#34129: Use STUN to determine NAT behaviour of peers
 Reporter:  cohosh                   |          Owner:  cohosh
     Type:  enhancement              |         Status:  assigned
 Priority:  Medium                   |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:  Sponsor28

Comment (by cohosh):

 The attached
 go code] demonstrates the use of RFC 5780 on the client side. It required
 only a few modifications to the pion/stun library:

 To summarize, it checks both the NAT mapping behaviour of the client and
 its NAT filtering behaviour. Each of these can be classified as:
 - address-independent (the least restrictive NATs)
 - address-dependent (ports are assigned/connections filtered based on the
 server address)
 - address and port-dependent (ports are assigned/connections filtered
 based on the server address and port)

 Note: I'm only checking the mapping behaviour for address independence,
 not port independence just yet because it requires an additional
 configuration change to my coturn server.

 You can test it out by doing the following:
 go build main.go
 ./main --server

 Note that the filtering test relies on a time out and so will take up to a
 minute to complete (it won't hang forever though). I suspect this is the
 problem we ran into with the coturn utils. Maybe too long a time out or a
 buggy client that waits forever for a filtered response.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34129#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
tor-bugs mailing list

Reply via email to