[tor-project] support the torproject with bridges

David Fifield david at bamsoftware.com
Thu Aug 10 01:21:42 UTC 2017

On Thu, Aug 10, 2017 at 12:02:16AM +0000, isis agora lovecruft wrote:
> If you send it to isis at torproject.org, I'll make a patch.  The ticket
> for this is:
> https://trac.torproject.org/projects/tor/ticket/23166

Felix, we usually ask operators of default bridges to configure these
settings in torrc:
	AssumeReachable 1
	BridgeRelay 1
	ExtORPort auto

In addition, it is best if you use a firewall to block the bridge's
regular ORPort (while leaving the obfs4 port unblocked). Blocking the
bridge's ORPort is a hack to prevent the bridge from being included in
BridgeDB, which eliminates a couple of ways a censor might discover and
block the bridge: 1) by enumerating BridgeDB, and 2) by fingerprinting
plain-Tor connections to the bridge's IP address (made by users who
discovered the plain-Tor port through BridgeDB).

More information about the tor-project mailing list