[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Please try out the new bridge features
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Please try out the new bridge features
- From: "Ringo Kamens" <2600denver@xxxxxxxxx>
- Date: Mon, 30 Jul 2007 09:58:43 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Mon, 30 Jul 2007 09:58:55 -0400
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Q9YyamgIlP3TFJUwUcJ+AFGQ3efG6V2Dtv6iKFCkIThMSS1REnRBeUlS9mPD4zcC5CDyZZHBRXpcvmctkBxkySW64zmUfj1IlFWKrfLNeG8QRSQsfbGu7KCV7YUtc4MlpL7bBRu0PFijOEHI1MkayIVFsGOJnHnnxd7uSTWpoTo=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=f4LT5VsSpw3mlZn/tlT2BrZOX5zCY0U48wyauSSX6OPL8TnKs575j3l5Xyca4wuIe4oTNeJHgxYnxtTivkBWwREZHUIikysnIXl/Fga9UCiGqeTNjnVBTg95up7bWkXaCwJZ2Zpsl2McI5VnaIdFE88HOJCfG3FnpKBegY1mmok=
- In-reply-to: <20070730121306.GH6246@xxxxxxxxxxxxxx>
- References: <20070730121306.GH6246@xxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
Thanks for implementing this feature, I had no idea it was on the road
map. This is a feature that will be very useful for people behind
corporate firewalls, the great wall of china, etc.
Comrade Ringo Kamens
On 7/30/07, Roger Dingledine <arma@xxxxxxx> wrote:
> Hi folks,
>
> The upcoming 0.2.0.3-alpha release has a couple new features from the
> blocking-resistance design we're working on. I'm going to write down more
> details about how it works soon, but I wanted to give people a chance
> to play with it (and report problems) now that it'll be out in a release.
>
> For background on the design, see
> https://tor.eff.org/svn/trunk/doc/design-paper/blocking.html
>
> In short, the new Tor release lets you run a relay that isn't in the
> main directories (known as a bridge), and you can configure your client
> by giving it a set of bridge addresses to use as your first hop into
> the Tor network and as your source of directory information. There's no
> support in Vidalia for it yet, and the design is still in flux, but here
> are some tips to get you started.
>
> (Warning: these instructions are geared for people who are comfortable
> editing their torrc and messing around with Tor. If it breaks and
> you think it's a bug, please let me know; if you just fail to get it
> working, wait for a few more releases and it'll be easier. Also, note
> that these features alone do not provide very good blocking-resistance;
> more features are on the way still.)
>
> Thanks!
> --Roger
>
> ********* Part one: using a bridge when you're a client *****
>
> Add these lines to your torrc file:
>
> UseBridges 1
> TunnelDirConns 1
> Bridge 128.31.0.34:9009 4C17 FB53 2E20 B2A8 AC19 9441 ECD2 B017 7B39 E4B1
>
> You can specify as many Bridge lines as you like, one for each bridge
> you'd like to use. You can leave out the key if you don't know it or
> don't care:
>
> Bridge 128.31.0.34:9009
>
> ******** Part two: setting up your own bridge ***********
>
> Configure yourself as if you were a normal Tor server. Make sure to
> define a DirPort. Then add this line to your torrc file:
>
> PublishServerDescriptor 0
>
> This makes you into a Tor server that doesn't advertise on the main
> directory authorities. You should tell people your IP address and ORPort
> (and optionally your identity fingerprint) and they can write their own
> Bridge lines as in "Part one" above.
>
> Optionally, you may want to set
>
> RelayBandwidthRate 50 KB
> RelayBandwidthBurst 50 KB
>
> instead of the more traditional BandwidthRate and BandwidthBurst options,
> so you can use your bridge as a Tor client too and not get hit by your
> own rate limiting.
>
> ********Part three: a bridge directory authority *********
>
> For the adventurous, I'm also running a temporary bridge directory
> authority. If you want your bridge to publish to this bridge authority,
> use these lines in your torrc:
>
> PublishServerDescriptor bridge
> dirserver moria1 v1 orport=9001 128.31.0.34:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
> dirserver moria2 v1 orport=9002 128.31.0.34:9032 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
> dirserver tor26 v1 orport=443 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
> dirserver lefkada orport=443 140.247.60.64:80 38D4 F5FC F7B1 0232 28B8 95EA 56ED E7D5 CCDC AF32
> dirserver dizum 194.109.206.212:80 7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D D755
> dirserver moria5 orport=9005 bridge no-v2 128.31.0.34:9035 F812 FCC1 E3EB E2E8 1C09 E516 E51A F9BF AFE3 3974
>
> The first line specifies to publish to all authorities of type 'bridge',
> and the last line specifies a new dirserver of type bridge. The others
> are just repeating the current dirservers so we don't lose them when we
> define a new one. I promise I'll have a better interface for this soon. :)
>
> Then clients that use your bridge can add
>
> UpdateBridgesFromAuthority 1
>
> to their torrc, and now even if your IP:port change (for example you're
> on a dynamic IP address), they'll still be able to find you again.
>
>