On Wed, Dec 18, 2019 at 12:12:03PM -0800, Eddie wrote:
I've seen a few comments mentioning the lack of obfs4 bridges using port
443, so as I don't run any kind of webserver on the VPS I can do this. I
also wanted to run an obfuscated bridge on port 80, but it seems that you
can only run a single instance of obfs4. Searching around, the most common
setup I found was this:
ServerTransportListenAddr obfs3 [::]:80
ServerTransportListenAddr obfs4 [::]:443
Is this the best way to support both port 80 and 443, or is there a better
way.
You cannot run two obfs4 instances under one Tor instances. You will
either have to start two Tor instances or configure a port forward from
port 80 to 443.
Also, there's no point in running both obfs3 and obfs4: If a bridge runs
multiple transports and some are resistant to active probing attacks
(scramblesuit, obfs4) while others aren't (vanilla Tor, obfs2, obfs3,
fte), then BridgeDB won't hand out the bridge's vulnerable transports
because they constitute a liability to the resistant transports. See
the following ticket for more details:
<https://bugs.torproject.org/28655>
Next, the ORPort. There seems to be confusing information about setting
this up, in conjunction with obfs4proxy. Again, my setup:
ORPort 9001
ORPort [--my public ipv6 address--]:9002
Ideally, it shouldn't be necessary to expose an OR port if one is only
running an obfs4 bridge. Unfortunately, we're not quite there yet:
<https://bugs.torproject.org/7349>
I suggest selecting a random OR port other than 9001.
Again, is the the best way, as I've seen some information that says avoid
9001, but others say it's OK to use for a bridge, with obfs4proxy.
It's best to avoid port 9001 because this port is commonly associated
with Tor. Censors could easily scan the entire IPv4 address space for
port 9001 and block whatever turns out to be a Tor bridge.
Cheers,
Philipp
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays