[tor-talk] Tor transparent proxy implementation on Windows
blibbet at gmail.com
Sat Dec 24 22:44:14 UTC 2011
On 12/22/11 4:28 AM, andrew at torproject.org wrote:
I realize there are many reasons why a VM-based solution is useful,
compared to a native solution.
However, this statement is incorrect:
"This is important in a Windows environment where capabilities like
Linux(R) netfilter or BSD(R) packet filter do not exist."
The WFP (Windows Filtering Platform) driver model has these
capabilities. WFP deprecates the older TDI and NDIS solutions, which
also had these capabilities. Granted, the command line interface to the
early Windows Firewall didn't match iptables, but these days it does.
But the OS interface to do transparent proxying has been in NT for
decades, first with TDI and NDIS, now with WFP.
I also am confused by modern LibEvent performance and this comment:
"For Windows platforms offloading the TCP session intensive Tor process
to a Linux guest with edge triggered IO can significantly improve the
performance of Tor and eliminate socket buffer problems."
Is it really a performance increase to use add: VirtualBox or QEmu (N
components), a second OS (N components), WinPCap, and the OpenVPN
TAP-Win32 driver to the solution? I would have thought a single WFP (or
TDI or NDIS) driver would be improve the performance more than running a
VM with a second OS and using TAP to talk to the virtual OS Linux network.
Is the current Windows implementation of LibEvent still that
performance-challenged? I thought Nick and other [GSoC] LibEvent
contributers have improved LibEvent to be a "first class citizen" on
Windows, and have reasonably performance event implementation these
years? Didn't the GSoC update include modern WinSock2/WinNT async model,
and wasn't that helpful over the original WinSock1/Win9x model, for perf?
The document also as a broken URL pointer (HTTP 404):
More information about the tor-talk