On Monday, December 12, 2022, 08:31:43 AM MST, David Fifield <[email protected]> wrote:
On Sun, Dec 11, 2022 at 04:25:06AM +0000, Gary C. New via tor-relays wrote: >> I was successfully able to get Snowflake cross-compiled and installed for >> OpenWRT and Entware as a package. > Thanks, nice work. >> # opkg files snowflake >> Package snowflake (2.4.1-1) is installed on root and has the following files: >> /opt/bin/proxy >> /opt/bin/client >> /opt/bin/probetest >> /opt/bin/broker >> /opt/bin/server >> /opt/bin/distinctcounter >I don't think it makes sense to package the server or broker for >OpenWRT. The client and proxy, sure. But the server and broker do not >even run on the same host in an actual deployment. distinctcounter is >just a metrics utility for the broker: >https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/95 I agree it makes sense to package the client and proxy separate from the broker and server. This was just a quick and dirty test to see if I could get Snowflake cross-compiled and working on the OpenWRT and Entware platforms. I am having some issues or misunderstandings with implementing Snowflake Proxy within Tor. I assumed that implementing Snowflake Proxy within Tor would be similar to OBFS4Bridge in that Tor would initialize Snowflake Proxy as a managed Pluggable Transport listening on the assigned ServerTransportListenAddr. I can see Snowflake Proxy initiate outbound requests, but I don't see it listen on the specified ServerTransportListenAddr and Port. NOTE: Basic Inbound Connection Flow is Nginx (xxx.xxx.xxx.xxx:6031) => Snowflake Proxy (192.168.0.31:6031) => Tor (192.168.0.31:9001) NOTE: I am only running Snowflake Proxy within the test torrc configuration. # cat torrc ... Nickname Snowflake31 ORPort xxx.xxx.xxx.xxx:443 NoListen ORPort 192.168.0.31:9001 NoAdvertise BridgeRelay 1 BridgeDistribution moat ExtORPort 192.168.0.31:auto ###ServerTransportPlugin obfs31-1 exec /opt/bin/obfs4proxy -enableLogging ###ServerTransportListenAddr obfs31-1 192.168.0.31:3031 ServerTransportPlugin snowflake31-1 exec /opt/bin/proxy -log /tmp/snowflake.log -verbose ServerTransportListenAddr snowflake31-1 192.168.0.31:6031 # ps w | grep -I tor 26303 tor 253m S /opt/sbin/tor -f /tmp/torrc --quiet 26304 tor 795m S /opt/bin/proxy -log /tmp/snowflake.log -verbose # netstat -anp | grep proxy tcp 0 0 192.168.0.31:49850 37.218.245.111:443 ESTABLISHED 26304/proxy udp 0 0 192.168.0.31:33961 0.0.0.0:* 26304/proxy udp 0 0 0.0.0.0:52654 0.0.0.0:* 26304/proxy # tail -f /tmp/snowflake.log ... 2022/12/12 04:28:33 snowflake-proxy 2.4.1 2022/12/12 04:28:33 Proxy starting 2022/12/12 04:28:33 WebRTC: Created offer 2022/12/12 04:28:33 WebRTC: Set local description 2022/12/12 04:28:33 Offer: {"type":"offer","sdp":"v=0\r\no=- 4129729503856148472 1670819313 IN IP4 [scrubbed]\r\ns=-\r\nt=0 0\r\na=fingerprint:sha-256 3B:60:50:33:72:A1:35:91:44:7E:02:2E:F2:4E:0E:21:C2:24:1C:47:F7:43:A1:A7:F3:DE:BA:AB:3E:82:9E:11\r\na=extmap-allow-mixed\r\na=group:BUNDLE 0\r\nm=application 9 UDP/DTLS/SCTP webrtc-datachannel\r\nc=IN IP4 [scrubbed]\r\na=setup:actpass\r\na=mid:0\r\na=sendrecv\r\na=sctp-port:5000\r\na=ice-ufrag:glNJtRHnBjaRYRkg\r\na=ice-pwd:OxntNuRslEPhLgSstUnzwJFTPzPUGmzt\r\na=candidate:551460743 1 udp 2130706431 [scrubbed] 50786 typ host\r\na=candidate:551460743 2 udp 2130706431 [scrubbed] 50786 typ host\r\na=candidate:1335998215 1 udp 1694498815 [scrubbed] 45684 typ srflx raddr [scrubbed] rport 45684\r\na=candidate:1335998215 2 udp 1694498815 [scrubbed] 45684 typ srflx raddr [scrubbed] rport 45684\r\na=end-of-candidates\r\n"} 2022/12/12 04:29:00 NAT Type measurement: unknown -> restricted = restricted 2022/12/12 04:29:00 NAT type: restricted ... 2022/12/12 04:29:11 sdp offer successfully received. 2022/12/12 04:29:11 Generating answer... ... 2022/12/12 04:29:31 Timed out waiting for client to open data channel. 2022/12/12 04:29:41 sdp offer successfully received. 2022/12/12 04:29:41 Generating answer... 2022/12/12 04:30:02 Timed out waiting for client to open data channel. ... 2022/12/12 04:32:05 sdp offer successfully received. 2022/12/12 04:32:05 Generating answer... 2022/12/12 04:32:26 Timed out waiting for client to open data channel. Is it possible to use Snowflake Proxy as a managed Pluggable Transport similar to OBFS4Bridge within Tor? It would be helpful to have a torrc configuration example within the Standalone Snowflake Proxy documentation. Thanks, again, for your guidance and assistance. Respectfully, Gary
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
