I do simply run here
~/devel/go/src/snowflake/proxy/proxy &>>/tmp/snowflake-proxy.log &
and was wondering if I have to open special UDP inbound ports ?
From the stats snowflake iseems to be working:
2022/02/18 19:29:59 In the last 1h0m0s, there are 13 connections. Traffic Relayed ↑ 192 MB, ↓ 192 MB. 2022/02/18 20:29:59 In the last 1h0m0s, there are 21 connections. Traffic Relayed ↑ 451 MB, ↓ 451 MB. 2022/02/18 21:29:59 In the last 1h0m0s, there are 9 connections. Traffic Relayed ↑ 236 MB, ↓ 236 MB.
but b/c I do have a rather restrict inbound firewall rule set I'm wondering about that.
-- Toralf
On Saturday, February 19th, 2022 at 11:15, Toralf Förster toralf.foerster@gmx.de wrote:
I do simply run here
~/devel/go/src/snowflake/proxy/proxy &>>/tmp/snowflake-proxy.log &
and was wondering if I have to open special UDP inbound ports ?
From the stats snowflake iseems to be working:
2022/02/18 19:29:59 In the last 1h0m0s, there are 13 connections.
Traffic Relayed ↑ 192 MB, ↓ 192 MB.
2022/02/18 20:29:59 In the last 1h0m0s, there are 21 connections.
Traffic Relayed ↑ 451 MB, ↓ 451 MB.
2022/02/18 21:29:59 In the last 1h0m0s, there are 9 connections. Traffic
Relayed ↑ 236 MB, ↓ 236 MB.
but b/c I do have a rather restrict inbound firewall rule set I'm
wondering about that.
I think it works without open ports by initiating the traffic from the inside on both ends. I used https://github.com/pion/stun/tree/master/cmd/stun-nat-behaviour to get a better understanding of the effects of my current setup.
Maybe that can help you too. Best regards
Quoting Toralf Förster (2022-02-19 11:15:19)
I do simply run here
~/devel/go/src/snowflake/proxy/proxy &>>/tmp/snowflake-proxy.log &
and was wondering if I have to open special UDP inbound ports ?
[...]
but b/c I do have a rather restrict inbound firewall rule set I'm wondering about that.
If you have a restricted firewall you might have what snowflake calls 'restricted NAT', the most useful snowflake proxies are the 'unrestricted NAT' ones, as they allow clients in a more restricted NAT situations to connect to them. You can check the NAT type you have in the logs.
If you have restricted NAT I would recommend you to open the UDP port range of 32768-60999.
More information about NAT types: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowf...
There as a conversation about that in the forum few months ago: https://forum.torproject.net/t/a-few-questions-about-the-standalone-snowflak...
On 2/19/22 12:48, meskio wrote:
If you have restricted NAT I would recommend you to open the UDP port range of 32768-60999.
Thx, I opened those UDP ports for incoming UDP traffic.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt
OT, but: You're still at freenode ?
Quoting Toralf Förster (2022-02-21 22:06:36)
On 2/19/22 12:48, meskio wrote:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt
OT, but: You're still at freenode ?
No, I left a while ago, but looks like I forgot to update that document. Now is up to date.
tor-relays@lists.torproject.org
-
dmz21 -
meskio -
Toralf Förster