On Thu, Dec 22, 2011 at 03:38:29PM +0100, Okhin wrote:
Hello,
I was trying to run flashproxy using gnash following the RTMFP part of the tutorial located here: https://gitweb.torproject.org/flashproxy.git/blob/HEAD:/README
I do not use the gnash-plugin embedded in a browser, but the CLI tool gnash packaged with debian (and invoking it like this, as a standard user: gnash swfcat.swf -p client=1 -p debug=1
Thank you for testing this and for the thorough report. Unfortunately I'm not surprised that it doesn't work with Gnash. I don't think Gnash has some of the features we use, and probably doesn't have RTMFP, which has only been partially reverse-engineered in another project. Some log messages suggest this:
3338:1] 15:33:34: UNIMPLEMENTED: SWF10 is not fully supported, trying anyway but don't expect it to work 3338:2] 15:33:35: DEBUG: This SWF uses AVM2 3338:2] 15:33:35: ERROR: This SWF file requires AVM2, which was not enabled at compile time.
RTMFP is only useful for NAT traversal, so if you can enable port forwarding or something else, don't use it. Personally, I don't recommend using the RTMFP transport at all, for these reasons: 1. It requires a static third party to assist in NAT traversal. By default this is some Adobe server, which is clearly unacceptable. We found a way to use our own server, so you at least don't have to trust any additional parties, but that server still sits at a static address and is trivially blockable, defeating the whole purpose. 2. It requires running Flash on the client, which is not normally required when using flash proxies. 3. The fact that normally Flash is run in the browser may encourage people to run Flash in their Tor browser, which is a bad idea.
I think you had the right idea in trying to run it with Gnash from the command line. But if you can avoid using RTMFP, that's what I recommend.
This is how I use flash proxies with port forwarding at home: Set up my router to forward port 7000 to my PC. sudo iptables -A INPUT --proto tcp --dport 7000 -j ACCEPT ./connector.py -f tor-facilitator.bamsoftware.com :9001 :7000
David Fifield