[tor-dev] Dumb or-ctl-filter tricks (Was: [tor-talk] SOCKS proxy to sit between user and Tor?)
yawning at schwanenlied.me
Wed Jun 3 21:07:20 UTC 2015
I just pushed a fairly large update to or-ctl-filter, that lets you do
lots of interesting things, most of them probably unsafe. In
particular or-ctl-filter now ships with a SOCKS5 client/server
implementation and a stub control port implementation.
A picture is worth a thousand words:
What it does:
* Filters the control port exposed to Tor Browser for things that
(IMO) the browser has no business knowing just in terms of attack
surface. In particular this intentionally breaks the circuit
display feature as part of 4.5.x.
* Allows easy integration of Tor Browser with a system tor service
(NB: I run a system tor service with the Tor Browser circuit
lifespan patch, if you do not, you will get behavior that is
different from other users. You have been warned.)
* Supports transparently redirecting ".i2p" requests to an I2P
instance. Tor does not need to be running for this.
* Enforces isolation to attempt to guard the local I2P web server and
* Supports running without Tor or I2P at all, essentially changing Tor
Browser into Firefox with a bunch of patches.
* NEWNYM does not affect I2P tunnels.
* "New Tor Circuit For This Site" does not affect I2P tunnels either.
* Only cookie authentication is supported because I'm lazy, and it is
the superior authentication method.
* Launching Tor/I2P is not or-ctl-filter's problem and will never be
part of the feature set. I have systemd for that.
* Very alpha. It is entirely possible that I screwed up enforcing
isolation. You can hard disable access to locally hosted i2p
services like the management console in the config file.
It is still probably 3 million times better than using
privoxy/random sketch addons to do something like this because I
actually do look at circuit isolation from Tor Browser and propagate
it to Tor (or enforce it as best as I can otherwise).
* If you enable logging, it will happily splatter destinations,
authentication credentials, and everything else to the log, because
it is a debugging feature, so don't.
* If you enable the option named "UnsafeAllowDirect" and disable Tor,
it will happily connect directly to the internet, destroying your
* Untested on Windows. Should work, don't care if it doesn't.
Patches will sit in my INBOX forever; ignored, and unloved, just
like the operating system they target. The same goes for OSX.
: Honestly, I'll merge trivial things, but I won't bust out my
windows box to test/debug this, and I don't have an OSX box.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the tor-dev