On 29 Jun 2016, at 04:57, Petrusko petrusko@riseup.net wrote:
Hey,
Starting to set up some Bridges behind some routers, if possible at several locations.
Since last time, I've found some useful informations, but I'm not 100% sure if torrc config is ok. So the goal is :
- bridge
- obsfproxy to help censored people
- SOCKS available for LAN computers, to redirect traffic to Tor
Here the torrc file I've tuned : ####START#### SocksPort 192.168.1.10:9050 #LAN IP SocksPolicy accept 192.168.1.0/24 #Socks available for LAN computers SocksPolicy accept 127.0.0.1 #Socks available for localhost too SocksPolicy reject * Log notice file /var/log/tor/notices.log ORPort 10000 Address x.x.x.x #WAN IP Nickname Test01 #name of the bridge node ContactInfo me@mail.com DirPort 10001 ExitPolicy reject *:* BridgeRelay 1 PublishServerDescriptor bridge
AuthoritativeDirectory 1 BridgeAuthoritativeDir 1
You really don't want these two lines, they make your relay try to be an authoritative directory.
ServerTransportPlugin obfs3 exec /usr/bin/obfsproxy managed ServerTransportListenAddr obfs3 0.0.0.0:10002 ExtORPort auto ####END####
In the router/box, I'll open/forward those 3 TCP ports from the WAN to the LAN server IP : ORPort : 10000 DirPort : 10001 Obfs : 10002
Test with a LAN client Firefox connecting with Socks is ok, IP seen is a Tor exit... Torcheck says the current browser is using Tor.
But how to know if censored people can use this bridge ? (I'll test it from an open wifi hotspot in future...) Is this one is available in the list at bridges.torproject.org ? I see some log lines about stats files... where will it possible to check this bridge utilization ?
If someone wants to correct this torrc file, please don't hesitate ! Is there something to add, to remove ?! Another eye is always cool to be sure !
Many thx for your lights :)
-- Petrusko PubKey EBE23AE5 C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP 968F094B ricochet:ekmygaiu4rzgsk6n