On Tuesday 28 August 2007 10:53:24 Christian Grothoff wrote: > On Tuesday 28 August 2007 03:34, Roger Dingledine wrote: > > > Choosing 443 makes this hard to implement because Tor has to be started > > > as root to bind to it. Would it be as well to suggest a popular > > > high-numbered port such as 8080? > > > > Good point. I guess in Windows-land it should be 443, but in Unix-land > > it shouldn't be. Is 8080 popular? What are other good choices that won't > > stand out too much? > > I disagree a bit here. It is pretty easy to use iptables & friends to map > the external port 443 to any other internal port. I've been using this in > GNUnet -- the http transport advertises the public port 80 and internally > uses a different port. The user than adds a rule to the firewall > configuration, something like: > > # iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j > REDIRECT --to-ports 8080 > Yes, but I think Tor will try to bind to the address that you want to advertise - which is the problem. 8080 is used by coral cache and many others, including open proxies. Maybe censors firewall it as a rule for just that reason. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK - KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus - http://www.klamav.net
Attachment:
signature.asc
Description: This is a digitally signed message part.