[Tor-BSD] freebsd-ports; tor, obfs4, browser & socks
George Rosamond
george at ceetonetechnology.com
Thu Aug 3 12:54:00 EDT 2017
Vinícius Zavam:
> hello everyone,
>
> I'm writing to inform that our efforts to keep sharp with Tor support on
> FreeBSD are still alive. although we (TDP, https://torbsd.github.io) would
> like to call more people to help testing these ports we changed and
> created. the signed source code is available at
> https://github.com/torbsd/freebsd-ports/releases/tag/tdp
>
> sorry for the superficial bump, cross-posting and not much detailed email.
Breaking off the ugly cross-post here. . .
I think only the FreeBSD port of obfs4 is ready for testing, and I have
been running for about 19 hours on one box. Any FreeBSD port developers
on the list should look at his port and the two go dependencies.
https://github.com/torbsd/freebsd-ports/tree/egypcio/security
obfs4 is not in the FreeBSD or OpenBSD ports, but really should be once
it's well-tested and reviewed.
In the meantime, here's some things to note.
The FreeBSD ports distinguish between the obfs client and server for
obfsproxy's earlier version.
The default line listed in Vinicius' post-install message is:
ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
But to run as a obfsproxy server, this should be added to the torrc file:
ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy managed
I'm not sure whether obfs4 should have separate 'client' and a
'service/server' ports. But if it's one port, the post-install message
could note the different syntax. More likely, if TB is configured for
obfs4, the client configuration should be somewhat hidden from the user,
as it's configured through the TB UI.
As a service on a relay, it seems to be working, in terms of it
listening on a random TCP port, and from what the log file notes. Until
FreeBSD TB is really ready for testing, we won't know how it works as a
obfs4 client.
The default connection for censored users in the TB configuration is
obfs4, so a lot of relays allowing entry traffic and bridges are missing
a significant amount of connections.
TDP's new JSON-based stats reveal a lot.
First, note the transport types used to connect to bridges:
https://torbsd.github.io/oostats/bridges-trans-count.txt
Just some 15.6% are using 'null', aka, regular connections, while some
53.5% are using obfs4.
This report shows a more detailed picture:
https://torbsd.github.io/oostats/bridges-trans-os.txt
For anyone running a FreeBSD bridge or a relay that allows entry
traffic, testing out Vinicius' obfs4 port is a good idea. Then we can
check out the statistics over the next few weeks, and get a sense of the
impact.
Thanks for the work Vinicius.
g
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nycbug.org/pipermail/tor-bsd/attachments/20170803/66f0b499/attachment.bin>
More information about the Tor-BSD
mailing list