Opened 7 years ago

Closed 7 years ago

#3477 closed task (fixed)

A plan to understand specific features for the "Feature complete alpha-test prototype"

Reported by: ioerror Owned by: ioerror
Priority: Medium Milestone:
Component: Archived/Torouter Version:
Severity: Keywords:
Cc: runa ioerror Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

This is where we will enumerate the specific features we will ship with as a bare minimum for the Torouter's alpha-test.

Child Tickets

Change History (4)

comment:1 Changed 7 years ago by ioerror

I want the following as our bare minimum:

Debian with stock Marvel Kernel
Tor packages from deb.torproject.org - 0.2.3.x or 0.2.2.x; it doesn't matter which
eth0 should be the "internet" interface
dhcp client 'dhclien3t' running on eth0
Tor configured as a relay
OpenSSH configured to listen on port 22
Root's password set to a rather large random string

Other packages should also be installed to ensure the debs update, etc

comment:2 in reply to:  1 Changed 7 years ago by runa

Replying to ioerror:

I want the following as our bare minimum:


I'm trying to get a better understanding of what we currently have and what we need to work on in the next couple of weeks.

Debian with stock Marvel Kernel


Done, documented in steps 1 to 12 on https://trac.torproject.org/projects/tor/wiki/doc/DebianDreamPlug

Tor packages from deb.torproject.org - 0.2.3.x or 0.2.2.x; it doesn't matter which


Done, documented under "Happy extended hacking with Tor" on https://trac.torproject.org/projects/tor/wiki/doc/DebianDreamPlug

eth0 should be the "internet" interface


We should document this.

dhcp client 'dhclien3t' running on eth0


Do you mean 'dhclient'?

Tor configured as a relay


We should document this.

OpenSSH configured to listen on port 22


Done, documented in step 13 on https://trac.torproject.org/projects/tor/wiki/doc/DebianDreamPlug. It probably wouldn't hurt to add information about how to secure SSH as well (at least the most basic things, such as only allow certain users, not permit root login etc).

Root's password set to a rather large random string


Step 9 on https://trac.torproject.org/projects/tor/wiki/doc/DebianDreamPlug does mention setting a root password, but I'm sure we can make that a step of its own.

Other packages should also be installed to ensure the debs update, etc


Well, there's cron-apt and apticron. Depends on what we want to do.

I think it would make sense to split https://trac.torproject.org/projects/tor/wiki/doc/DebianDreamPlug into two pages: one which talks about how to install Debian on the DreamPlug and another one which talks about how to install Tor, configure Tor as a bridge or a relay, set up an open wifi and so on.

comment:3 Changed 7 years ago by runa

I have created https://trac.torproject.org/projects/tor/wiki/doc/TorDreamPlug and listed the steps you mentioned (install Tor, configure Tor, set up eth0, install a dhcp client and so on). Now we just need to document it and figure out if there is anything we're missing.

comment:4 Changed 7 years ago by ioerror

Resolution: fixed
Status: newclosed

We have three main network interfaces. The eth0 device will only support dhcp ethernet networks. Manual network configuration is not supported at this time but users are welcome to ssh into the device to attempt to configure it at their own risk.

The eth0 network interface is assumed to be the internet connection for the Torouter until further notice.

The eth1 network interface is assumed to be a gateway that provides dhcp service for any devices connected to eth1 - this allows the Torouter to be used as a NAT assuming that eth0 is connected to the internet. In addition, this is where the web UI (not yet written, sshd, dhcpd, and a normal DNS cache for configuration would bind to the eth1 network. This prevents configuration of the bridge without authorization by connecting to the address advertised by Tor. It also allows for using the Torouter as a NAT device. Developers will likely change this for their own setup but users need to know they can configure the Torouter by connecting to the second ethernet port and configuration will be provided if they are familiar with using ssh to connect to a Debian machine.

Tor will run as a service configured as a bridge. The bridge will be capped and configured with a torrc that is mentioned in doc/TorDreamPlug. It will bind to eth0 only.

This means that by default Torouter will only bind to a single TCP port on eth0 and eth1 will have a full network like any other NAT device that is NAT'ed via the eth0 device.

The wireless network will be configured to transparently route Tor but it will be left in the down state. This means that a user can bring up the wifi with a configuration command. If the user brings up the interface and anyone joins the network, the network should provide a splash page to ensure that any user of the transparent network gives informed consent before actually sending packets out of the network. It should also be possible to set specific devices that are forever remembered or even to configure the network to never pop up a splash page. Once this splash page is implemented, we will turn on the wifi network by default.

The device will automatically keep time synced with openntpd and it will be configured to only keep very minimal logs.

The device will have a firewall with ufw as the policy manager. It will drop all packets on eth0 that are not related to the Tor bridge operation. It will respond to icmp and all services offered on eth1. The firewall policy for the wireless network interface is more complex and will be handled when we enable it by default - more discussion is required.

This will ship with the Tor 0.2.3.x branch to attempt to use the NAT-PMP and UPNP support ala tor-fw-helper.

Note: See TracTickets for help on using tickets.