[tor-dev] Small FTE question

George Kadianakis desnacked at riseup.net
Sat Jan 4 15:12:02 UTC 2014

> On Fri, Jan 3, 2014 at 6:20 AM, George Kadianakis <desnacked at riseup.net>
> wrote:
>> Hello Kevin,
>> I saw your recent changes to the FTE codebase. The code looks nice!
>> I then tried to test it, but I got a bit confused by the CLI. I wanted
>> to
>> try the good ol' ncat test, where I put FTE in the middle, an ncat
>> listener on the server side, and an ncat client on the client side, and
>> throw bytes around. How would I do that with the FTE CLI? I looked at
>> https://fteproxy.org/docs/0.2/fteproxy.html but I'm not sure how to use
>> the server_port and client_port switches properly. Can I configure the
>> client-side to push data to a specific destination, or is it always a
>> SOCKS listener?
> As a first place to start, it is probably best to have a look at
> "systemtests" in the root of the fteproxy source. This might be
> sufficient for your purposes.

Hm `systemtests` seems indeed relevant to my interests. What is it? Is it
integration tests?

I tried to run `systemtests` and I got stuff like "+ manual-http: 22.78
Mbps (5.62s)" in stdout, but when I used wireshark during the tests I saw
a flood of 'SYN' and then 'RST, ACK' packets on the wire. Seems like it
can't establish a connection to the listener at 8080. Why is that? Did the
tests run?

BTW, you might want to check out `obfsproxy/test/tester.py'. It's the
integration tester of obfsproxy. It's quite simple: it opens a client and
a listener, pushes some traffic on one end, and checks if it's received
intact on the other end. The code is a bit aged (it's there since
C-obfsproxy), but it might be useful.

> The longer answer: When not run in managed mode (--managed), fteproxy
> runs as a simple TCP proxy. Included in the fteproxy code is
> "bin/socksproxy" which I spin up and is destination for all data
> received by the fteproxy server. So, the typical (non Tor) testing
> scenario is:
> [SOCKS client] < - > [fteproxy client] < - > [fteproxy server] < - >
> [SOCKS server]
> * Socks client connects to the port specified as client_port on the
> fteproxy client.
> * The specified server port should be the same on the fteproxy client
> and server.
> * The fteproxy server proxy_port should be the port that the SOCKS
> server is listening on.

Hm, do you have a bash recipe to test this? When I want to test obfsrpoxy
I do something like this:

# Set up obfsproxy client
./bin/obfsproxy obfs2 client --dest=
# Set up obfsproxy server
./bin/obfsproxy obfs2 server --dest=
# Set up server-side data listener
ncat -k -l -p 8888
# Start up client-side data pusher
ncat localhost 6666

How would you test that for FTE? I want to push some data around and see
how packets look like on the wire.

>> Also, is there a way to make fteproxy increase its logging verbosity?
> Not at the moment. In the big refactor I did in Nov. I deleted lots of
> code and codified everything as unit tests. I'll think about ways to
> include a helpful verbosity parameter [1] for deployment.

Nice. Thanks!

More information about the tor-dev mailing list