[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Protecting the bridge port from active probes
On Sat, Mar 30, 2019 at 08:44:45PM +0000, Alexander Nasonov wrote:
> This works for me:
>
> AssumeReachable 1
> PublishServerDescriptor 0
> ORPort PUBLIC-IP:2345 NoListen
> ORPort 127.0.0.1:2345 NoAdvertise
> ExtORPort 127.0.0.1:3456 # you can try auto
> ServerTransportListenAddr obfs4 PUBLIC-IP:4567
> ServerTransportPlugin obfs4 exec /path/to/obfs4proxy
You probably also want a "BridgeRelay 1" in there too. That will help
make sure you fetch appropriate directory information in order to have
it available for users of your bridge. And depending on your Tor version,
it will also make sure that your exit policy is reject *:*. (Not that
bridge clients should be trying to exit from you, but you want to make
sure that they don't succeed if for some reason they try :)
--Roger
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays