I do wonder if the advice [1] is ok or wrong.
[1] https://tor.stackexchange.com/questions/6370/how-to-run-an-obfs4-bridge
On 16 Oct 2018, at 03:58, Toralf Förster toralf.foerster@gmx.de wrote:
I do wonder if the advice [1] is ok or wrong.
[1] https://tor.stackexchange.com/questions/6370/how-to-run-an-obfs4-bridge
The post contains conflicting advice.
But diversity of obfs4 ports is actually really important, so I'd argue against any instructions that will lead people to using the same port. – Roger Dingledine Apr 4 '15 at 19:50
This advice is correct.
Leave your ExtORPort set to auto for diversity reasons. I have a firewall enabled on my Debian bridge with very restrictive port settings. I had to make port forwards for the given obfs ports in iptables (easy with gufw) as well as in my hardware (internet-)firewall to make things work. So I am not so sure that the ExORPort is for local connections only as mentioned by Rodger (please let me know if I am wrong here).
This advice confuses ExtORPort (which is local) and ServerTransportListenAddr (which is used for obfs4).
T
On 10/15/18 11:49 PM, teor wrote:
The post contains conflicting advice.
Said that, is the following a good choice for a bridge? :
# torrc
RunAsDaemon 1
SocksPort 0 ControlPort 9051 ORPort auto BridgeRelay 1 Exitpolicy reject *:*
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
On 17 Oct 2018, at 02:38, Toralf Förster toralf.foerster@gmx.de wrote:
On 10/15/18 11:49 PM, teor wrote: The post contains conflicting advice.
Said that, is the following a good choice for a bridge? :
# torrc
RunAsDaemon 1
SocksPort 0 ControlPort 9051 ORPort auto BridgeRelay 1 Exitpolicy reject *:*
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
It seems fine to me. But you should run it, check the log for errors, and check that your bridge works.
T
tor-relays@lists.torproject.org
-
teor -
Toralf Förster