Re: [tor-talk] Why obfs4 bridges aren't work in Tails?
Thu, 16 Apr 2015 20:25:08 +0300 s7r s...@sky-ip.org: On Debian Wheezy 64bit with Tor 0.2.5.10 and obfs4proxy installed from deb.torproject.org/torproject.org obfs4proxy main (via apt-get) 3 obfs4 bridges out of a total of 31 crashed with no error or warn in Tor log. /var/log/tor was an empty file /var/log/tor/log.1 (log rotation) had in the last lines the regular heartbeat notices, with info about total circuits, relayed traffic, [... ] Simply started the Tor daemon again on these 3 servers and they are up and running, no problem. Will keep an eye on this. I've made some log analisys and (may be) found why obfs4 bridges don't work correctly. I've used tcpdump created by that command: sudo tcpdump ip -n -nn -x | tee tcpdump.txt and Tor log file located at /var/log/tor/log The possible reason is IP-packet fragmentation. I suspect that obfs4-protocol require sending big packet (with no fragmentation flag/option) and router of my local network and(or) other routers on the connection way can not pass these packets. My routers answer: unreachable - need to frag (mtu 1456). And in Tor log: [info] smartlist_choose_node_by_bandwidth(): Empty routerlist passed in to old node selection for rule weight as guard [info] should_delay_dir_fetches(): Delaying dir fetches (no running bridges known) [info] compute_weighted_bandwidths(): Empty routerlist passed in to consensus weight node selection for rule weight as guard many times. obfs3, obfs2 and bridges without pluggable transport all are working correctly. WBR, Alan Hiew -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Why obfs4 bridges aren't work in Tails?
Hello! My story: During booting from Tails LiveUSB I choice to use obfs4 bridges: obfs4 141.201.*.*:45785 obfs4 68.45.*.*:* obfs4 54.66.*.*:18965 obfs4 82.243.*.*:990 (full data of these non-publish bridges I can send via private e-mail if someone need) but during several minutes Tails doesn't make Tor connection. Process has stopped at Establishing an encrypted directory connection. Tails 1.3 and later have to support bfs4 bridges as announced. Why this can happen? WBR, Alan Hiew -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Why obfs4 bridges aren't work in Tails?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I have sent you a private email with some tested obfs4 bridges operated by me. The bridges are public (in Bridge-db) but I'm not sending them here for the entire mail list to know your entries in the Tor network. After you test, if working, feel free to use them as much as you want, or fetch other obfs4 bridges from Bridge-db. If the bridges won't work, we should investigate further and let Tails team know about it, if it's a bug, but I don't think so. On Debian Wheezy 64bit with Tor 0.2.5.10 and obfs4proxy installed from deb.torproject.org/torproject.org obfs4proxy main (via apt-get) 3 obfs4 bridges out of a total of 31 crashed with no error or warn in Tor log. /var/log/tor was an empty file /var/log/tor/log.1 (log rotation) had in the last lines the regular heartbeat notices, with info about total circuits, relayed traffic, [... ] Simply started the Tor daemon again on these 3 servers and they are up and running, no problem. Will keep an eye on this. Yawning (CC'ed) made some updates and improvements to obfs4proxy for better detection of process crash. Is the latest version of obfs4proxy in the repository deb.torproject.org/torproject.org obfs4proxy main so we can update in Debian simply with apt-get? On 4/16/2015 7:53 PM, Alan Hiew wrote: Hello! My story: During booting from Tails LiveUSB I choice to use obfs4 bridges: obfs4 141.201.*.*:45785 obfs4 68.45.*.*:* obfs4 54.66.*.*:18965 obfs4 82.243.*.*:990 (full data of these non-publish bridges I can send via private e-mail if someone need) but during several minutes Tails doesn't make Tor connection. Process has stopped at Establishing an encrypted directory connection. Tails 1.3 and later have to support bfs4 bridges as announced. Why this can happen? WBR, Alan Hiew -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJVL/B0AAoJEIN/pSyBJlsR9H0IAKCf5AQUP3pTapBzMvwrdcB+ zHzPhu/84QDgLDfKHE/jMDlFkzBv4Q2DeNLo19gnOrqKbZ32AZNtWDxygp/zC3oB HbKu1/J31/J5pEmwx/9JH1V3t5ZDAoPUT1sQAAj/xGsR3ALlfmRFM1DLvv0nHvVq 0snRbSFsgUx891SMwTgPgGVKm7EwEFo8iJtlwr36XDcFDZqkY0QzaP1QO6sZhdau U+h0bXumGgNG+vG0O9sAGXEP8v+kIJ+9bLfCRwYdvVbe5V+tJWcvzszPupLfW5iI ugw0zfbcaoAgCWPUPgDjEKpP0fBh1SFCI8xn7ch5aRsj/d6QNp8/+S28+/g2hGU= =boDZ -END PGP SIGNATURE- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Why obfs4 bridges aren't work in Tails?
Hi, FYI, when we tested Tails 1.3.2, we could successfully use obfs4 bridges. Cheers, -- intrigeri -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Why obfs4 bridges aren't work in Tails?
i'm not sure if you mentioned this prior but obfs4 bridges must also contain the cert=xx flag in the bridge lines or Tor won't connect to the bridges cheers On Thu, Apr 16, 2015 at 1:20 PM, intrigeri intrig...@boum.org wrote: Hi, FYI, when we tested Tails 1.3.2, we could successfully use obfs4 bridges. Cheers, -- intrigeri -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk