[nycbug-talk] pfsense and tor

fastgoldfish at gmail.com fastgoldfish at gmail.com
Fri Jun 28 01:13:30 EDT 2013

Enter an option: 8

[2.0.3-RELEASE][root at pfSense.localdomain]/root(1): pkg_add -r tor
Error: Unable to get
File unavailable (e.g., file not found, no access)
pkg_add: unable to fetch
by URL
[2.0.3-RELEASE][root at pfSense.localdomain]/root(2): pkg_add -r tor-devel
Error: Unable to get
File unavailable (e.g., file not found, no access)
pkg_add: unable to fetch
by URL
[2.0.3-RELEASE][root at pfSense.localdomain]/root(3):

Darn, I was hoping that would work.

Whonix is quite a bit different from the other similar efforts.
adrelanos seems to have found the magic balance between keeping it
simple, and making it eminently effective. He has delivered a finished
product that actually works, and works very well. It is able to
survive a root-job without losing anonymity, in some circumstances. I
have watched many other ideas come and go, and none of them reached
level of usability and common-sense simplicity that Whonix has. I
think that might be merely because it is an idea whose time has come.

adrelanos is investigating the possibility of building his next
version of the Whonix Gateway on pfSense. I'm not sure whether he'll
do that or not, but I think I've gotten his attention focused on
pfSense based on just a few of its many advantages that I'm aware of.
One thing that has kept Whonix on Debian is its wide usage. From the
point of view of adrelanos, he thinks that gives Debian more "peer
review" for bugs and other flaws.

Based on what I've learned about pfSense in this discussion, I think
pfSense is probably better even in the popularity contest comparison
because it's simpler and more specialized. That makes it an
apples-to-oranges comparison with a general purpose system (Debian),
and a refined network-specialist system (pfSense). pfSense is destined
to come out on top in that kind of a comparison.

And, like you said, the 100'000+ pfSense installs makes it much more
likely that Tor will be used on a significant fraction of them.

As best I can tell, it looks to me that pfSense can be used to force
Tor as the only way in or out of a network by setting up a static
route. The LAN interface is routed to Tor, and Tor is routed to the
WAN interface. That's essentially what the Whonix Gateway does, after
stripping out all of the superfluous unnecessary stuff from Debian, if
I understand it correctly.

For that use case, it would be nice to have a checkbox for "Isolate
LAN on Tor" which sets up the routing, perhaps with a brief guided
configuration step. From there, an entire network of machines and all
of their applications, can be forcibly Torified such that none of the
machines and applications on the LAN are aware of the public IP of the
WAN, and so they cannot leak it, even if they get rooted. Then, users
can happily use Flash, JavaScript, and all the other things they want,
with the benefits of Tor that suit their use cases. There are several
very different use cases that need to be spelled out so people
understand what they're getting and what they're not getting.

Finally, there's the very important ability to set up dedicated
bridges, relays, and exits in a straightforward way, such that anyone
running pfSense is ready to go. That will be very exciting, especially
because it opens up the possibility of ISP's contributing to the Tor
infrastructure, and maybe also offering their clients access to the
Tor network with little or no configuration on the client's part. The
clients would still need a solid understanding of what Tor can and
can't do for them, but once educated, they'll be able to benefit from
the advantages Tor can give them, while avoiding the pitfalls in
realms where Tor is unsuited.

On Thu, Jun 27, 2013 at 9:05 PM, George Rosamond
<george at ceetonetechnology.com> wrote:
> fastgoldfish at gmail.com:
>> I found this, which looks to be straightforward:
>> http://doc.pfsense.org/index.php/Developing_Packages
>> I don't understand all that's going on with that. Does anyone know if
>> there's a  "hello world" package to play with? I couldn't find one.
> 'hello world' for pfSense packages??   woah.
> More inline below.
>> On Wed, Jun 26, 2013 at 7:09 PM, fastgoldfish at gmail.com
>> <fastgoldfish at gmail.com> wrote:
>>> I sent a message to adrelanos, the person developing the Whonix
>>> system, to make him aware of this discussion. I think pfSense may have
>>> the potential to provide a much more powerful and flexible replacement
>>> for the Whonix Gateway. pfSense could be used to serve needs that the
>>> Whonix Gateway currently is not designed for, but pfSense can still
>>> serve the very narrow set of use cases that the Whonix system is
>>> currently the best tool for.
> I don't know a lot about Whonix, but I do know a bit about other similar
> projects, and most have stopped moving forward in any real way.
> pfSense has huge advantages as a platform over these other systems:
> 1.  it has a significant install base that they don't
> 2.  pfsense didn't try to be all things to all people when it launched,
> but it has scaled to do more in time, as appropriate, with a solid
> framework.
>>> Beyond that, pfSense can do things that we haven't even thought of
>>> yet. one thing I've discussed with adrelanos is a Tor-friendly ISP
>>> that could provide a Tor gateway that will forcibly torify all
>>> communications. Some other very important use cases are:
>>> * Making it easy for someone to conceal the location of a Tor hidden
>>> service, even if it gets rooted (which Whonix theoretically could do).
>>> * Making it easy for someone to run a Tor relay or bridge.
>>> And more!
>>> On Wed, Jun 26, 2013 at 3:57 PM, Brian Callahan <bcallah at devio.us> wrote:
>>>> On 06/26/13 15:45, badon wrote:
>>>>> The mention of PBI's is interesting, because I just installed PCBSD too,
>>>>> and I think that's what PCBSD uses.
>>>> Makes sense, as both are based off FreeBSD ;-) The PBI is a PCBSD invention,
>>>> but afaik the framework (though not necessarily the individual PBI packages)
>>>> will work on any FreeBSD-based system, including vanilla FreeBSD.
>>>>> There is already a PBI in PCBSD, but I'm not sure if that's suitable for
>>>>> Pfsense or not.
>>>> I would say "probably not" to this. But the mechanism for generating a
>>>> suitable PBI for pfsense should be similar if not identical to PCBSD (if you
>>>> know how to do that).
>>>> Otherwise - consider this a bump to George for making a pfsense Tor PBI :)
> So, yeah, this has been on my list for a while, and I know there's
> interest in it.
> I will be looking at it more seriously in the next week or so.  In the
> meantime, try going to the pfsense shell and typing "pkg_add -r tor" or
> tor-devel.  I think devel is fine.
> I'll need to go back to the xml configs and start reworking.
> Despite the long torrc file, there's only really a handful of config
> options necessary, so a basic operational config isn't that hard.
> Adding hidden services, etc., might be later goals, but to me the goal
> should be a simple bridge or relay that any user could just setup in a
> few minutes.
> The number you can toss around is this:  if there were 100,000 known
> pfSense installs in November 2011, 2% of them running a bridge or relay
> would have an enormous impact on the Tor network, which only has about
> 3700 public relays at the moment, plus somewhere under 2000 known bridges.
> Another important impact is on the current Linux monoculture.  The vast
> majority of Tor nodes are Linux by a long shot.  Bumping up the FreeBSD
> numbers, at least, would breakup that issue to an extent.
> g
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk

More information about the talk mailing list