[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor-cloud/master] Advertise port 443, but listen on 9001. Solves #4164. Thanks, Mike.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor-cloud/master] Advertise port 443, but listen on 9001. Solves #4164. Thanks, Mike.
From: runa@xxxxxxxxxxxxxx
Date: Fri, 14 Oct 2011 12:10:14 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 14 Oct 2011 08:10:24 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: code repository commits <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Runa A. Sandvik <runa.sandvik@xxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit a92d424b6637b81bc21f8bc6ad15cce71a18fd25
Author: Runa A. Sandvik <runa.sandvik@xxxxxxxxx>
Date:   Fri Oct 14 13:09:55 2011 +0100

    Advertise port 443, but listen on 9001. Solves #4164. Thanks, Mike.
---
 ec2-prep.sh |   30 ++++++++++++++++++++++++++++++
 1 files changed, 30 insertions(+), 0 deletions(-)

diff --git a/ec2-prep.sh b/ec2-prep.sh
index a1b1e99..e540c28 100644
--- a/ec2-prep.sh
+++ b/ec2-prep.sh
@@ -12,6 +12,8 @@ CONFIG_FILE="/etc/tor/torrc";
 RESERVATION="`curl -m 5 http://169.254.169.254/latest/meta-data/reservation-id | sed 's/-//'`";
 PERIODIC="/etc/apt/apt.conf.d/10periodic"
 UNATTENDED_UPGRADES="/etc/apt/apt.conf.d/50unattended-upgrades"
+IPTABLES_RULES="/etc/iptables.rules"
+NETWORK="/etc/network/interfaces"
 
 # Make sure that we are root
 if [ "$USER" != "root" ]; then
@@ -58,6 +60,31 @@ Unattended-Upgrade::Allowed-Origins {
 Unattended-Upgrade::Automatic-Reboot "true";
 EOF
 
+# Configure iptables to redirect traffic to port 443 to port 9001
+# instead, and make that configuration stick.
+echo "Configuring iptables..."
+cat << EOF > $IPTABLES_RULES
+*nat
+:PREROUTING ACCEPT [0:0]
+:POSTROUTING ACCEPT [77:6173]
+:OUTPUT ACCEPT [77:6173]
+-A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports
+9001 
+COMMIT
+EOF
+
+mv /etc/network/interfaces /etc/network/interfaces.bkp
+cat << EOF > $NETWORK
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto eth0
+iface eth0 inet dhcp
+  pre-up iptables-restore < /etc/iptables.rules
+EOF
+
 # Choose how to configure Tor
 case "$CONFIG" in
    "bridge" ) echo "selecting $CONFIG config...";;
@@ -102,6 +129,7 @@ cat << EOF > $CONFIG_FILE
 Nickname ec2$CONFIG$RESERVATION
 SocksPort 0
 ORPort 443
+ORListenAddress 0.0.0.0:9001
 BridgeRelay 1
 AccountingStart week 1 10:00
 AccountingMax 10 GB
@@ -116,6 +144,7 @@ cat << EOF > $CONFIG_FILE
 Nickname ec2$CONFIG$RESERVATION
 SocksPort 0
 ORPort 443
+ORListenAddress 0.0.0.0:9001
 BridgeRelay 1
 PublishServerDescriptor 0
 AccountingStart week 1 10:00
@@ -131,6 +160,7 @@ cat << EOF > $CONFIG_FILE
 Nickname ec2$CONFIG$RESERVATION
 SocksPort 0
 ORPort 443
+ORListenAddress 0.0.0.0:9001
 DirPort 80
 AccountingStart week 1 10:00
 AccountingMax 10 GB

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor-cloud/master] Or maybe not, since we are actually root
Next by Author: [tor-commits] r25151: {website} we do not have translations for the manual pages or the webs (website/trunk/getinvolved/en)
Previous by thread: [tor-commits] [metrics-web/master] Make consensus-health checker handle non-fresh consensuses.
Next by thread: [tor-commits] [stem/master] Adding util for handling configuration files
Index(es):
- Author
- Thread