Opened 4 years ago

Closed 14 months ago

#16261 closed defect (fixed)

Update the "Running a Bridge" section of the website

Reported by: isis Owned by: isis
Priority: Medium Milestone:
Component: Webpages/Website Version:
Severity: Normal Keywords: tor-bridges, docs, pts, website-content
Cc: isis, tjr, saint Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Tom Ritter reported that the information at the bottom of https://www.torproject.org/docs/bridges.html.en#RunningABridge on running a Bridge relay is very out-of-date. We should probably:

1) Move it to a separate page, because it's intended for a different audience than the rest of the page.

2) Explain that operators should be running Tor>=0.2.5 if they want to offer pluggable transports.

3) Update it to explain the minimum requirements for running an obfs4proxy bridge, and give an example torrc like:

ORPort 1.1.1.1:62419
ORAddress [2001::f00]:62420
ExtORPort auto
RunAsDaemon 1
ExitPolicy reject *:*

BridgeRelay 1
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
ServerTransportListenAddr 1.1.1.1:80
ServerTransportPlugin obfs3 exec /usr/bin/obfs4proxy
ServerTransportListenAddr 1.1.1.1:443

# (Assuming 1PFH8NPWu2g6TdRQsirTPGpbnPBhkzQMvM is still noisetor's BTC
# donation address. See https://oniontip.com/#adding-relay)
ContactInfo Bridge-Operator <admin@tor.noisebridge.net> 1PFH8NPWu2g6TdRQsirTPGpbnPBhkzQMvM
Nickname noisebridgeliteraly
MyFamily $1A835E3663068222F28F7C5AF3216F4B27B50B57,$E93F05C9A7112544A2F132CBB7F6701877140F2A,$3591E0E966309AD335BE62FF694E8A898F97A6C9,$D42EE35F9B62769E782DEA2FC6358ABFAFE7DB66,$C6F6B70AD9115C65B618B0AF3FD10B0432626CA9

CellStatistics 1
DirReqStatistics 1
EntryStatistics 1
ConnDirectionStatistics 1
ExtraInfoStatistics 1

4) Explain how people can get/construct their bridge lines in order to test their bridge.

Child Tickets

Change History (8)

comment:1 Changed 4 years ago by tmpname0901

4) Explain how people can get/construct their bridge lines in order to test their bridge.


#!/bin/sh

if [ ! -f /var/lib/tor/pt_state/obfs4_bridgeline.txt ]; then

echo "Not an obfs4 bridge (or permissions)"
exit 1

fi

FING=$(cat /var/lib/tor/fingerprint | cut -d ' ' -f2)
ADDR=$(grep ServerTransportListenAddr /etc/tor/torrc | cut -d ' ' -f3 | sort -R | head -n 1)
BRDG=$(grep
Bridge /var/lib/tor/pt_state/obfs4_bridgeline.txt)

echo $BRDG | sed s/'<IP ADDRESS>:<PORT>'/$ADDR/ | sed s/'<FINGERPRINT>'/$FING/


# ./brdgline
Bridge obfs4 [11.22.33.44]:443 0000000000000000000000000000000000000000 cert=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX iat-mode=0

comment:2 Changed 4 years ago by yawning

ServerTransportListenAddr is entirely optional. A better place to check would be /var/lib/tor/state (TransportProxy obfs4 addr:port), assuming tor has finished guessing it's IP address.

The ServerTransportPlugin line can be unified as well to ServerTransportPlugin obfs3,obfs4 exec /usr/bin/obfs4proxy.

comment:3 Changed 4 years ago by saint

Cc: saint added

comment:4 Changed 23 months ago by hiro

Keywords: website-content added
Severity: Normal

comment:5 Changed 18 months ago by irl

Parent ID: #24497

comment:6 Changed 16 months ago by cypherpunks

Parent ID: #24497

comment:7 Changed 16 months ago by yawning

Cc: yawning removed

comment:8 Changed 14 months ago by hiro

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.