[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] failed setup of obfs4 on relay

To: <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] failed setup of obfs4 on relay
From: <jackoreamnos@xxxxxxxxxxxx>
Date: Fri, 30 Mar 2018 19:03:40 +0200 (CEST)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 30 Mar 2018 13:03:54 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tutanota.com; s=20161216; t=1522429420; bh=KvH7KFfQUvx9O2m/JQYxW2e+kIZkuRCTpOuckfJivQM=; h=Date:From:To:In-Reply-To:References:Subject:From; b=EgER4xm+ArPt0beDYj1FBJvHBlq2GJUH/B9g3GqHrebUOrsWrk8zDn1dSDV5ikJ4K wsROIeHaLA1/KuSCKtN0X6RG4bvzzYipYPArqIRBnT7P+t6FQ2EqRoQUf4cKSPvBwT XT48FC2Hr0s+GewaXS4cf/ZeeIvYTuvg+67Bn88VOeQdc0fCFZ9/Cjh+kieZKI8g2/ ekZxSN85HSI2UNDywz/lE2M5p6UvTZIJpNn+GoCeyyRi+D5TeB7VQ9XbwJcgVzNvVy 3Gq+hoF31+2QnOn//+ySViWCiyUKskIEYyPzhPJkDGgd9XOG6owl6C6JPEr3YA5YUt jrW8DaH4EHGtw==
In-reply-to: <L8rQ_kg--3-0@tutanota.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <L8rQ_kg--3-0@tutanota.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Alright, problem solved although I don't understand why. Hope someone can educate me:

What I did.
(1) Turned on Log debug stderr in torrc, and I could see obfs4 loading correctly.
(2) Then I realized obfs4 writes to a file to help people construct the bridgeline for tow browser in pt_state/obfs4_bridgeline.txt

The format is like:
Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=[scrubbed] iat-mode=[scrubbed]

Which is different from the bridge line I used by hand, i.e. has FINGERPRINT, has cert=? and iat-mode=?.
These extra bits made all the difference, but why?

Jack

30. Mar 2018 15:02 by jackoreamnos@xxxxxxxxxxxx:

Am a novice compiling Tor (0.3.2.9) and been successful using this from a Tor Browser as a private bridge by entering "a.b.c.d:9001" into Tor Browser. However, pointing my Tor Browser to the obfs4 on the same machine fails with something like General SOCKS failure in the log. Below is my torrc:

SOCKSPort 0
CookieAuthentication 1
ControlPort 9051
ORPort 9001
ExtORPort auto
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
# ServerTransportListenAddr obfs4 [::]:60443
ServerTransportListenAddr obfs4 0.0.0.0:60443
ExitRelay 0
BridgeRelay 1
PublishServerDescriptor 0

Tests I have done:
(1) using obfs4 compiled from git repository, as well as the OS package.
(2) opening port 60443, as well as dropping all firewalls - does not make a difference; meanwhile, pointing telnet at a.b.c.d 60443 connects successfully
(3) using Tor Browser with default supplied obfs4 bridges works well (log shows I was able to download a list of bridges and their fingerprints).

So I think I have ruled out problems with my Tor client (Tor Browser), and I have ruled out firewall configurations on the server, and ruled out obfs4 being blocked on my ISP. Since Tor itself works, and I have tried obfs4 from source as well as from the OS package, the only thing I can think of is something wrong with the config above.

Any hints would be appreciated, as well as any steps I can do to further diagnose would be helpful.

Thanks,
Jack

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] failed setup of obfs4 on relay
  - From: teor

References:
- [tor-relays] failed setup of obfs4 on relay
  - From: jackoreamnos

Prev by Author: [tor-relays] failed setup of obfs4 on relay
Next by Author: Re: [tor-relays] Best tor version
Previous by thread: [tor-relays] failed setup of obfs4 on relay
Next by thread: Re: [tor-relays] failed setup of obfs4 on relay
Index(es):
- Author
- Thread