/third_party\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS Reports -.sp -The reports collected by ooniprobe are stored on -\fI\%https://ooni.torproject.org/reports/0.1/\fP \fBCC\fP / -.sp -Where \fBCC\fP is the two letter country code as specified by \fI\%ISO 31666\-2\fP\&. -.sp -For example the reports for Italy (\fBCC\fP is \fBit\fP) of the may be found in: -.sp -\fI\%https://ooni.torproject.org/reports/0.1/IT/\fP -.sp -This directory shall contain the various reports for the test using the -following convention: -.sp -\fBtestName\fP \- \fBdateInISO8601Format\fP \- \fBprobeASNumber\fP .yamloo -.sp -The date is expressed using \fI\%ISO 8601\fP -including seconds and with no \fB:\fP to delimit hours, minutes, days. -.sp -Like so: -.sp -\fBYEAR\fP \- \fBMONTH\fP \- \fBDAY\fP T \fBHOURS\fP \fBMINUTES\fP \fBSECONDS\fP Z -.sp -Look \fI\%here for the up to date list of ISO 8601 country codes\fP -.sp -The time is \fBalways\fP expressed in UTC. -.sp -If a collision is detected then an int (starting with 1) will get appended to -the test. -.sp -For example if two report that are created on the first of January 2012 at Noon -(UTC time) sharp from MIT (AS3) will be stored here: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -https://ooni.torproject.org/reports/0.1/US/2012\-01\-01T120000Z_AS3.yamloo -https://ooni.torproject.org/reports/0.1/US/2012\-01\-01T120000Z_AS3.1.yamloo -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Note: it is highly unlikely that reports get created with the same exact -timestamp from the same exact ASN. If this does happen it could be index of -some malicious report poisoning attack in progress. -.SS Report format version changelog -.sp -In here shall go details about the major changes to the reporting format. -.SS version 0.1 -.sp -Initial format version. -.SS Writing OONI tests -.sp -The OONI testing API is heavily influenced and partially based on the python -\fBunittest\fP module and \fBtwisted.trial\fP\&. -.SS Test Cases -.sp -The atom of OONI Testing is called a Test Case. A test case class may contain -multiple Test Methods. -.INDENT 0.0 -.TP -.B class ooni.nettest.NetTestCase -This is the base of the OONI nettest universe. When you write a nettest -you will subclass this object. -.INDENT 7.0 -.IP \(bu 2 -inputs: can be set to a static set of inputs. All the tests (the methods -starting with the "test" prefix) will be run once per input. At every run -the _input_ attribute of the TestCase instance will be set to the value of -the current iteration over inputs. Any python iterable object can be set -to inputs. -.IP \(bu 2 -inputFile: attribute should be set to an array containing the command line -argument that should be used as the input file. Such array looks like -this: -.INDENT 2.0 -.INDENT 3.5 -\fB["commandlinearg", "c", "default value" "The description"]\fP -.UNINDENT -.UNINDENT -.sp -The second value of such arrray is the shorthand for the command line arg. -The user will then be able to specify inputs to the test via: -.INDENT 2.0 -.INDENT 3.5 -\fBooniprobe mytest.py \-\-commandlinearg path/to/file.txt\fP -.UNINDENT -.UNINDENT -.sp -or -.INDENT 2.0 -.INDENT 3.5 -\fBooniprobe mytest.py \-c path/to/file.txt\fP -.UNINDENT -.UNINDENT -.IP \(bu 2 -inputProcessor: should be set to a function that takes as argument a -filename and it will return the input to be passed to the test -instance. -.IP \(bu 2 -name: should be set to the name of the test. -.IP \(bu 2 -author: should contain the name and contact details for the test author. -The format for such string is as follows: -.INDENT 2.0 -.INDENT 3.5 -\fBThe Name <email(a)example.com>\fP -.UNINDENT -.UNINDENT -.IP \(bu 2 -version: is the version string of the test. -.IP \(bu 2 -requiresRoot: set to True if the test must be run as root. -.IP \(bu 2 -usageOptions: a subclass of twisted.python.usage.Options for processing of command line arguments -.IP \(bu 2 -localOptions: contains the parsed command line arguments. -.UNINDENT -.sp -Quirks: -Every class that is prefixed with test \fImust\fP return a twisted.internet.defer.Deferred. -.UNINDENT -.sp -If the test you plan to write is not listed on the \fI\%Tor OONI trac page\fP, you should -add it to the list and then add a description about it following the \fI\%Test -Template\fP -.sp -Tests are driven by inputs. For every input a new test instance is created, -internally the _setUp method is called that is defined inside of test -templates, then the setUp method that is overwritable by users. -.sp -Gotchas: -\fBnever\fP call reactor.start of reactor.stop inside of your test method and all -will be good. -.SS Inputs -.sp -Inputs are what is given as input to every iteration of the Test Case. -Iflyou have 100 inputs, then every test case will be run 100 times. -.sp -To configure a static set of inputs you should define the -\fBooni.nettest.NetTestCase\fP attribute \fBinputs\fP\&. The test will be -run \fBlen(inputs)\fP times. Any iterable object is a valid \fBinputs\fP -attribute. -.sp -If you would like to have inputs be determined from a user specified input -file, then you must set the \fBinputFile\fP attribute. This is an array that -specifies what command line option may be used to control this value. -.sp -By default the \fBinputProcessor\fP is set to read the file line by line and -strip newline characters. To change this behavior you must set the -\fBinputProcessor\fP attribute to a function that takes as argument a file -descriptor and yield the next item. The default \fBinputProcessor\fP looks like -this: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -def lineByLine(filename): - fp = open(filename) - for x in fp.xreadlines(): - yield x.strip() - fp.close() -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Setup and command line passing -.sp -Tests may define the \fIsetUp\fP method that will be called every time the -Test Case object is instantiated, in here you may place some common logic -to all your Test Methods that should be run before any testing occurs. -.sp -Command line arguments can be parsed thanks to the twisted -\fBtwisted.python.usage.UsageOptions\fP class. -.sp -You will have to subclass this and define the NetTestCase attribute -usageOptions to point to a subclass of this. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -class UsageOptions(usage.Options): - optParameters = [[\(aqbackend\(aq, \(aqb\(aq, \(aqhttp://127.0.0.1:57001\(aq, - \(aqURL of the test backend to use\(aq] - ] - -class MyTestCase(nettest.NetTestCase): - usageOptions = UsageOptions - - inputFile = [\(aqfile\(aq, \(aqf\(aq, None, "Some foo file"] - requiredOptions = [\(aqbackend\(aq] - - def test_my_test(self): - self.localOptions[\(aqbackend\(aq] -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You will then be able to access the parsed command line arguments via the -class attribute localOptions. -.sp -The \fIrequiredOptions\fP attributes specifies an array of parameters that are -required for the test to run properly. -.sp -\fIinputFile\fP is a special class attribute that will be used for processing -of the inputFile. The filename that is read here will be given to the -\fBooni.nettest.NetTestCase.inputProcessor\fP method that will yield, by -default, one line of the file at a time. -.SS Test Methods -.sp -These shall be defined inside of your \fBooni.nettest.NetTestCase\fP -subclass. These will be class methods. -.sp -All class methods that are prefixed with test_ shall be run. Functions -that are relevant to your test should be all lowercase separated by -underscore. -.sp -To add data to the test report you may write directly to the report object -like so: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -def test_my_function(): - result = do_something() - self.report[\(aqsomething\(aq] = result -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -OONI will then handle the writing of the data to the final test report. -.sp -To access the current input you can use the \fBinput\fP attribute, for example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -def test_with_input(): - do_something_with_input(self.input) -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This will at each iteration over the list of inputs do something with the -input. -.SS Test Templates -.sp -Test templates assist you in writing tests. They already contain all the -common functionality that is useful to running a test of that type. They -also take care of writing the data they collect that is relevant to the -test run to the report file. -.sp -Currently implemented test templates are \fBooni.templates.scapyt\fP for -tests based on Scapy, \fBooni.templates.tcpt\fP for tests based on TCP, -\fBooni.templates.httpt\fP for tests based on HTTP, and -\fBooni.templates.dnst\fP for tests based on DNS. -.SS Scapy based tests -.sp -Scapy based tests will be a subclass of \fBooni.templates.scapyt.BaseScapyTest\fP\&. -.sp -It provides a wrapper around the scapy send and receive function that will -write the sent and received packets to the report with sanitization of the -src and destination IP addresses. -.sp -It has the same syntax as the Scapy sr function, except that it will -return a deferred. -.sp -To implement a simple ICMP ping based on this function you can do like so -(Taken from \fBnettest.examples.example_scapyt.ExampleICMPPingScapy\fP) -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -from twisted.python import usage - -from scapy.all import IP, ICMP - -from ooni.templates import scapyt - -class UsageOptions(usage.Options): - optParameters = [[\(aqtarget\(aq, \(aqt\(aq, \(aq127.0.0.1\(aq, "Specify the target to ping"]] - -class ExampleICMPPingScapy(scapyt.BaseScapyTest): - name = "Example ICMP Ping Test" - - usageOptions = UsageOptions - - def test_icmp_ping(self): - def finished(packets): - print packets - answered, unanswered = packets - for snd, rcv in answered: - rcv.show() - - packets = IP(dst=self.localOptions[\(aqtarget\(aq])/ICMP() - d = self.sr(packets) - d.addCallback(finished) - return d -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -The arguments taken by self.sr() are exactly the same as the scapy send and -receive function, the only difference is that instead of using the regular -scapy super socket it uses our twisted driven wrapper around it. -.sp -Alternatively this test can also be written using the -\fBtwisted.defer.inlineCallbacks()\fP decorator, that makes it look more similar to -regular sequential code. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -from twisted.python import usage -from twisted.internet import defer - -from scapy.all import IP, ICMP - -from ooni.templates import scapyt - -class UsageOptions(usage.Options): - optParameters = [[\(aqtarget\(aq, \(aqt\(aq, \(aq127.0.0.1\(aq, "Specify the target to ping"]] - -class ExampleICMPPingScapyYield(scapyt.BaseScapyTest): - name = "Example ICMP Ping Test" - - usageOptions = UsageOptions - - @defer.inlineCallbacks - def test_icmp_ping(self): - packets = IP(dst=self.localOptions[\(aqtarget\(aq])/ICMP() - answered, unanswered = yield self.sr(packets) - for snd, rcv in answered: - rcv.show() -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Report Format -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -########################################### -# OONI Probe Report for Example ICMP Ping Test test -# Thu Nov 22 18:20:43 2012 -########################################### -\-\-\- -{probe_asn: null, probe_cc: null, probe_ip: 127.0.0.1, software_name: ooniprobe, software_version: 0.0.7.1\-alpha, - start_time: 1353601243.0, test_name: Example ICMP Ping Test, test_version: 0.1} -\&... -\-\-\- -input: null -report: - answer_flags: [ipsrc] - answered_packets: - \- \- raw_packet: !!binary | - RQAAHAEdAAAuAbjKCAgICH8AAAEAAAAAAAAAAA== - summary: IP / ICMP 8.8.8.8 > 127.0.0.1 echo\-reply 0 - sent_packets: - \- \- raw_packet: !!binary | - RQAAHAABAABAAevPfwAAAQgICAgIAPf/AAAAAA== - summary: IP / ICMP 127.0.0.1 > 8.8.8.8 echo\-request 0 -test_name: test_icmp_ping -test_started: 1353604843.553605 -\&... -.ft P -.fi -.UNINDENT -.UNINDENT -.SS TCP based tests -.sp -TCP based tests will subclass \fBooni.templates.tcpt.TCPTest\fP\&. -.sp -This test template facilitates the sending of TCP payloads to the wire and -recording the response. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -from twisted.internet.error import ConnectionRefusedError -from ooni.utils import log -from ooni.templates import tcpt - -class ExampleTCPT(tcpt.TCPTest): - def test_hello_world(self): - def got_response(response): - print "Got this data %s" % response - - def connection_failed(failure): - failure.trap(ConnectionRefusedError) - print "Connection Refused" - - self.address = "127.0.0.1" - self.port = 57002 - payload = "Hello World!\en\er" - d = self.sendPayload(payload) - d.addErrback(connection_failed) - d.addCallback(got_response) - return d -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -The possible failures for a TCP connection are: -.sp -\fBtwisted.internet.error.NoRouteError\fP that corresponds to errno.ENETUNREACH -.sp -\fBtwisted.internet.error.ConnectionRefusedError\fP that corresponds to -errno.ECONNREFUSED -.sp -\fBtwisted.internet.error.TCPTimedOutError\fP that corresponds to errno.ETIMEDOUT -.SS Report format -.sp -The basic report of a TCP test looks like the following (this is an report -generated by running the above example against a TCP echo server). -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -########################################### -# OONI Probe Report for Base TCP Test test -# Thu Nov 22 18:18:28 2012 -########################################### -\-\-\- -{probe_asn: null, probe_cc: null, probe_ip: 127.0.0.1, software_name: ooniprobe, software_version: 0.0.7.1\-alpha, - start_time: 1353601108.0, test_name: Base TCP Test, test_version: \(aq0.1\(aq} -\&... -\-\-\- -input: null -report: - errors: [] - received: ["Hello World!\en\er"] - sent: ["Hello World!\en\er"] -test_name: test_hello_world -test_started: 1353604708.705081 -\&... -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -TODO finish this with more details -.SS HTTP based tests -.sp -HTTP based tests will be a subclass of \fBooni.templates.httpt.HTTPTest\fP\&. -.sp -It provides methods \fBooni.templates.httpt.HTTPTest.processResponseBody()\fP and -\fBooni.templates.httpt.HTTPTest.processResponseHeaders()\fP for interacting with the -response body and headers respectively. -.sp -For example, to implement a HTTP test that returns the sha256 hash of the -response body (based on \fBnettests.examples.example_httpt\fP): -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -from ooni.utils import log -from ooni.templates import httpt -from hashlib import sha256 - -class SHA256HTTPBodyTest(httpt.HTTPTest): - name = "ChecksumHTTPBodyTest" - author = "Aaron Gibson" - version = 0.1 - - inputFile = [\(aqurl file\(aq, \(aqf\(aq, None, - \(aqList of URLS to perform GET requests to\(aq] - requiredOptions = [\(aqurl file\(aq] - - def test_http(self): - if self.input: - url = self.input - return self.doRequest(url) - else: - raise Exception("No input specified") - - def processResponseBody(self, body): - body_sha256sum = sha256(body).hexdigest() - self.report[\(aqchecksum\(aq] = body_sha256sum -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Report format -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -########################################### -# OONI Probe Report for ChecksumHTTPBodyTest test -# Thu Dec 6 17:31:57 2012 -########################################### -\-\-\- -options: - collector: null - help: 0 - logfile: null - pcapfile: null - reportfile: null - resume: 0 - subargs: [\-f, hosts] - test: nettests/examples/example_http_checksum.py -probe_asn: null -probe_cc: null -probe_ip: 127.0.0.1 -software_name: ooniprobe -software_version: 0.0.7.1\-alpha -start_time: 1354786317.0 -test_name: ChecksumHTTPBodyTest -test_version: 0.1 -\&... -\-\-\- -input: http://www.google.com -report: - agent: agent - checksum: d630fa2efd547d3656e349e96ff7af5496889dad959e8e29212af1ff843e7aa1 - requests: - \- request: - body: null - headers: - \- \- User\-Agent - \- \- [Opera/9.00 (Windows NT 5.1; U; en), \(aqOpera 9.0, Windows XP\(aq] - method: GET - url: http://www.google.com - response: - body: \(aq<!doctype html><html ... snip ... </html>\(aq - code: 200 - headers: - \- \- X\-XSS\-Protection - \- [1; mode=block] - \- \- Set\-Cookie - \- [\(aqPREF=ID=fada4216eb3684f9:FF=0:TM=1354800717:LM=1354800717:S=IT\-2GCkNAocyXlVa; - expires=Sat, 06\-Dec\-2014 13:31:57 GMT; path=/; domain=.google.com\(aq, \(aqNID=66=KWaLbNQumuGuYf0HrWlGm54u9l\-DKJwhFCMQXfhQPZM\-qniRhmF6QRGXUKXb_8CIUuCOHnyoC5oAX5jWNrsfk\-LLJLW530UiMp6hemTtDMh_e6GSiEB4GR3yOP_E0TCN; - expires=Fri, 07\-Jun\-2013 13:31:57 GMT; path=/; domain=.google.com; HttpOnly\(aq] - \- \- Expires - \- [\(aq\-1\(aq] - \- \- Server - \- [gws] - \- \- Connection - \- [close] - \- \- Cache\-Control - \- [\(aqprivate, max\-age=0\(aq] - \- \- Date - \- [\(aqThu, 06 Dec 2012 13:31:57 GMT\(aq] - \- \- P3P - \- [\(aqCP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 - for more info."\(aq] - \- \- Content\-Type - \- [text/html; charset=UTF\-8] - \- \- X\-Frame\-Options - \- [SAMEORIGIN] - socksproxy: null -test_name: test_http -test_runtime: 0.08298492431640625 -test_started: 1354800717.478403 -\&... -.ft P -.fi -.UNINDENT -.UNINDENT -.SS DNS based tests -.sp -DNS based tests will be a subclass of \fBooni.templates.dnst.DNSTest\fP\&. -.sp -It provides methods \fBooni.templates.dnst.DNSTest.performPTRLookup()\fP -and \fBooni.templates.dnst.DNSTest.performALookup()\fP -.sp -For example (taken from \fBnettests.examples.example_dnst\fP): -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -from ooni.templates.dnst import DNSTest - -class ExampleDNSTest(DNSTest): - def test_a_lookup(self): - def gotResult(result): - # Result is an array containing all the A record lookup results - print result - - d = self.performALookup(\(aqtorproject.org\(aq, (\(aq8.8.8.8\(aq, 53)) - d.addCallback(gotResult) - return d -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Report format -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -########################################### -# OONI Probe Report for Base DNS Test test -# Thu Dec 6 17:42:51 2012 -########################################### -\-\-\- -options: - collector: null - help: 0 - logfile: null - pcapfile: null - reportfile: null - resume: 0 - subargs: [] - test: nettests/examples/example_dnst.py -probe_asn: null -probe_cc: null -probe_ip: 127.0.0.1 -software_name: ooniprobe -software_version: 0.0.7.1\-alpha -start_time: 1354786971.0 -test_name: Base DNS Test -test_version: 0.1 -\&... -\-\-\- -input: null -report: - queries: - \- addrs: [82.195.75.101, 86.59.30.40, 38.229.72.14, 38.229.72.16] - answers: - \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=82.195.75.101 - ttl=782>] - \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=86.59.30.40 - ttl=782>] - \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=38.229.72.14 - ttl=782>] - \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=38.229.72.16 - ttl=782>] - query: \(aq[Query(\(aq\(aqtorproject.org\(aq\(aq, 1, 1)]\(aq - query_type: A - resolver: [8.8.8.8, 53] -test_name: test_a_lookup -test_runtime: 0.028924942016601562 -test_started: 1354801371.980114 -\&... -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -For a more complex example, see: \fBnettests.blocking.dnsconsistency\fP - -.SH GLOSSARY -.sp -Here we will summarize some of the jargon that is unique to OONI. -.sp -\fBTest Case\fP: a set of measurements performed on a to be tested network that -are logically grouped together -.sp -\fBReport\fP: is the output of a test run containing all the information that is -require for a researcher to assess what is the output of a test. -.sp -\fBYamlooni\fP: The format we use for Reports, that is based on YAML. -.sp -\fBInput\fP: What is given as input to a TestCase to perform a measurement. -.SH AUTHOR -The Tor Project -.SH COPYRIGHT -2014, The Tor Project -. diff --git a/data/ooniprobe.1 b/data/ooniprobe.1 new file mode 100644 index 0000000..076b31b --- /dev/null +++ b/data/ooniprobe.1 @@ -0,0 +1,1100 @@ +.\" Man page generated from reStructuredText. +. +.TH "OONI" "1" "April 29, 2014" "0.1" "OONI" +.SH NAME +ooniprobe - a network censorship measurement tool. +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. + +.SH SYNOPSIS +.B ooniprobe +.RB [ \-hnsp ] +.RB [ --version ] +.RB [ --spew ] +.RB [ \-o +.IR reportfile ] +.RB [ \-i +.IR testdeck ] +.RB [ \-c +.IR collector ] +.RB [ \-b +.IR bouncer ] +.RB [ \-l +.IR logfile ] +.RB [ \-O +.IR pcapfile ] +.RB [ \-f +.IR configfile ] +.RB [ \-d +.IR datadir ] +.I "test_name" + +.SH DESCRIPTION +.sp +ooniprobe is tool for performing internet censorship measurements. Our goal is +to achieve a command data format and set of methodologies for conducting +censorship related research. + +.SH OPTIONS + +.TP +.BR \-\^h " or " \-\-help +Display this help and exit. +.TP +.BR \-\^n " or " \-\-no\-collector +Disable reporting the net test results to an oonib collector. +.TP +.BR \-\^s " or " \-\-list +List all of the available net tests. +.TP +.BR \-\^p " or " \-\-printdeck +Print to standard output the specified command line options as an ooniprobe test deck. +.TP +.BR \-\^o " or " \-\-reportfile +Specify the path to report file to write. +.TP +.BR \-\^i " or " \-\-testdeck +Specify as input a test deck: a yaml file containing the tests to run and their +arguments. +.TP +.BR \-\^c " or " \-\-collector +Specify the address of the collector of net test results. It is advisable to +always specify and bouncer and let it return a collector for the test or test +deck you are running. +.TP +.BR \-\^b " or " \-\-bouncer +Address of the bouncer that will inform the probe of which collector to use and +the addresses of test helpers. default: httpo://nkvphnp3p6agi5qq.onion +.TP +.BR \-\^l " or " \-\-logfile +Path to the log file to write +.TP +.BR \-\^O " or " \-\-pcapfile +Path to the pcap file name. +.TP +.BR \-\^f " or " \-\-configfile +Specify a path to the ooniprobe configuration file. +.TP +.BR \-\^d " or " \-\-datadir +Specify a path to the ooniprobe data directory +.TP +.BR \-\-spew +Print an insanely verbose log of everything that happens. +Useful when debugging freezes or locks in complex code. +.TP +.BR \-\-version +Display the ooniprobe version and exit. + +.SH OONIPROBE +.sp +Is the tool that volunteers and researches interested in contributing data to +the project should be running. +.sp +ooniprobe allows the user to select what test should be run and what backend +should be used for storing the test report and/or assisting them in the running +of the test. +.sp +ooniprobe tests are divided into two categories: \fBTraffic Manipulation\fP and +\fBContent Blocking\fP\&. +.sp +\fBTraffic Manipulation\fP tests aim to detect the presence of some sort of +tampering with the internet traffic between the probe and a remote test helper +backend. As such they usually require the selection of a oonib backend +component for running the test. +.sp +\fBContent Blocking\fP are aimed at enumerating the kind of content that is +blocked from the probes network point of view. As such they usually require to +have specified an input list for running the test. +.SS Threat Model +.sp +Our adversary is capable of doing country wide network surveillance and +manipulation of network traffic. +.sp +The goals of our adversary are: +.INDENT 0.0 +.INDENT 3.5 +.INDENT 0.0 +.IP \(bu 2 +Restrict access to certain content, while not degrading overall quality of +the network +.IP \(bu 2 +Monitor the network in a way that they are able to identify misuse of it in +real time +.UNINDENT +.UNINDENT +.UNINDENT +.sp +More specifc to the running of network filtering detection tests: +.INDENT 0.0 +.IP 1. 3 +Detect actors performing censorship detection tests +.IP 2. 3 +Fool people running such tests into believing that the network is +unrestricted + +.UNINDENT +.sp +\fINote\fP that while 2) => 1) it is not true that 1) => 2) as the identification of +such actors does not necessarily have to happen in real time. +While our intention is to minimize the risk of users running OONI probe to be +identified, this comes with a tradeoff in accuracy. It is therefore necessary in +certain tests to trade\-off fingerprintability in favour of tests accuracy. +.sp +This is why we divide tests based on what risk the user running it can face, +allowing the user to freely choose what threat model they wish to adere to. +.SS Installation +.sp +\fBRead this before running ooniprobe!\fP +.sp +Running ooniprobe is a potentially risky activity. This greatly depends on the +jurisdiction in which you are in and which test you are running. It is +technically possible for a person observing your internet connection to be +aware of the fact that you are running ooniprobe. This means that if running +network measurement tests is something considered to be illegal in your country +then you could be spotted. +.sp +Futhermore, ooniprobe takes no precautions to protect the install target machine +from forensics analysis. If the fact that you have installed or used ooni +probe is a liability for you, please be aware of this risk. +.SS Debian based systems +.sp +\fIsudo sh \-c \(aqecho "deb http://deb.ooni.nu/ooni wheezy main" >> /etc/apt/sources.list\(aq\fP +.sp +\fIgpg \-\-keyserver pgp.mit.edu \-\-recv\-key 0x49B8CDF4\fP +.sp +\fIgpg \-\-export 89AB86D4788F3785FE9EDA31F9E2D9B049B8CDF4 | sudo apt\-key add \-\fP +.sp +\fIsudo apt\-get update && sudo apt\-get install ooniprobe\fP +.SS Linux +.sp +We believe that ooniprobe runs reasonably well on Debian GNU/Linux wheezy as +well as versions of Ubuntu such as natty and later releases. Running ooniprobe +without installing it is supported with the following commands: +.sp +\fIgit clone https://git.torproject.org/ooni\-probe.git\fP +.sp +\fIcd ooni\-probe\fP +.sp +\fI\&./setup\-dependencies.sh\fP +.sp +\fIpython setup.py install\fP +.SS Setting up development environment +.sp +On debian based systems this can be done with: +.sp +\fIVsudo apt\-get install libgeoip\-dev python\-virtualenv virtualenvwrapper\fP +.sp +\fImkvirtualenv ooniprobe\fP +.sp +\fIpython setup.py install\fP +.sp +\fIpip install \-r requirements\-dev.txt\fP +.SS Other platforms (with Vagrant) +.sp +\fI\%Install Vagrant\fP +and \fI\%Install Virtualbox\fP +.sp +\fBOn OSX:\fP +.sp +If you don\(aqt have it install \fI\%homebrew\fP +.sp +\fIbrew install git\fP +.sp +\fBOn debian/ubuntu:\fP +.sp +\fIsudo apt\-get install git\fP +.INDENT 0.0 +.IP 1. 3 +Open a Terminal and run: +.UNINDENT +.sp +\fIgit clone https://git.torproject.org/ooni\-probe.git\fP +.sp +\fIcd ooni\-probe/\fP +.sp +\fIvagrant up\fP +.INDENT 0.0 +.IP 2. 3 +Login to the box with: +.UNINDENT +.sp +\fIvagrant ssh\fP +.sp +ooniprobe will be installed in \fI/ooni\fP\&. +.INDENT 0.0 +.IP 3. 3 +You can run tests with: +.UNINDENT +.sp +\fIooniprobe blocking/http_requests \-f /ooni/inputs/input\-pack/alexa\-top\-1k.txt\fP +.SS Using ooniprobe +.sp +\fBNet test\fP is a set of measurements to assess what kind of internet censorship is occurring. +.sp +\fBDecks\fP are collections of ooniprobe nettests with some associated inputs. +.sp +\fBCollector\fP is a service used to report the results of measurements. +.sp +\fBTest helper\fP is a service used by a probe for successfully performing its measurements. +.sp +\fBBouncer\fP is a service used to discover the addresses of test helpers and collectors. +.SS Configuring ooniprobe +.sp +You may edit the configuration for ooniprobe by editing the configuration file +found inside of \fI~/.ooni/ooniprobe.conf\fP\&. +.sp +By default ooniprobe will not include personal identifying information in the +test result, nor create a pcap file. This behavior can be personalized. +.SS Running decks +.sp +You will find all the installed decks inside of \fI/usr/share/ooni/decks\fP\&. +.sp +You may then run a deck by using the command line option \fI\-i\fP: +.sp +As root: +.sp +\fIooniprobe \-i /usr/share/ooni/decks/mlab.deck\fP +.sp +Or as a user: +.sp +\fIooniprobe \-i /usr/share/ooni/decks/mlab_no_root.deck\fP +.sp +Or: +.sp +As root: +.sp +\fIooniprobe \-i /usr/share/ooni/decks/complete.deck\fP +.sp +Or as a user: +.sp +\fIooniprobe \-i /usr/share/ooni/decks/complete_no_root.deck\fP +.sp +The above tests will require around 20\-30 minutes to complete depending on your network speed. +.sp +If you would prefer to run some faster tests you should run: +As root: +.sp +\fIooniprobe \-i /usr/share/ooni/decks/fast.deck\fP +.sp +Or as a user: +.sp +\fIooniprobe \-i /usr/share/ooni/decks/fast_no_root.deck\fP +.SS Running net tests +.sp +You may list all the installed stable net tests with: +.sp +\fIooniprobe \-s\fP +.sp +You may then run a nettest by specifying its name for example: +.sp +\fIooniprobe manipulation/http_header_field_manipulation\fP +.sp +It is also possible to specify inputs to tests as URLs: +.sp +\fIooniprobe blocking/http_requests \-f httpo://ihiderha53f36lsd.onion/input/37e60e13536f6afe47a830bfb6b371b5cf65da66d7ad65137344679b24fdccd1\fP +.sp +You can find the result of the test in your current working directory. +.sp +By default the report result will be collected by the default ooni collector +and the addresses of test helpers will be obtained from the default bouncer. +.sp +You may also specify your own collector or bouncer with the options \fI\-c\fP and +\fI\-b\fP\&. +.SS (Optional) Install obfsproxy +.sp +Install the latest version of obfsproxy for your platform. +.sp +\fI\%Download Obfsproxy\fP +.SS Bridges and obfsproxy bridges +.sp +ooniprobe submits reports to oonib report collectors through Tor to a hidden +service endpoint. By default, ooniprobe uses the installed system Tor, but can +also be configured to launch Tor (see the advanced.start_tor option in +ooniprobe.conf), and ooniprobe supports bridges (and obfsproxy bridges, if +obfsproxy is installed). The tor.bridges option in ooniprobe.conf sets the path +to a file that should contain a set of "bridge" lines (of the same format as +used in torrc, and as returned by \fI\%https://bridges.torproject.org\fP). If obfsproxy +bridges are to be used, the path to the obfsproxy binary must be configured. +See option advanced.obfsproxy_binary, in ooniprobe.conf. +.SS Setting capabilities on your virtualenv python binary +.sp +If your distributation supports capabilities you can avoid needing to run OONI as root: +.sp +\fIsetcap cap_net_admin,cap_net_raw+eip /path/to/your/virtualenv\(aqs/python\fP +.SS Core ooniprobe Tests +.sp +The source for \fI\%Content blocking tests\fP +and \fI\%Traffic Manipulation tests\fP +can be found in the nettests/blocking and nettests/manipulation directories +respectively. +.SS Content Blocking Tests +.INDENT 0.0 +.INDENT 3.5 +.INDENT 0.0 +.IP \(bu 2 +\fI\%DNSConsistency\fP +.IP \(bu 2 +\fI\%HTTP Requests\fP +.IP \(bu 2 +\fI\%TCP Connect\fP +.UNINDENT +.UNINDENT +.UNINDENT +.SS Traffic Manipulation Tests +.INDENT 0.0 +.INDENT 3.5 +.INDENT 0.0 +.IP \(bu 2 +\fI\%HTTP Invalid Request Line:\fP +.IP \(bu 2 +\fI\%DNS Spoof\fP +.IP \(bu 2 +\fI\%HTTP Header Field Manipulation\fP +.IP \(bu 2 +\fI\%Traceroute\fP +.IP \(bu 2 +\fI\%HTTP Host\fP +.UNINDENT +.UNINDENT +.UNINDENT +.SS Other tests +.sp +We also have some other tests that are currently not fully supported or still +being experimented with. +.sp +You can find these in: +.INDENT 0.0 +.INDENT 3.5 +.INDENT 0.0 +.IP \(bu 2 +\fI\%ooni/nettests/experimental\fP +.UNINDENT +.UNINDENT +.UNINDENT +.sp +Tests that don\(aqt do a measurement but are useful for scanning can be found in: +.INDENT 0.0 +.INDENT 3.5 +.INDENT 0.0 +.IP \(bu 2 +\fI\%ooni/nettests/scanning\fP +.UNINDENT +.UNINDENT +.UNINDENT +.sp +Tests that involve running third party tools may be found in: +.INDENT 0.0 +.INDENT 3.5 +.INDENT 0.0 +.IP \(bu 2 +\fI\%ooni/nettests/third_party\fP +.UNINDENT +.UNINDENT +.UNINDENT +.SS Reports +.sp +The reports collected by ooniprobe are stored on +\fI\%https://ooni.torproject.org/reports/0.1/\fP \fBCC\fP / +.sp +Where \fBCC\fP is the two letter country code as specified by \fI\%ISO 31666\-2\fP\&. +.sp +For example the reports for Italy (\fBCC\fP is \fBit\fP) of the may be found in: +.sp +\fI\%https://ooni.torproject.org/reports/0.1/IT/\fP +.sp +This directory shall contain the various reports for the test using the +following convention: +.sp +\fBtestName\fP \- \fBdateInISO8601Format\fP \- \fBprobeASNumber\fP .yamloo +.sp +The date is expressed using \fI\%ISO 8601\fP +including seconds and with no \fB:\fP to delimit hours, minutes, days. +.sp +Like so: +.sp +\fBYEAR\fP \- \fBMONTH\fP \- \fBDAY\fP T \fBHOURS\fP \fBMINUTES\fP \fBSECONDS\fP Z +.sp +Look \fI\%here for the up to date list of ISO 8601 country codes\fP +.sp +The time is \fBalways\fP expressed in UTC. +.sp +If a collision is detected then an int (starting with 1) will get appended to +the test. +.sp +For example if two report that are created on the first of January 2012 at Noon +(UTC time) sharp from MIT (AS3) will be stored here: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +https://ooni.torproject.org/reports/0.1/US/2012\-01\-01T120000Z_AS3.yamloo +https://ooni.torproject.org/reports/0.1/US/2012\-01\-01T120000Z_AS3.1.yamloo +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +Note: it is highly unlikely that reports get created with the same exact +timestamp from the same exact ASN. If this does happen it could be index of +some malicious report poisoning attack in progress. +.SS Report format version changelog +.sp +In here shall go details about the major changes to the reporting format. +.SS version 0.1 +.sp +Initial format version. +.SS Writing OONI tests +.sp +The OONI testing API is heavily influenced and partially based on the python +\fBunittest\fP module and \fBtwisted.trial\fP\&. +.SS Test Cases +.sp +The atom of OONI Testing is called a Test Case. A test case class may contain +multiple Test Methods. +.INDENT 0.0 +.TP +.B class ooni.nettest.NetTestCase +This is the base of the OONI nettest universe. When you write a nettest +you will subclass this object. +.INDENT 7.0 +.IP \(bu 2 +inputs: can be set to a static set of inputs. All the tests (the methods +starting with the "test" prefix) will be run once per input. At every run +the _input_ attribute of the TestCase instance will be set to the value of +the current iteration over inputs. Any python iterable object can be set +to inputs. +.IP \(bu 2 +inputFile: attribute should be set to an array containing the command line +argument that should be used as the input file. Such array looks like +this: +.INDENT 2.0 +.INDENT 3.5 +\fB["commandlinearg", "c", "default value" "The description"]\fP +.UNINDENT +.UNINDENT +.sp +The second value of such arrray is the shorthand for the command line arg. +The user will then be able to specify inputs to the test via: +.INDENT 2.0 +.INDENT 3.5 +\fBooniprobe mytest.py \-\-commandlinearg path/to/file.txt\fP +.UNINDENT +.UNINDENT +.sp +or +.INDENT 2.0 +.INDENT 3.5 +\fBooniprobe mytest.py \-c path/to/file.txt\fP +.UNINDENT +.UNINDENT +.IP \(bu 2 +inputProcessor: should be set to a function that takes as argument a +filename and it will return the input to be passed to the test +instance. +.IP \(bu 2 +name: should be set to the name of the test. +.IP \(bu 2 +author: should contain the name and contact details for the test author. +The format for such string is as follows: +.INDENT 2.0 +.INDENT 3.5 +\fBThe Name <email(a)example.com>\fP +.UNINDENT +.UNINDENT +.IP \(bu 2 +version: is the version string of the test. +.IP \(bu 2 +requiresRoot: set to True if the test must be run as root. +.IP \(bu 2 +usageOptions: a subclass of twisted.python.usage.Options for processing of command line arguments +.IP \(bu 2 +localOptions: contains the parsed command line arguments. +.UNINDENT +.sp +Quirks: +Every class that is prefixed with test \fImust\fP return a twisted.internet.defer.Deferred. +.UNINDENT +.sp +If the test you plan to write is not listed on the \fI\%Tor OONI trac page\fP, you should +add it to the list and then add a description about it following the \fI\%Test +Template\fP +.sp +Tests are driven by inputs. For every input a new test instance is created, +internally the _setUp method is called that is defined inside of test +templates, then the setUp method that is overwritable by users. +.sp +Gotchas: +\fBnever\fP call reactor.start of reactor.stop inside of your test method and all +will be good. +.SS Inputs +.sp +Inputs are what is given as input to every iteration of the Test Case. +Iflyou have 100 inputs, then every test case will be run 100 times. +.sp +To configure a static set of inputs you should define the +\fBooni.nettest.NetTestCase\fP attribute \fBinputs\fP\&. The test will be +run \fBlen(inputs)\fP times. Any iterable object is a valid \fBinputs\fP +attribute. +.sp +If you would like to have inputs be determined from a user specified input +file, then you must set the \fBinputFile\fP attribute. This is an array that +specifies what command line option may be used to control this value. +.sp +By default the \fBinputProcessor\fP is set to read the file line by line and +strip newline characters. To change this behavior you must set the +\fBinputProcessor\fP attribute to a function that takes as argument a file +descriptor and yield the next item. The default \fBinputProcessor\fP looks like +this: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +def lineByLine(filename): + fp = open(filename) + for x in fp.xreadlines(): + yield x.strip() + fp.close() +.ft P +.fi +.UNINDENT +.UNINDENT +.SS Setup and command line passing +.sp +Tests may define the \fIsetUp\fP method that will be called every time the +Test Case object is instantiated, in here you may place some common logic +to all your Test Methods that should be run before any testing occurs. +.sp +Command line arguments can be parsed thanks to the twisted +\fBtwisted.python.usage.UsageOptions\fP class. +.sp +You will have to subclass this and define the NetTestCase attribute +usageOptions to point to a subclass of this. +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +class UsageOptions(usage.Options): + optParameters = [[\(aqbackend\(aq, \(aqb\(aq, \(aqhttp://127.0.0.1:57001\(aq, + \(aqURL of the test backend to use\(aq] + ] + +class MyTestCase(nettest.NetTestCase): + usageOptions = UsageOptions + + inputFile = [\(aqfile\(aq, \(aqf\(aq, None, "Some foo file"] + requiredOptions = [\(aqbackend\(aq] + + def test_my_test(self): + self.localOptions[\(aqbackend\(aq] +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +You will then be able to access the parsed command line arguments via the +class attribute localOptions. +.sp +The \fIrequiredOptions\fP attributes specifies an array of parameters that are +required for the test to run properly. +.sp +\fIinputFile\fP is a special class attribute that will be used for processing +of the inputFile. The filename that is read here will be given to the +\fBooni.nettest.NetTestCase.inputProcessor\fP method that will yield, by +default, one line of the file at a time. +.SS Test Methods +.sp +These shall be defined inside of your \fBooni.nettest.NetTestCase\fP +subclass. These will be class methods. +.sp +All class methods that are prefixed with test_ shall be run. Functions +that are relevant to your test should be all lowercase separated by +underscore. +.sp +To add data to the test report you may write directly to the report object +like so: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +def test_my_function(): + result = do_something() + self.report[\(aqsomething\(aq] = result +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +OONI will then handle the writing of the data to the final test report. +.sp +To access the current input you can use the \fBinput\fP attribute, for example: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +def test_with_input(): + do_something_with_input(self.input) +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +This will at each iteration over the list of inputs do something with the +input. +.SS Test Templates +.sp +Test templates assist you in writing tests. They already contain all the +common functionality that is useful to running a test of that type. They +also take care of writing the data they collect that is relevant to the +test run to the report file. +.sp +Currently implemented test templates are \fBooni.templates.scapyt\fP for +tests based on Scapy, \fBooni.templates.tcpt\fP for tests based on TCP, +\fBooni.templates.httpt\fP for tests based on HTTP, and +\fBooni.templates.dnst\fP for tests based on DNS. +.SS Scapy based tests +.sp +Scapy based tests will be a subclass of \fBooni.templates.scapyt.BaseScapyTest\fP\&. +.sp +It provides a wrapper around the scapy send and receive function that will +write the sent and received packets to the report with sanitization of the +src and destination IP addresses. +.sp +It has the same syntax as the Scapy sr function, except that it will +return a deferred. +.sp +To implement a simple ICMP ping based on this function you can do like so +(Taken from \fBnettest.examples.example_scapyt.ExampleICMPPingScapy\fP) +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +from twisted.python import usage + +from scapy.all import IP, ICMP + +from ooni.templates import scapyt + +class UsageOptions(usage.Options): + optParameters = [[\(aqtarget\(aq, \(aqt\(aq, \(aq127.0.0.1\(aq, "Specify the target to ping"]] + +class ExampleICMPPingScapy(scapyt.BaseScapyTest): + name = "Example ICMP Ping Test" + + usageOptions = UsageOptions + + def test_icmp_ping(self): + def finished(packets): + print packets + answered, unanswered = packets + for snd, rcv in answered: + rcv.show() + + packets = IP(dst=self.localOptions[\(aqtarget\(aq])/ICMP() + d = self.sr(packets) + d.addCallback(finished) + return d +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +The arguments taken by self.sr() are exactly the same as the scapy send and +receive function, the only difference is that instead of using the regular +scapy super socket it uses our twisted driven wrapper around it. +.sp +Alternatively this test can also be written using the +\fBtwisted.defer.inlineCallbacks()\fP decorator, that makes it look more similar to +regular sequential code. +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +from twisted.python import usage +from twisted.internet import defer + +from scapy.all import IP, ICMP + +from ooni.templates import scapyt + +class UsageOptions(usage.Options): + optParameters = [[\(aqtarget\(aq, \(aqt\(aq, \(aq127.0.0.1\(aq, "Specify the target to ping"]] + +class ExampleICMPPingScapyYield(scapyt.BaseScapyTest): + name = "Example ICMP Ping Test" + + usageOptions = UsageOptions + + @defer.inlineCallbacks + def test_icmp_ping(self): + packets = IP(dst=self.localOptions[\(aqtarget\(aq])/ICMP() + answered, unanswered = yield self.sr(packets) + for snd, rcv in answered: + rcv.show() +.ft P +.fi +.UNINDENT +.UNINDENT +.SS Report Format +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +########################################### +# OONI Probe Report for Example ICMP Ping Test test +# Thu Nov 22 18:20:43 2012 +########################################### +\-\-\- +{probe_asn: null, probe_cc: null, probe_ip: 127.0.0.1, software_name: ooniprobe, software_version: 0.0.7.1\-alpha, + start_time: 1353601243.0, test_name: Example ICMP Ping Test, test_version: 0.1} +\&... +\-\-\- +input: null +report: + answer_flags: [ipsrc] + answered_packets: + \- \- raw_packet: !!binary | + RQAAHAEdAAAuAbjKCAgICH8AAAEAAAAAAAAAAA== + summary: IP / ICMP 8.8.8.8 > 127.0.0.1 echo\-reply 0 + sent_packets: + \- \- raw_packet: !!binary | + RQAAHAABAABAAevPfwAAAQgICAgIAPf/AAAAAA== + summary: IP / ICMP 127.0.0.1 > 8.8.8.8 echo\-request 0 +test_name: test_icmp_ping +test_started: 1353604843.553605 +\&... +.ft P +.fi +.UNINDENT +.UNINDENT +.SS TCP based tests +.sp +TCP based tests will subclass \fBooni.templates.tcpt.TCPTest\fP\&. +.sp +This test template facilitates the sending of TCP payloads to the wire and +recording the response. +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +from twisted.internet.error import ConnectionRefusedError +from ooni.utils import log +from ooni.templates import tcpt + +class ExampleTCPT(tcpt.TCPTest): + def test_hello_world(self): + def got_response(response): + print "Got this data %s" % response + + def connection_failed(failure): + failure.trap(ConnectionRefusedError) + print "Connection Refused" + + self.address = "127.0.0.1" + self.port = 57002 + payload = "Hello World!\en\er" + d = self.sendPayload(payload) + d.addErrback(connection_failed) + d.addCallback(got_response) + return d +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +The possible failures for a TCP connection are: +.sp +\fBtwisted.internet.error.NoRouteError\fP that corresponds to errno.ENETUNREACH +.sp +\fBtwisted.internet.error.ConnectionRefusedError\fP that corresponds to +errno.ECONNREFUSED +.sp +\fBtwisted.internet.error.TCPTimedOutError\fP that corresponds to errno.ETIMEDOUT +.SS Report format +.sp +The basic report of a TCP test looks like the following (this is an report +generated by running the above example against a TCP echo server). +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +########################################### +# OONI Probe Report for Base TCP Test test +# Thu Nov 22 18:18:28 2012 +########################################### +\-\-\- +{probe_asn: null, probe_cc: null, probe_ip: 127.0.0.1, software_name: ooniprobe, software_version: 0.0.7.1\-alpha, + start_time: 1353601108.0, test_name: Base TCP Test, test_version: \(aq0.1\(aq} +\&... +\-\-\- +input: null +report: + errors: [] + received: ["Hello World!\en\er"] + sent: ["Hello World!\en\er"] +test_name: test_hello_world +test_started: 1353604708.705081 +\&... +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +TODO finish this with more details +.SS HTTP based tests +.sp +HTTP based tests will be a subclass of \fBooni.templates.httpt.HTTPTest\fP\&. +.sp +It provides methods \fBooni.templates.httpt.HTTPTest.processResponseBody()\fP and +\fBooni.templates.httpt.HTTPTest.processResponseHeaders()\fP for interacting with the +response body and headers respectively. +.sp +For example, to implement a HTTP test that returns the sha256 hash of the +response body (based on \fBnettests.examples.example_httpt\fP): +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +from ooni.utils import log +from ooni.templates import httpt +from hashlib import sha256 + +class SHA256HTTPBodyTest(httpt.HTTPTest): + name = "ChecksumHTTPBodyTest" + author = "Aaron Gibson" + version = 0.1 + + inputFile = [\(aqurl file\(aq, \(aqf\(aq, None, + \(aqList of URLS to perform GET requests to\(aq] + requiredOptions = [\(aqurl file\(aq] + + def test_http(self): + if self.input: + url = self.input + return self.doRequest(url) + else: + raise Exception("No input specified") + + def processResponseBody(self, body): + body_sha256sum = sha256(body).hexdigest() + self.report[\(aqchecksum\(aq] = body_sha256sum +.ft P +.fi +.UNINDENT +.UNINDENT +.SS Report format +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +########################################### +# OONI Probe Report for ChecksumHTTPBodyTest test +# Thu Dec 6 17:31:57 2012 +########################################### +\-\-\- +options: + collector: null + help: 0 + logfile: null + pcapfile: null + reportfile: null + resume: 0 + subargs: [\-f, hosts] + test: nettests/examples/example_http_checksum.py +probe_asn: null +probe_cc: null +probe_ip: 127.0.0.1 +software_name: ooniprobe +software_version: 0.0.7.1\-alpha +start_time: 1354786317.0 +test_name: ChecksumHTTPBodyTest +test_version: 0.1 +\&... +\-\-\- +input: http://www.google.com +report: + agent: agent + checksum: d630fa2efd547d3656e349e96ff7af5496889dad959e8e29212af1ff843e7aa1 + requests: + \- request: + body: null + headers: + \- \- User\-Agent + \- \- [Opera/9.00 (Windows NT 5.1; U; en), \(aqOpera 9.0, Windows XP\(aq] + method: GET + url: http://www.google.com + response: + body: \(aq<!doctype html><html ... snip ... </html>\(aq + code: 200 + headers: + \- \- X\-XSS\-Protection + \- [1; mode=block] + \- \- Set\-Cookie + \- [\(aqPREF=ID=fada4216eb3684f9:FF=0:TM=1354800717:LM=1354800717:S=IT\-2GCkNAocyXlVa; + expires=Sat, 06\-Dec\-2014 13:31:57 GMT; path=/; domain=.google.com\(aq, \(aqNID=66=KWaLbNQumuGuYf0HrWlGm54u9l\-DKJwhFCMQXfhQPZM\-qniRhmF6QRGXUKXb_8CIUuCOHnyoC5oAX5jWNrsfk\-LLJLW530UiMp6hemTtDMh_e6GSiEB4GR3yOP_E0TCN; + expires=Fri, 07\-Jun\-2013 13:31:57 GMT; path=/; domain=.google.com; HttpOnly\(aq] + \- \- Expires + \- [\(aq\-1\(aq] + \- \- Server + \- [gws] + \- \- Connection + \- [close] + \- \- Cache\-Control + \- [\(aqprivate, max\-age=0\(aq] + \- \- Date + \- [\(aqThu, 06 Dec 2012 13:31:57 GMT\(aq] + \- \- P3P + \- [\(aqCP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 + for more info."\(aq] + \- \- Content\-Type + \- [text/html; charset=UTF\-8] + \- \- X\-Frame\-Options + \- [SAMEORIGIN] + socksproxy: null +test_name: test_http +test_runtime: 0.08298492431640625 +test_started: 1354800717.478403 +\&... +.ft P +.fi +.UNINDENT +.UNINDENT +.SS DNS based tests +.sp +DNS based tests will be a subclass of \fBooni.templates.dnst.DNSTest\fP\&. +.sp +It provides methods \fBooni.templates.dnst.DNSTest.performPTRLookup()\fP +and \fBooni.templates.dnst.DNSTest.performALookup()\fP +.sp +For example (taken from \fBnettests.examples.example_dnst\fP): +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +from ooni.templates.dnst import DNSTest + +class ExampleDNSTest(DNSTest): + def test_a_lookup(self): + def gotResult(result): + # Result is an array containing all the A record lookup results + print result + + d = self.performALookup(\(aqtorproject.org\(aq, (\(aq8.8.8.8\(aq, 53)) + d.addCallback(gotResult) + return d +.ft P +.fi +.UNINDENT +.UNINDENT +.SS Report format +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +########################################### +# OONI Probe Report for Base DNS Test test +# Thu Dec 6 17:42:51 2012 +########################################### +\-\-\- +options: + collector: null + help: 0 + logfile: null + pcapfile: null + reportfile: null + resume: 0 + subargs: [] + test: nettests/examples/example_dnst.py +probe_asn: null +probe_cc: null +probe_ip: 127.0.0.1 +software_name: ooniprobe +software_version: 0.0.7.1\-alpha +start_time: 1354786971.0 +test_name: Base DNS Test +test_version: 0.1 +\&... +\-\-\- +input: null +report: + queries: + \- addrs: [82.195.75.101, 86.59.30.40, 38.229.72.14, 38.229.72.16] + answers: + \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=82.195.75.101 + ttl=782>] + \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=86.59.30.40 + ttl=782>] + \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=38.229.72.14 + ttl=782>] + \- [<RR name=torproject.org type=A class=IN ttl=782s auth=False>, <A address=38.229.72.16 + ttl=782>] + query: \(aq[Query(\(aq\(aqtorproject.org\(aq\(aq, 1, 1)]\(aq + query_type: A + resolver: [8.8.8.8, 53] +test_name: test_a_lookup +test_runtime: 0.028924942016601562 +test_started: 1354801371.980114 +\&... +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +For a more complex example, see: \fBnettests.blocking.dnsconsistency\fP + +.SH GLOSSARY +.sp +Here we will summarize some of the jargon that is unique to OONI. +.sp +\fBTest Case\fP: a set of measurements performed on a to be tested network that +are logically grouped together +.sp +\fBReport\fP: is the output of a test run containing all the information that is +require for a researcher to assess what is the output of a test. +.sp +\fBYamlooni\fP: The format we use for Reports, that is based on YAML. +.sp +\fBInput\fP: What is given as input to a TestCase to perform a measurement. +.SH AUTHOR +The Tor Project +.SH COPYRIGHT +2014, The Tor Project +.

1 0

[ooni-probe/master] Make planetlab install script more modular
by art＠torproject.org 26 Jun '14

26 Jun '14

commit 2f8b70f848182b2c5bfb7175cecd3d6502537ea6 Author: Arturo Filastò <art(a)fuffa.org> Date: Sat May 31 17:48:51 2014 +0200 Make planetlab install script more modular Update python url --- scripts/install_on_planetlab.sh | 371 ++++++++++++++++++++++----------------- 1 file changed, 208 insertions(+), 163 deletions(-) diff --git a/scripts/install_on_planetlab.sh b/scripts/install_on_planetlab.sh index b329228..881ab22 100644 --- a/scripts/install_on_planetlab.sh +++ b/scripts/install_on_planetlab.sh @@ -2,171 +2,216 @@ ## You should also create a file from the directory where you run this script ## called torrc with inside the details of the torrc to use. -sudo yum -y groupinstall "Development tools" -sudo yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel libffi-devel screen libeven-devel unzip tor -cd `mktemp -d` - -# Install Python 2.7.6 -curl -o Python-2.7.6.tgz http://legacy.python.org/ftp//python/2.7.6/Python-2.7.6.tgz -tar xzf Python-2.7.6.tgz -cd Python-2.7.6 -./configure --prefix=/usr/local --enable-unicode=ucs4 --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib" -make -sudo make altinstall -sudo ln -sf /usr/local/bin/python2.7 /usr/bin/python -cd .. - -# Install the latest version of libtool -curl -o libtool-2.4.2.tar.gz http://ftpmirror.gnu.org/libtool/libtool-2.4.2.tar.gz -tar xzf libtool-2.4.2.tar.gz -cd libtool-2.4.2 -./configure -make -sudo make install -sudo mv /usr/bin/libtool /usr/bin/libtool.old -sudo ln -s /usr/local/bin/libtool /usr/bin/libtool -cd .. - -# Install the latest version of autoconf -curl -o autoconf-2.69.tar.gz http://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz -tar xzf autoconf-2.69.tar.gz -cd autoconf-2.69 -./configure -make -sudo make install -sudo mv /usr/bin/autoconf /usr/bin/autoconf.old -sudo ln -s /usr/local/bin/autoconf /usr/bin/autoconf -cd .. - -# Install the latest version of automake -curl -o automake-1.14.1.tar.gz http://ftp.gnu.org/gnu/automake/automake-1.14.1.tar.gz -tar xzf automake-1.14.1.tar.gz -cd automake-1.14.1 -./configure -make -sudo make install -sudo mv /usr/bin/automake /usr/bin/automake.old -sudo ln -s /usr/local/bin/automake /usr/bin/automake -cd .. - -# Install latest version of libevent -curl -o libevent-2.0.21-stable.tar.gz https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz -tar xvzf libevent-2.0.21-stable.tar.gz -cd libevent-2.0.21-stable -./autogen.sh -./configure -cp /usr/bin/libtool libtool -make -sudo make install -cd .. - -# Install GMP -curl -o gmp-6.0.0a.tar.bz2 https://gmplib.org/download/gmp/gmp-6.0.0a.tar.bz2 -tar xjpf gmp-6.0.0a.tar.bz2 -cd gmp-6.0.0 -export ABI=32 -./configure --enable-cxx -make -sudo make install -cd .. - -# Install the latest version of Tor -curl -o tor.zip https://github.com/hellais/tor/archive/fix/fedora8.zip -unzip tor.zip -cd tor-fix-fedora8 -./autogen.sh -./configure --disable-asciidoc --with-libevent-dir=/usr/local/lib/ -make -sudo make install -sudo mv /usr/bin/tor /usr/bin/tor.old -sudo ln -s /usr/local/bin/tor /usr/bin/tor -echo "SocksPort 9050" > /usr/local/etc/tor/torrc -cat torrc >> /usr/local/etc/tor/torrc -cat <<EOF > tor.init -RETVAL=0 -prog="tor" - -# Source function library. -. /etc/init.d/functions - - -start() { - echo -n $"Starting \$prog: " - daemon \$prog --runasdaemon 1 && success || failure - RETVAL=\$? - echo - return \$RETVAL +TMP_INSTALL_DIR=`mktemp -d` + +yum_installs() { + sudo yum -y groupinstall "Development tools" && + sudo yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel libffi-devel screen libeven-devel unzip tor +} + +install_python() { + cd $TMP_INSTALL_DIR; + # Install Python 2.7.6 + curl -o Python-2.7.6.tgz https://www.python.org/ftp/python/2.7.6/Python-2.7.6.tgz && + tar xzf Python-2.7.6.tgz && + cd Python-2.7.6 && + ./configure --prefix=/usr/local --enable-unicode=ucs4 --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib" && + make && + sudo make altinstall && + sudo ln -sf /usr/local/bin/python2.7 /usr/bin/python +} + +install_libtool() { + # Install the latest version of libtool + curl -o libtool-2.4.2.tar.gz http://ftpmirror.gnu.org/libtool/libtool-2.4.2.tar.gz && + tar xzf libtool-2.4.2.tar.gz && + cd libtool-2.4.2 && + ./configure && + make && + sudo make install && + sudo mv /usr/bin/libtool /usr/bin/libtool.old && + sudo ln -s /usr/local/bin/libtool /usr/bin/libtool +} + +install_autoconf() { + # Install the latest version of autoconf + curl -o autoconf-2.69.tar.gz http://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz && + tar xzf autoconf-2.69.tar.gz && + cd autoconf-2.69 && + ./configure && + make && + sudo make install && + sudo mv /usr/bin/autoconf /usr/bin/autoconf.old && + sudo ln -s /usr/local/bin/autoconf /usr/bin/autoconf } -stop() { - echo -n $"Stopping \$prog: " - killall \$prog - RETVAL=\$? - echo - return \$RETVAL +install_automake(){ + # Install the latest version of automake + curl -o automake-1.14.1.tar.gz http://ftp.gnu.org/gnu/automake/automake-1.14.1.tar.gz && + tar xzf automake-1.14.1.tar.gz && + cd automake-1.14.1 && + ./configure && + make && + sudo make install && + sudo mv /usr/bin/automake /usr/bin/automake.old && + sudo ln -s /usr/local/bin/automake /usr/bin/automake } -case "\$1" in - start) - start - ;; - stop) +install_libevent(){ + # Install latest version of libevent + curl -o libevent-2.0.21-stable.tar.gz https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz && + tar xvzf libevent-2.0.21-stable.tar.gz && + cd libevent-2.0.21-stable && + ./autogen.sh && + ./configure && + cp /usr/bin/libtool libtool && + make && + sudo make install +} + +install_gmp() { + # Install GMP + curl -o gmp-6.0.0a.tar.bz2 https://gmplib.org/download/gmp/gmp-6.0.0a.tar.bz2 && + tar xjpf gmp-6.0.0a.tar.bz2 && + cd gmp-6.0.0 && + export ABI=32 && + ./configure --enable-cxx && + make && + sudo make install +} + +install_tor() { + # Install the latest version of Tor + curl -o tor.zip https://github.com/hellais/tor/archive/fix/fedora8.zip && + unzip tor.zip && + cd tor-fix-fedora8 && + ./autogen.sh && + ./configure --disable-asciidoc --with-libevent-dir=/usr/local/lib/ && + make && + sudo make install && + sudo mv /usr/bin/tor /usr/bin/tor.old && + sudo ln -s /usr/local/bin/tor /usr/bin/tor && + echo "SocksPort 9050" > /usr/local/etc/tor/torrc && + cat torrc >> /usr/local/etc/tor/torrc && + cat <<EOF > tor.init + RETVAL=0 + prog="tor" + + # Source function library. + . /etc/init.d/functions + + + start() { + echo -n $"Starting \$prog: " + daemon \$prog --runasdaemon 1 && success || failure + RETVAL=\$? + echo + return \$RETVAL + } + + stop() { + echo -n $"Stopping \$prog: " + killall \$prog + RETVAL=\$? + echo + return \$RETVAL + } + + case "\$1" in + start) + start + ;; + stop) + stop + ;; + restart) stop - ;; - restart) - stop - start - ;; - *) - echo $"Usage: \$0 {start|stop|restart}" - RETVAL=3 -esac -exit \$RETVAL -EOF -sudo mv tor.init /etc/init.d/tor -sudo chmod +x /etc/init.d/tor -sudo /etc/init.d/tor restart -cd .. - -# Install libGeoIP -curl -o master.zip https://github.com/maxmind/geoip-api-c/archive/master.zip -unzip master.zip -cd geoip-api-c-master/ -./bootstrap -./configure -make -sudo make install -cd .. - -# Install the latest version of pip -curl -o get-pip.py https://raw.github.com/pypa/pip/master/contrib/get-pip.py -sudo python get-pip.py - -# Install the patched versions of cryptography and pyopenssl -sudo pip install cryptography -sudo pip install https://github.com/pyca/pyopenssl/archive/master.zip - -# Install pluggable transport related stuff -sudo pip install obfsproxy -curl -o 0.2.9.zip https://github.com/kpdyer/fteproxy/archive/0.2.9.zip -unzip 0.2.9.zip -cd fteproxy-0.2.9 -make -sudo cp bin/fteproxy /usr/bin/fteproxy -sudo python setup.py install -cd .. - -# Install ooniprobe and obfsproxy -sudo pip install https://github.com/TheTorProject/ooni-probe/archive/master.zip -/usr/local/bin/ooniprobe - -# Update the Tor running in ooniprobe -cat /usr/share/ooni/ooniprobe.conf.sample | sed s/'start_tor: true'/'start_tor: false'/ | sed s/'#socks_port: 8801'/'socks_port: 9050'/ > ~/.ooni/ooniprobe.conf - -mkdir /home/$USER/bridge_reachability/ - -# Add cronjob to run ooniprobe daily -{ crontab -l; echo "PATH=\$PATH:/usr/local/bin/\n0 0 * * * /usr/local/bin/ooniprobe -c httpo://e2nl5qgtkzp7cibx.onion blocking/bridge_reachability -f /home/$USER/bridge_reachability/bridges.txt -t 300"; } | crontab -sudo /etc/init.d/crond start -sudo /sbin/chkconfig crond on -sudo chmod 777 /var/mail + start + ;; + *) + echo $"Usage: \$0 {start|stop|restart}" + RETVAL=3 + esac + exit \$RETVAL + EOF && + sudo mv tor.init /etc/init.d/tor && + sudo chmod +x /etc/init.d/tor && + sudo /etc/init.d/tor restart + +} + +install_geoip() { + # Install libGeoIP + curl -o master.zip https://github.com/maxmind/geoip-api-c/archive/master.zip && + unzip master.zip && + cd geoip-api-c-master/ && + ./bootstrap && + ./configure && + make && + sudo make install +} + +install_pip() { + # Install the latest version of pip + curl -o get-pip.py https://raw.github.com/pypa/pip/master/contrib/get-pip.py && + sudo python get-pip.py +} + +install_cryptography() { + # Install the patched versions of cryptography and pyopenssl + sudo pip install cryptography && + sudo pip install https://github.com/pyca/pyopenssl/archive/master.zip +} + +install_pluggable_transports() { + # Install pluggable transport related stuff + sudo pip install obfsproxy + curl -o 0.2.9.zip https://github.com/kpdyer/fteproxy/archive/0.2.9.zip + unzip 0.2.9.zip + cd fteproxy-0.2.9 + make + sudo cp bin/fteproxy /usr/bin/fteproxy + sudo python setup.py install +} + +install_ooniprobe() { + # Install ooniprobe and obfsproxy + sudo pip install https://github.com/TheTorProject/ooni-probe/archive/master.zip && + /usr/local/bin/ooniprobe +} + +setup_ooniprobe() { + # Update the Tor running in ooniprobe + cat /usr/share/ooni/ooniprobe.conf.sample | sed s/'start_tor: true'/'start_tor: false'/ | sed s/'#socks_port: 8801'/'socks_port: 9050'/ > ~/.ooni/ooniprobe.conf && + + mkdir /home/$USER/bridge_reachability/ && + + # Add cronjob to run ooniprobe daily + { crontab -l; echo "PATH=\$PATH:/usr/local/bin/\n0 0 * * * /usr/local/bin/ooniprobe -c httpo://e2nl5qgtkzp7cibx.onion blocking/bridge_reachability -f /home/$USER/bridge_reachability/bridges.txt -t 300"; } | crontab && + sudo /etc/init.d/crond start && + sudo /sbin/chkconfig crond on && + sudo chmod 777 /var/mail +} + +run_or_exit() { + cd $TMP_INSTALL_DIR && + echo "[*] Running" $1 && + $1 && + echo "[*] Completed running" $1 || + echo "[!] Failed to run" $1 && exit 1 +} + +run_or_exit yum_installs +run_or_exit install_python +run_or_exit install_libtool +run_or_exit install_autoconf +run_or_exit install_automake +run_or_exit install_libevent +run_or_exit install_gmp +run_or_exit install_tor +run_or_exit install_geoip +run_or_exit install_pip +run_or_exit install_cryptography +run_or_exit install_pluggable_transports +run_or_exit install_ooniprobe +run_or_exit setup_ooniprobe

1 0

[ooni-probe/master] Fix EOF in cat.
by art＠torproject.org 26 Jun '14

26 Jun '14

commit 6f204a5fff204418f62bef1a368bd42795cbed00 Author: Arturo Filastò <art(a)fuffa.org> Date: Sat May 31 17:52:49 2014 +0200 Fix EOF in cat. --- scripts/install_on_planetlab.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_on_planetlab.sh b/scripts/install_on_planetlab.sh index 881ab22..303fed5 100644 --- a/scripts/install_on_planetlab.sh +++ b/scripts/install_on_planetlab.sh @@ -133,7 +133,7 @@ install_tor() { RETVAL=3 esac exit \$RETVAL - EOF && +EOF sudo mv tor.init /etc/init.d/tor && sudo chmod +x /etc/init.d/tor && sudo /etc/init.d/tor restart

1 0

[ooni-probe/master] Parens...
by art＠torproject.org 26 Jun '14

26 Jun '14

commit b42f9d9c4b4a97413940d1400cb7c618185a1033 Author: Arturo Filastò <art(a)fuffa.org> Date: Sat May 31 18:09:38 2014 +0200 Parens... --- scripts/install_on_planetlab.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_on_planetlab.sh b/scripts/install_on_planetlab.sh index 303fed5..97d64f5 100644 --- a/scripts/install_on_planetlab.sh +++ b/scripts/install_on_planetlab.sh @@ -198,7 +198,7 @@ run_or_exit() { echo "[*] Running" $1 && $1 && echo "[*] Completed running" $1 || - echo "[!] Failed to run" $1 && exit 1 + (echo "[!] Failed to run" $1 && exit 1) } run_or_exit yum_installs

1 0

[ooni-probe/master] Check return values inside run_or_exit function.
by art＠torproject.org 26 Jun '14

26 Jun '14

commit 9d1e2abc9977d27c6027e628b3908a49c466c1f4 Author: Arturo Filastò <art(a)fuffa.org> Date: Sat May 31 18:26:53 2014 +0200 Check return values inside run_or_exit function. --- scripts/install_on_planetlab.sh | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/scripts/install_on_planetlab.sh b/scripts/install_on_planetlab.sh index 97d64f5..c140940 100644 --- a/scripts/install_on_planetlab.sh +++ b/scripts/install_on_planetlab.sh @@ -194,11 +194,16 @@ setup_ooniprobe() { } run_or_exit() { + command=$1 cd $TMP_INSTALL_DIR && - echo "[*] Running" $1 && - $1 && - echo "[*] Completed running" $1 || - (echo "[!] Failed to run" $1 && exit 1) + echo "[*] Running" $command + $command + return_value=$? + if [ $return_value -ne 0 ]; then + echo "[!] Failed to run" $command + exit 1 + fi + echo "[*] Completed running" $command } run_or_exit yum_installs

1 0

[ooni-probe/master] Various updates of the planetlab install script.
by art＠torproject.org 26 Jun '14

26 Jun '14

commit 1acf758706765bf0cfacf6575ad715e80b165187 Author: Arturo Filastò <art(a)fuffa.org> Date: Sat May 31 18:30:35 2014 +0200 Various updates of the planetlab install script. * Implement hack to install PyCrypto on fedora. * Follow redirects in curl. --- scripts/install_on_planetlab.sh | 40 +++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/scripts/install_on_planetlab.sh b/scripts/install_on_planetlab.sh index c140940..1ed4032 100644 --- a/scripts/install_on_planetlab.sh +++ b/scripts/install_on_planetlab.sh @@ -12,7 +12,7 @@ yum_installs() { install_python() { cd $TMP_INSTALL_DIR; # Install Python 2.7.6 - curl -o Python-2.7.6.tgz https://www.python.org/ftp/python/2.7.6/Python-2.7.6.tgz && + curl -L -o Python-2.7.6.tgz https://www.python.org/ftp/python/2.7.6/Python-2.7.6.tgz && tar xzf Python-2.7.6.tgz && cd Python-2.7.6 && ./configure --prefix=/usr/local --enable-unicode=ucs4 --enable-shared LDFLAGS="-Wl,-rpath /usr/local/lib" && @@ -23,7 +23,7 @@ install_python() { install_libtool() { # Install the latest version of libtool - curl -o libtool-2.4.2.tar.gz http://ftpmirror.gnu.org/libtool/libtool-2.4.2.tar.gz && + curl -L -o libtool-2.4.2.tar.gz http://ftpmirror.gnu.org/libtool/libtool-2.4.2.tar.gz && tar xzf libtool-2.4.2.tar.gz && cd libtool-2.4.2 && ./configure && @@ -35,7 +35,7 @@ install_libtool() { install_autoconf() { # Install the latest version of autoconf - curl -o autoconf-2.69.tar.gz http://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz && + curl -L -o autoconf-2.69.tar.gz http://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz && tar xzf autoconf-2.69.tar.gz && cd autoconf-2.69 && ./configure && @@ -47,7 +47,7 @@ install_autoconf() { install_automake(){ # Install the latest version of automake - curl -o automake-1.14.1.tar.gz http://ftp.gnu.org/gnu/automake/automake-1.14.1.tar.gz && + curl -L -o automake-1.14.1.tar.gz http://ftp.gnu.org/gnu/automake/automake-1.14.1.tar.gz && tar xzf automake-1.14.1.tar.gz && cd automake-1.14.1 && ./configure && @@ -59,7 +59,7 @@ install_automake(){ install_libevent(){ # Install latest version of libevent - curl -o libevent-2.0.21-stable.tar.gz https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz && + curl -L -o libevent-2.0.21-stable.tar.gz https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz && tar xvzf libevent-2.0.21-stable.tar.gz && cd libevent-2.0.21-stable && ./autogen.sh && @@ -71,7 +71,7 @@ install_libevent(){ install_gmp() { # Install GMP - curl -o gmp-6.0.0a.tar.bz2 https://gmplib.org/download/gmp/gmp-6.0.0a.tar.bz2 && + curl -L -o gmp-6.0.0a.tar.bz2 https://gmplib.org/download/gmp/gmp-6.0.0a.tar.bz2 && tar xjpf gmp-6.0.0a.tar.bz2 && cd gmp-6.0.0 && export ABI=32 && @@ -82,7 +82,7 @@ install_gmp() { install_tor() { # Install the latest version of Tor - curl -o tor.zip https://github.com/hellais/tor/archive/fix/fedora8.zip && + curl -L -o tor.zip https://github.com/hellais/tor/archive/fix/fedora8.zip && unzip tor.zip && cd tor-fix-fedora8 && ./autogen.sh && @@ -91,8 +91,8 @@ install_tor() { sudo make install && sudo mv /usr/bin/tor /usr/bin/tor.old && sudo ln -s /usr/local/bin/tor /usr/bin/tor && - echo "SocksPort 9050" > /usr/local/etc/tor/torrc && - cat torrc >> /usr/local/etc/tor/torrc && + echo "SocksPort 9050" > torrc && + sudo mv torrc /usr/local/etc/tor/torrc && cat <<EOF > tor.init RETVAL=0 prog="tor" @@ -142,7 +142,7 @@ EOF install_geoip() { # Install libGeoIP - curl -o master.zip https://github.com/maxmind/geoip-api-c/archive/master.zip && + curl -L -o master.zip https://github.com/maxmind/geoip-api-c/archive/master.zip && unzip master.zip && cd geoip-api-c-master/ && ./bootstrap && @@ -153,20 +153,23 @@ install_geoip() { install_pip() { # Install the latest version of pip - curl -o get-pip.py https://raw.github.com/pypa/pip/master/contrib/get-pip.py && + curl -L -o get-pip.py https://raw.githubusercontent.com/pypa/pip/master/contrib/get-pip.py && sudo python get-pip.py } install_cryptography() { - # Install the patched versions of cryptography and pyopenssl - sudo pip install cryptography && - sudo pip install https://github.com/pyca/pyopenssl/archive/master.zip + # Install the patched versions of cryptography, pyopenssl and pycrypto + # This is needed to avoid this bug: https://groups.google.com/forum/#!topic/ikarus-users/_R0QHqwyYz8 + export ac_cv_func_malloc_0_nonnull=yes + sudo -E `which pip` install PyCrypto && + sudo `which pip` install cryptography && + sudo `which pip` install https://github.com/pyca/pyopenssl/archive/master.zip } install_pluggable_transports() { # Install pluggable transport related stuff - sudo pip install obfsproxy - curl -o 0.2.9.zip https://github.com/kpdyer/fteproxy/archive/0.2.9.zip + sudo `which pip` install obfsproxy + curl -L -o 0.2.9.zip https://github.com/kpdyer/fteproxy/archive/0.2.9.zip unzip 0.2.9.zip cd fteproxy-0.2.9 make @@ -176,12 +179,13 @@ install_pluggable_transports() { install_ooniprobe() { # Install ooniprobe and obfsproxy - sudo pip install https://github.com/TheTorProject/ooni-probe/archive/master.zip && - /usr/local/bin/ooniprobe + sudo `which pip` install https://github.com/TheTorProject/ooni-probe/archive/master.zip && + /usr/local/bin/ooniprobe --version } setup_ooniprobe() { # Update the Tor running in ooniprobe + mkdir ~/.ooni/ cat /usr/share/ooni/ooniprobe.conf.sample | sed s/'start_tor: true'/'start_tor: false'/ | sed s/'#socks_port: 8801'/'socks_port: 9050'/ > ~/.ooni/ooniprobe.conf && mkdir /home/$USER/bridge_reachability/ &&

1 0

[translation/tails-misc] Update translations for tails-misc
by translation＠torproject.org 26 Jun '14

26 Jun '14

commit 9fff78e86f1e63ad132b4a426a29109a31f02be1 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jun 26 12:45:36 2014 +0000 Update translations for tails-misc --- id.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/id.po b/id.po index 05fa650..cfc4709 100644 --- a/id.po +++ b/id.po @@ -9,7 +9,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2014-06-08 19:08+0200\n" -"PO-Revision-Date: 2014-06-26 12:01+0000\n" +"PO-Revision-Date: 2014-06-26 12:31+0000\n" "Last-Translator: L1Nus <multazam_ali(a)me.com>\n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/torproject/language/id/)\n" "MIME-Version: 1.0\n" @@ -301,7 +301,7 @@ msgstr "Kartu jaringan ${nic} dimatikan" msgid "" "MAC spoofing failed for network card ${nic_name} (${nic}) so it is temporarily disabled.\n" "You might prefer to restart Tails and disable MAC spoofing. See the <a href='file:///usr/share/doc/tails/website/doc/first_steps/startup_options/mac_spoofing.en.html'>documentation</a>." -msgstr "" +msgstr "MAC spoofing gagal untuk kartu jaringan ${nic_name} (${nic}) jadi untuk sementara dilumpuhkan.\nAnda mungkin memilih untuk mengulang Tails dan mematikan MAC spoofing. Lihat <a href='file:///usr/share/doc/tails/website/doc/first_steps/startup_options/mac_spoofing.en.html'>dokumentasi</a>." #: config/chroot_local-includes/usr/local/sbin/tails-spoof-mac:39 msgid "All networking disabled" @@ -312,7 +312,7 @@ msgstr "Semua jaringan dimatikan" msgid "" "MAC spoofing failed for network card ${nic_name} (${nic}). The error recovery also failed so all networking is disabled.\n" "You might prefer to restart Tails and disable MAC spoofing. See the <a href='file:///usr/share/doc/first_steps/startup_options/mac_spoofing.en.html'>documentation</a>." -msgstr "" +msgstr "MAC spoofing gagal untuk kartu jaringan ${nic_name} (${nic}). Pemulihan kesalahan juga gagal, jadi semua jaringan dilumpuhkan.\nAnda mungkin memilih untuk mengulang Tails dan mematikan MAC spoofing. Lihat <a href='file:///usr/share/doc/first_steps/startup_options/mac_spoofing.en.html'>dokumentasi</a>." #: config/chroot_local-includes/usr/local/bin/tails-start-i2p:62 msgid "Starting I2P..."

1 0

[translation/bridgedb] Update translations for bridgedb
by translation＠torproject.org 26 Jun '14

26 Jun '14

commit 1b9abf5bc8f121a87258cf9ca35967aa6ec1cfba Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jun 26 12:45:02 2014 +0000 Update translations for bridgedb --- id/LC_MESSAGES/bridgedb.po | 143 ++++++++++++++++++++++++++------------------ 1 file changed, 84 insertions(+), 59 deletions(-) diff --git a/id/LC_MESSAGES/bridgedb.po b/id/LC_MESSAGES/bridgedb.po index 4f9447f..1a0a909 100644 --- a/id/LC_MESSAGES/bridgedb.po +++ b/id/LC_MESSAGES/bridgedb.po @@ -3,15 +3,16 @@ # This file is distributed under the same license as the BridgeDB project. # # Translators: -# anzhyo, 2014 +# Anthony Santana, 2014 # MasIs <is.roadster(a)gmail.com>, 2013 +# L1Nus <multazam_ali(a)me.com>, 2014 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywo…'\n" -"POT-Creation-Date: 2014-05-16 18:39+0000\n" -"PO-Revision-Date: 2014-05-25 21:39+0000\n" -"Last-Translator: anzhyo\n" +"POT-Creation-Date: 2014-06-06 21:46+0000\n" +"PO-Revision-Date: 2014-06-26 12:41+0000\n" +"Last-Translator: L1Nus <multazam_ali(a)me.com>\n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/torproject/language/id/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -22,29 +23,26 @@ msgstr "" #. TRANSLATORS: Please DO NOT translate the following words and/or phrases in #. any string (regardless of capitalization and/or punctuation): -#. "bridge" -#. "bridges" #. "BridgeDB" #. "pluggable transport" #. "pluggable transports" #. "obfs2" #. "obfs3" #. "scramblesuit" -#. "fte" +#. "fteproxy" #. "Tor" #. "Tor Browser" -#. "TBB" -#: lib/bridgedb/HTTPServer.py:124 +#: lib/bridgedb/HTTPServer.py:121 msgid "Sorry! Something went wrong with your request." -msgstr "" +msgstr "Maaf! Telah terjadi masalah atas permintaan anda." #: lib/bridgedb/strings.py:18 msgid "[This is an automated message; please do not reply.]" -msgstr "" +msgstr "[Ini adalah pesan otomatis; tolong jangan dibalas.]" #: lib/bridgedb/strings.py:20 msgid "Here are your bridges:" -msgstr "" +msgstr "Ini adalah penghubung anda:" #: lib/bridgedb/strings.py:22 #, python-format @@ -58,39 +56,44 @@ msgid "" "COMMANDs: (combine COMMANDs to specify multiple options simultaneously)" msgstr "" -#: lib/bridgedb/strings.py:27 +#. TRANSLATORS: Please DO NOT translate the word "BridgeDB". +#: lib/bridgedb/strings.py:28 msgid "Welcome to BridgeDB!" msgstr "" #. TRANSLATORS: Please DO NOT translate the words "transport" or "TYPE". -#: lib/bridgedb/strings.py:29 +#: lib/bridgedb/strings.py:30 msgid "Currently supported transport TYPEs:" msgstr "" -#: lib/bridgedb/strings.py:30 +#: lib/bridgedb/strings.py:31 #, python-format msgid "Hey, %s!" msgstr "" -#: lib/bridgedb/strings.py:31 +#: lib/bridgedb/strings.py:32 msgid "Hello, friend!" msgstr "" -#: lib/bridgedb/strings.py:32 lib/bridgedb/templates/base.html:100 +#: lib/bridgedb/strings.py:33 lib/bridgedb/templates/base.html:100 msgid "Public Keys" msgstr "" #. TRANSLATORS: This string will end up saying something like: #. "This email was generated with rainbows, unicorns, and sparkles #. for alice(a)example.com on Friday, 09 May, 2014 at 18:59:39." -#: lib/bridgedb/strings.py:36 +#: lib/bridgedb/strings.py:37 #, python-format msgid "" "This email was generated with rainbows, unicorns, and sparkles\n" "for %s on %s at %s." msgstr "" -#: lib/bridgedb/strings.py:42 +#. TRANSLATORS: Please DO NOT translate "BridgeDB". +#. TRANSLATORS: Please DO NOT translate "Pluggable Transports". +#. TRANSLATORS: Please DO NOT translate "Tor". +#. TRANSLATORS: Please DO NOT translate "Tor Network". +#: lib/bridgedb/strings.py:47 #, python-format msgid "" "BridgeDB can provide bridges with several %stypes of Pluggable Transports%s,\n" @@ -100,14 +103,20 @@ msgid "" "\n" msgstr "" -#: lib/bridgedb/strings.py:48 +#. TRANSLATORS: Please DO NOT translate "Pluggable Transports". +#: lib/bridgedb/strings.py:54 msgid "" "Some bridges with IPv6 addresses are also available, though some Pluggable\n" "Transports aren't IPv6 compatible.\n" "\n" msgstr "" -#: lib/bridgedb/strings.py:52 +#. TRANSLATORS: Please DO NOT translate "BridgeDB". +#. TRANSLATORS: The phrase "plain-ol'-vanilla" means "plain, boring, +#. regular, or unexciting". Like vanilla ice cream. It refers to bridges +#. which do not have Pluggable Transports, and only speak the regular, +#. boring Tor protocol. Translate it as you see fit. Have fun with it. +#: lib/bridgedb/strings.py:63 #, python-format msgid "" "Additionally, BridgeDB has plenty of plain-ol'-vanilla bridges %s without any\n" @@ -116,20 +125,20 @@ msgid "" "\n" msgstr "" -#: lib/bridgedb/strings.py:65 +#: lib/bridgedb/strings.py:76 msgid "What are bridges?" -msgstr "Apakah itu jambatan?" +msgstr "Apakah itu penghubung?" -#: lib/bridgedb/strings.py:66 +#: lib/bridgedb/strings.py:77 #, python-format msgid "%s Bridges %s are Tor relays that help you circumvent censorship." msgstr "" -#: lib/bridgedb/strings.py:71 +#: lib/bridgedb/strings.py:82 msgid "I need an alternative way of getting bridges!" -msgstr "Adakah cara lain untuk memperoleh jambatan?" +msgstr "Adakah cara lain untuk memperoleh penghubung?" -#: lib/bridgedb/strings.py:72 +#: lib/bridgedb/strings.py:83 #, python-format msgid "" "Another way to get bridges is to send an email to %s. Please note that you must\n" @@ -137,75 +146,83 @@ msgid "" "%s or %s." msgstr "" -#: lib/bridgedb/strings.py:79 +#: lib/bridgedb/strings.py:90 msgid "My bridges don't work! I need help!" -msgstr "Jambatan saya gagal! Bantu saya!" +msgstr "Penghubung saya gagal! Bantu saya!" -#: lib/bridgedb/strings.py:80 +#. TRANSLATORS: Please DO NOT translate "Tor". +#: lib/bridgedb/strings.py:92 #, python-format msgid "If your Tor doesn't work, you should email %s." msgstr "" -#: lib/bridgedb/strings.py:81 +#. TRANSLATORS: Please DO NOT translate "Pluggable Transports". +#. TRANSLATORS: Please DO NOT translate "Tor Browser". +#. TRANSLATORS: Please DO NOT translate "Tor". +#: lib/bridgedb/strings.py:96 msgid "" "Try including as much info about your case as you can, including the list of\n" "bridges and Pluggable Transports you tried to use, your Tor Browser version,\n" "and any messages which Tor gave out, etc." msgstr "" -#: lib/bridgedb/strings.py:88 +#: lib/bridgedb/strings.py:103 msgid "Here are your bridge lines:" msgstr "" -#: lib/bridgedb/strings.py:89 +#: lib/bridgedb/strings.py:104 msgid "Get Bridges!" msgstr "" -#: lib/bridgedb/strings.py:93 +#: lib/bridgedb/strings.py:108 msgid "Please select options for bridge type:" msgstr "" -#: lib/bridgedb/strings.py:94 +#: lib/bridgedb/strings.py:109 msgid "Do you need IPv6 addresses?" msgstr "" -#: lib/bridgedb/strings.py:95 +#: lib/bridgedb/strings.py:110 #, python-format msgid "Do you need a %s?" msgstr "" -#: lib/bridgedb/strings.py:99 +#: lib/bridgedb/strings.py:114 msgid "Your browser is not displaying images properly." msgstr "" -#: lib/bridgedb/strings.py:100 +#: lib/bridgedb/strings.py:115 msgid "Enter the characters from the image above..." msgstr "" -#: lib/bridgedb/strings.py:104 +#: lib/bridgedb/strings.py:119 msgid "How to start using your bridges" msgstr "" -#: lib/bridgedb/strings.py:105 +#. TRANSLATORS: Please DO NOT translate "Tor Browser". +#: lib/bridgedb/strings.py:121 #, python-format msgid "" "To enter bridges into Tor Browser, follow the instructions on the %s Tor\n" "Browser download page %s to start Tor Browser." msgstr "" -#: lib/bridgedb/strings.py:108 +#. TRANSLATORS: Please DO NOT translate "Tor". +#: lib/bridgedb/strings.py:125 msgid "" "When the 'Tor Network Settings' dialogue pops up, click 'Configure' and follow\n" "the wizard until it asks:" msgstr "" -#: lib/bridgedb/strings.py:111 +#. TRANSLATORS: Please DO NOT translate "Tor". +#: lib/bridgedb/strings.py:129 msgid "" "Does your Internet Service Provider (ISP) block or otherwise censor connections\n" "to the Tor network?" msgstr "" -#: lib/bridgedb/strings.py:114 +#. TRANSLATORS: Please DO NOT translate "Tor". +#: lib/bridgedb/strings.py:133 msgid "" "Select 'Yes' and then click 'Next'. To configure your new bridges, copy and\n" "paste the bridge lines into the text input box. Finally, click 'Connect', and\n" @@ -213,24 +230,29 @@ msgid "" "button in the 'Tor Network Settings' wizard for further assistance." msgstr "" -#: lib/bridgedb/strings.py:122 +#: lib/bridgedb/strings.py:141 msgid "Displays this message." msgstr "" -#: lib/bridgedb/strings.py:123 +#. TRANSLATORS: Please try to make it clear that "vanilla" here refers to the +#. same non-Pluggable Transport bridges described above as being +#. "plain-ol'-vanilla" bridges. +#: lib/bridgedb/strings.py:145 msgid "Request vanilla bridges." msgstr "" -#: lib/bridgedb/strings.py:124 +#: lib/bridgedb/strings.py:146 msgid "Request IPv6 bridges." msgstr "" #. TRANSLATORS: Please DO NOT translate the word the word "TYPE". -#: lib/bridgedb/strings.py:126 +#: lib/bridgedb/strings.py:148 msgid "Request a Pluggable Transport by TYPE." msgstr "" -#: lib/bridgedb/strings.py:127 +#. TRANSLATORS: Please DO NOT translate "BridgeDB". +#. TRANSLATORS: Please DO NOT translate "GnuPG". +#: lib/bridgedb/strings.py:151 msgid "Get a copy of BridgeDB's public GnuPG key." msgstr "" @@ -250,15 +272,19 @@ msgstr "" msgid "Contact" msgstr "" -#: lib/bridgedb/templates/bridges.html:65 +#. TRANSLATORS: Please translate this into some silly way to say +#. "There was a problem!" in your language. For example, +#. for Italian, you might translate this into "Mama mia!", +#. or for French: "Sacrebleu!". :) +#: lib/bridgedb/templates/bridges.html:66 msgid "Uh oh, spaghettios!" msgstr "" -#: lib/bridgedb/templates/bridges.html:70 +#: lib/bridgedb/templates/bridges.html:72 msgid "There currently aren't any bridges available..." msgstr "" -#: lib/bridgedb/templates/bridges.html:71 +#: lib/bridgedb/templates/bridges.html:73 #, python-format msgid "" " Perhaps you should try %s going back %s and choosing a different bridge " @@ -283,7 +309,7 @@ msgstr "" #: lib/bridgedb/templates/index.html:27 #, python-format msgid "Get %s bridges %s" -msgstr "Dapatkan %s jambatan %s" +msgstr "Dapatkan %s penghubung %s" #: lib/bridgedb/templates/index.html:36 #, python-format @@ -299,28 +325,27 @@ msgstr "" #. beginning of words are present in your final translation. Thanks! #. (These are used to insert HTML5 underlining tags, to mark accesskeys #. for disabled users.) -#. TRANSLATORS: Please do NOT translate the word "bridges"! -#: lib/bridgedb/templates/options.html:39 +#: lib/bridgedb/templates/options.html:38 #, python-format msgid "%sJ%sust give me bridges!" msgstr "" -#: lib/bridgedb/templates/options.html:53 +#: lib/bridgedb/templates/options.html:52 msgid "Advanced Options" msgstr "" -#: lib/bridgedb/templates/options.html:89 +#: lib/bridgedb/templates/options.html:88 msgid "No" msgstr "Tidak" -#: lib/bridgedb/templates/options.html:90 +#: lib/bridgedb/templates/options.html:89 msgid "none" msgstr "" #. TRANSLATORS: Please make sure the '%s' surrounding single letters at the #. beginning of words are present in your final translation. Thanks! #. TRANSLATORS: Translate "Yes!" as in "Yes! I do need IPv6 addresses." -#: lib/bridgedb/templates/options.html:131 +#: lib/bridgedb/templates/options.html:130 #, python-format msgid "%sY%ses!" msgstr "" @@ -328,7 +353,7 @@ msgstr "" #. TRANSLATORS: Please make sure the '%s' surrounding single letters at the #. beginning of words are present in your final translation. Thanks! #. TRANSLATORS: Please do NOT translate the word "bridge"! -#: lib/bridgedb/templates/options.html:155 +#: lib/bridgedb/templates/options.html:154 #, python-format msgid "%sG%set Bridges" msgstr ""

1 0

[translation/tails-misc] Update translations for tails-misc
by translation＠torproject.org 26 Jun '14

26 Jun '14

commit 943d149fc705bbfe142eff272c7cc95862791694 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jun 26 12:15:35 2014 +0000 Update translations for tails-misc --- id.po | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/id.po b/id.po index 4a3cdb4..05fa650 100644 --- a/id.po +++ b/id.po @@ -3,13 +3,14 @@ # This file is distributed under the same license as the PACKAGE package. # # Translators: +# L1Nus <multazam_ali(a)me.com>, 2014 msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2014-05-29 00:14+0200\n" -"PO-Revision-Date: 2014-05-29 08:50+0000\n" -"Last-Translator: runasand <runa.sandvik(a)gmail.com>\n" +"POT-Creation-Date: 2014-06-08 19:08+0200\n" +"PO-Revision-Date: 2014-06-26 12:01+0000\n" +"Last-Translator: L1Nus <multazam_ali(a)me.com>\n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/torproject/language/id/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -73,7 +74,7 @@ msgstr "_Manage Keys" #: config/chroot_local-includes/usr/local/bin/gpgApplet:244 msgid "The clipboard does not contain valid input data." -msgstr "" +msgstr "Clipboard ini tidak memuat input data yang valid" #: config/chroot_local-includes/usr/local/bin/gpgApplet:294 #: config/chroot_local-includes/usr/local/bin/gpgApplet:296 @@ -99,7 +100,7 @@ msgstr "Nama" #: config/chroot_local-includes/usr/local/bin/gpgApplet:358 msgid "Key ID" -msgstr "" +msgstr "ID Kunci" #: config/chroot_local-includes/usr/local/bin/gpgApplet:359 msgid "Status" @@ -107,7 +108,7 @@ msgstr "Status" #: config/chroot_local-includes/usr/local/bin/gpgApplet:391 msgid "Fingerprint:" -msgstr "" +msgstr "Sidik jari:" #: config/chroot_local-includes/usr/local/bin/gpgApplet:394 msgid "User ID:" @@ -175,7 +176,7 @@ msgstr "Anda memerlukan private key untuk menandai pesan atau public key untuk m #: config/chroot_local-includes/usr/local/bin/gpgApplet:742 msgid "GnuPG error" -msgstr "" +msgstr "GnuPG bermasalah" #: config/chroot_local-includes/usr/local/bin/gpgApplet:763 msgid "Therefore the operation cannot be performed." @@ -284,7 +285,7 @@ msgid "" "MAC spoofing feature. For more information, see the <a " "href=\\\"file:///usr/share/doc/tails/website/doc/first_steps/startup_options/mac_spoofing.en.html#blocked\\\">MAC" " spoofing documentation</a>." -msgstr "" +msgstr "Tampaknya anda telah diblokir dari jaringan. Ini bisa terjadi sehubungan dengan fitur MAC spoofing. Untuk info lebih lanjut, lihat <a href=\\\"file:///usr/share/doc/tails/website/doc/first_steps/startup_options/mac_spoofing.en.html#blocked\\\">dokumentasi MAC spoofing</a>." #: config/chroot_local-includes/usr/local/bin/tails-security-check:145 msgid "This version of Tails has known security issues:" @@ -319,7 +320,7 @@ msgstr "Memulai I2P..." #: config/chroot_local-includes/usr/local/bin/tails-start-i2p:63 msgid "The I2P router console will be opened on start." -msgstr "" +msgstr "Konsol router I2P akan dibuka sewaktu mulai" #: config/chroot_local-includes/usr/local/bin/tails-start-i2p:82 #: config/chroot_local-includes/usr/local/bin/tails-start-i2p:124 @@ -465,7 +466,7 @@ msgstr "Pelajari bagaimana menggunakan Tails" #: ../config/chroot_local-includes/usr/share/applications/i2p.desktop.in.h:1 msgid "Anonymous overlay network " -msgstr "" +msgstr "Jaringan overlay anonim" #: ../config/chroot_local-includes/usr/share/applications/i2p.desktop.in.h:2 msgid "i2p" @@ -473,7 +474,7 @@ msgstr "i2p" #: ../config/chroot_local-includes/usr/share/applications/i2p.desktop.in.h:3 msgid "Anonymous overlay network" -msgstr "" +msgstr "Jaringan overlay anonim" #: ../config/chroot_local-includes/usr/share/applications/tails-about.desktop.in.h:2 msgid "Learn more about Tails"

1 0

[translation/https_everywhere_completed] Update translations for https_everywhere_completed
by translation＠torproject.org 26 Jun '14

26 Jun '14

commit 2d2933395c43fbf598eb8543d72785e1914f7865 Author: Translation commit bot <translation(a)torproject.org> Date: Thu Jun 26 07:45:20 2014 +0000 Update translations for https_everywhere_completed --- zh_TW/https-everywhere.dtd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zh_TW/https-everywhere.dtd b/zh_TW/https-everywhere.dtd index 006c6e1..e7d72ed 100644 --- a/zh_TW/https-everywhere.dtd +++ b/zh_TW/https-everywhere.dtd @@ -38,7 +38,7 @@ <!ENTITY https-everywhere.popup.title "HTTPS Everywhere 4.0 dev.11通知"> <!ENTITY https-everywhere.popup.paragraph1 "糟糕。以前您一直使用 HTTPS Everywhere 穩定版本，但我們可能不小心為您升級成最新版本中的開發中版本。"> <!ENTITY https-everywhere.popup.paragraph2 "您想回復成穩定版本?"> -<!ENTITY https-everywhere.popup.paragraph3 "如果您繼續使用我們的開發中版本，並幫助我們使得HTTPS Everywhere變得更好，我們也很願意！您可能會發現這裡和那裡有一些更多的錯誤，您可以向https-everywhere@eff.org提交報告，對不起您添麻煩了，感謝您使用HTTPS Everywhere。"> +<!ENTITY https-everywhere.popup.paragraph3 "如果您繼續使用我們的開發中版本，將幫助我們使得 HTTPS Everywhere 變得更好!您可能會發現一些更多的錯誤，您可以向 https-everywhere(a)eff.org 提交報告。很抱歉造成您的不便，並感謝您使用 HTTPS Everywhere。"> <!ENTITY https-everywhere.popup.keep "持續使用開發中版本"> <!ENTITY https-everywhere.popup.revert "下載最新的穩定版本">

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits June 2014