On Wednesday, December 14, 2022, 02:55:05 AM MST, trinity pointard <[email protected]> wrote:
Hi trinity! >> As an added bonus, obfs4proxy also supports acting as an obfs2/3 client and >> bridge to ease the transition to the new protocol. >> My question is whether the respective obfs2|3|4 transport names force the >> corresponding protocol? > It does force the use of the protocol you specified, or at least it > should and if it doesn't, that's a bug to report. You can quickly > check this by connecting to an obfs4 bridge while saying it's obfs3: > tor won't bootstrap. Your recommended testing confirms that the "transport" portion of the ServerTransportListenAddr directive is an actual option passed and recognized by obfs4proxy (not just a label). This point was made confusing by the "Example: ServerTransportOptions obfs45 shared-secret=bridgepasswd cache=/var/lib/tor/cache" in the Tor manual. Notice the "obfs45" transport, which errors with "[warn] Server managed proxy encountered a method error. (obfs45 no such transport is supported)." I'm assuming this is a typo in the Tor manual? Finally, it appears that BridgeDB hands-out the transport type with the ServerTransportListenAddr:Port and nullifies my attempts at providing multiple obfs4proxy listeners per Tor instance. It's unfortunate that only a single ServerTransportListenAddr:Port can be spawned per Transport per Tor instance. Hopefully, this will be remedied in Arti. >> Also... It wasn't clear in the manual whether obfs4proxy -enableLogging >> takes an optional path/file? > It doesn't, logs are stored in $TOR_PT_STATE_LOCATION/obfs4proxy.log > (usually that would be /var/lib/tor/pt_state/obfs4proxy.log) I appreciate you confirming the obfs4proxy -enableLogging question as well. It seems like a symlink will have to do. Thank you for your time and assistance. Respectfully, Gary On Wed, 14 Dec 2022 at 10:02, Gary C. New via tor-relays <[email protected]> wrote: > > All: > > I noticed that the obfs2, obfs3, and obfs4 transport names seem to be > hardcoded into tor. > > I have been able to configure the torrc to register each of the transports > for multiple ServerTransportListenAddr: > > # cat torrc > ORPort xxx.xxx.xxx.xxx:443 NoListen > ORPort 192.168.0.31:9001 NoAdvertise > SocksPort 9050 > SocksPort 192.168.0.31:9050 > ControlPort 9051 > HTTPTunnelPort 9080 > HTTPTunnelPort 192.168.0.31:9080 > ExtORPort 192.168.0.31:auto > BridgeRelay 1 > BridgeDistribution moat > ServerTransportPlugin obfs2 exec /opt/bin/obfs4proxy -enableLogging > ServerTransportListenAddr obfs2 192.168.0.31:3102 > ServerTransportOptions obfs2 iat-mode=2 > ServerTransportPlugin obfs3 exec /opt/bin/obfs4proxy -enableLogging > ServerTransportListenAddr obfs3 192.168.0.31:3103 > ServerTransportOptions obfs3 iat-mode=2 > ServerTransportPlugin obfs4 exec /opt/bin/obfs4proxy -enableLogging > ServerTransportListenAddr obfs4 192.168.0.31:3104 > ServerTransportOptions obfs4 iat-mode=2 > DirCache 1 > ExitRelay 0 > > # grep -i obfs ./torlog > 2022/12/14 00:39:07 [NOTICE]: obfs4proxy-0.0.14 - launched > Dec 13 17:41:48.000 [notice] Registered server transport 'obfs2' at > '192.168.0.31:3102' > Dec 13 17:41:48.000 [notice] Registered server transport 'obfs3' at > '192.168.0.31:3103' > Dec 13 17:41:48.000 [notice] Registered server transport 'obfs4' at > '192.168.0.31:3104' > > # netstat -anp | grep obfs4proxy > tcp 0 0 192.168.0.31:3102 0.0.0.0:* LISTEN > 30185/obfs4proxy > tcp 0 0 192.168.0.31:3103 0.0.0.0:* LISTEN > 30185/obfs4proxy > tcp 0 0 192.168.0.31:3104 0.0.0.0:* LISTEN > 30185/obfs4proxy > > My question is whether the respective obfs2|3|4 transport names force the > corresponding protocol? > > If so... Are there any ServerTransportOptions that can force the obfs4 > protocol on the legacy obfs2|3 transports? > > Also... It wasn't clear in the manual whether obfs4proxy -enableLogging takes > an optional path/file? > > I appreciate any knowledge on the subjects. > > Respectfully, > > > Gary > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
