Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
bolha.us is one of the many independent Mastodon servers you can use to participate in the fediverse.
We're a Brazilian IT Community. We love IT/DevOps/Cloud, but we also love to talk about life, the universe, and more. | Nós somos uma comunidade de TI Brasileira, gostamos de Dev/DevOps/Cloud e mais!

Administered by:

Server stats:

254
active users

bolha.us: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#obfs4

0 posts0 participants0 posts today
Public
Geeky Malcölm 🇨🇦🍀🇺🇦

So I had been running my #OBFS4 Relay behind my Bell Fiber modem w/o issue & decided to move it behind my #UniFi UXG Lite gateway.

I set the server (running Debian) to DHCP & created the port forwarding rules on the UXG. It looked OK but I started to get the "Your server has not managed to confirm reachability for its ORPort(s) at xxx.xxx.xxx.xxx:ZZZZ.

I troubleshot the issue with my buddy Julien & we found the issue was with Home Hub 4000 (HH4K) and the Advanced DMZ. Even though the UXG was showing a public IP on the WAN Port and the HH4K was showing that the port the UXG is plugged into is configured for Advanced DMZ, traffic was not being passed back & forth.

I disabled the HH4K DMZ & reserved a DHCP IP for the UXG & created a port forwarding rule for the TOR ports on the HH4K to the UXG. Then on the UXG, I created port forwarding rules from the WAN IP, which is now an internal IP, to the Relay server.

After a reboot, things came back online.

Continued thread
Public *
Kevin Karhan :verified:

@torproject same with #obfs4 bridges: there is no option to say like ports=80,443 or similar, which makes it cumbersome to get said bridges.

And trying to get places to #DontBlockTor that criminalize the use of #Tor is foolish at best.

Contabo ToS Section 9.4: " (4) The Provider is entitled to immediately block any webspace packages and servers that are being used to operate the “TOR” service, insofar as the Provider has become aware that the server or package is being used unlawfully. "
#germany#hosters#tos
Public
Kevin Karhan :verified:

#WhatsMissing: A tool to check if #TorBridges are still available/online/reachable that one can use either #standalone (with #TorBrowser and/or #Tor Expert Bundle) or on @tails_live / @tails / #Tails.

  • Cuz I do run into issues and kinda want to sort #Bridges by availability so I don't waste time on a #TorBridge that is down and also thin-out the list of bridges that ain't online anymore.

Whilst I do acknowledge that @torproject do disrecommend having a huge list of Tor Bridges on hand, I do regularly need them for contacts who are behind a #GreatFirewall and can't #SSH-Tunnel out of it.

Espechally being able to filter for #IPv4only and not just #IPv6only is something I miss, alongside the filter for #PluggableTransports type as @guardianproject #Orbot seems to only handle #obfs4 and not webtunnel or #meek at all...

  • I'm pretty certain that merely pinging a bridge at it's port isn't working as a shure-fire way to check for it's availability.
bridges.torproject.orgThe Tor Project | Privacy & Freedom OnlineDefend yourself against tracking and surveillance. Circumvent censorship.
Replied in thread
Public *
Kevin Karhan :verified:

@wmd @miqokin I've yet to find a nation that criminalizes @torproject but not #VPN|s that facilitate the same...

  • Also commercial VPN providers are relatively easy to detect, filter & block unless they support #SSH-Tunneling.

Whereas #Tor has multiple ways to circumvent #InternetCensorship, includibg multiple #proxy & 9bfuscation systems like #obfs4, #meek, #webtunnel and regular #TorBridges on included, public query-able amd private lists...

chaos.social🌈☔🌦️🍄 (@wmd@chaos.social)@kkarhan@infosec.space @miqokin@denden.world sorry a single line, sourcing a single bold claim linking to a wall of (us) legalese isn't a very useful means of communication. VPNs have functions outside of geoblocking. In many countries not logging isn't illegal (logging and not providing logs is a different story). Tor would be illegal otherwise. Torrenting is one reason, laws and enforcement changes a lot from country to country. Requiring international cooperation is another, making things more complicated. (1/2)
Public
AS 396507

Recently we upgraded our #Tor #obfs4 bridge relay from Ubuntu 22.04 to 24.04. Unfortunately we missed a permissions issue with obfs4 that changed with the upgrade. This kept Tor in a restart loop and prevented anyone from using the bridges. This has been corrected.

This were the errors:

[warn] Server managed proxy encountered a method error. (obfs4 listen tcp 23.129.64.90:443: bind: permission denied)

[warn] Managed proxy '/usr/bin/obfs4proxy' was spawned successfully, but it didn't launch any pluggable transport listeners!

We also have a #WebTunnel bridge that was not affected since it's on the disobey.net server.

emeraldonion.org/bridges/

emeraldonion.orgBridgesEmerald Onion hosted Tor bridges
Public
Kevin Karhan :verified:

One thing that @torproject is missing is a way to check availability and reachability of #Bridges with a simple tool.

  • This is kinda vital as I do occasionally setup private #bridges and also want to enshure the private #TorBridges list I have is up to date.

Manually adding/removing one #bridge after the other in #TorBrowser and see if those connect is a relatively inefficient process and merely pinging them isn't viable either, espechally on #meek, #obfs4 and #snowflake type bridges.

  • Now to make the obvious clear: I'd NEVER publicly list any #TorBridge on my lists.d repo obviously, because that would only harm #Tor...

I'm not even asking for like a fancy tool that is as clean as @micahflee 's #OnionShare but merely a #CLI thing (if necessary I'd build some #bash script) to automatically attempt to connect to said bridge and either spit out an ok or error.

  • Something one can just feed with a text file and that'll spit out a different file with ok/working bridges and/or discards the non-working ones from the list.

And yes, this tool is kinda crucial as I want to quickly sift through a load of bridges that work on restricted ports (22, 80, 443) and thus can bypass the #GreatFirewall and #Roskomnadzor filtering...

  • So people fleeing can at least safely communicate.

If anyone at #TorProject needs more details, I'll gladly exchange them in a secure manner.

GitHubGitHub - greyhat-academy/lists.d: List of useful thingsList of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.
#gitlab#documentation#techilliterates
Public
Geeky Malcölm 🇨🇦🍀🇺🇦

So I am running a #Tor "farm" at home. It had consisted of 2 older #Wyse Terminals running #Ubuntu Server Minimized. One server was a #obfs4 bridge and the other was a #Snowflake proxy server.

I decided to port these machines to VMs running Ubuntu 24.04 & ran into some issues. On a whim, I decided to spin up a #Debian VM for the #obfs4 bridge last night, fully expecting to wake up to an issue this morning. I was wrong. The bridge is online & appears to be working. It was always a fight with Ubuntu, not the case with Debian.

So I spun up another Debian VM for the Snowflake proxy & it now also online and working 100%.

All hail Debian???

#TorProject
ExploreLive feeds
About