forked from netconstructor/flashproxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
125 lines (94 loc) · 4.95 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
== Quick start for users
You must have a version of Tor that supports pluggable transports. This
means version 0.2.3.2-alpha or later.
All the flashproxy programs and source code can be downloaded this way:
git clone https://git.torproject.org/flashproxy.git
But as a user you only need these files:
https://gitweb.torproject.org/flashproxy.git/blob_plain/HEAD:/flashproxy-client
https://gitweb.torproject.org/flashproxy.git/blob_plain/HEAD:/torrc
You must be able to receive TCP connections; unfortunately means that
you cannot be behind NAT. See the section "Using a public client
transport plugin" below to try out the system even behind NAT.
Run Tor using the included torrc file:
$ tor -f torrc
By default the transport plugin listens on Internet-facing TCP port
9000. If you have to use a different port (to get through a firewall,
for example), edit the ClientTransportPlugin line of the torrc to give a
different port number:
ClientTransportPlugin websocket exec ./flashproxy-client --register :0 :8888
If the flashproxy-client program is in a different directoy (after being
installed, for example), use the full path in the ClientTransportPlugin
line:
ClientTransportPlugin websocket exec /usr/local/bin/flashproxy-client --register
You should receive a flash proxy connection within about 60 seconds. See
"Troubleshooting" below if it doesn't work.
== Overview
This is a set of tools that make it possible to connect Tor through an
browser-based proxy running on another computer. The flash proxy can be
run just by opening a web page in a browser. Flash proxies are one of
several pluggable transports for Tor.
There are five main parts.
1. The Tor client, running on someone's localhost.
2. A client transport plugin, which is a program that waits for
connections from a flash proxy and connects them to the Tor client.
3. A flash proxy, which is a JavaScript program running in someone's web
browser.
4. A facilitator, which is a server that keeps a list of clients that
want a connection and assigns those addresses to proxies.
5. A Tor relay running a server transport plugin capable of receiving
WebSocket connections.
The purpose of this project is to create many ephemeral bridge IP
addresses, with the goal of outpacing a censor's ability to block them.
Rather than increasing the number of bridges at static addresses, we aim
to make existing bridges reachable by a larger and changing pool of
addresses.
== Demonstration page
This page has a description of the project; viewing it also turns your
computer into a flash proxy as long as the page is open.
http://crypto.stanford.edu/flashproxy/
== Using a public client transport plugin
Rather than running flashproxy-client on your computer, you can use a
public instance of it. This way is not as realistic because all your Tor
traffic will first go to a fixed address and can be easily blocked.
However this is an easy way to try out the system without having to do
port forwarding.
$ tor ClientTransportPlugin "websocket socks4 tor-facilitator.bamsoftware.com:9999" UseBridges 1 Bridge "websocket 0.0.1.0:1" LearnCircuitBuildTimeout 0 CircuitBuildTimeout 60
== Troubleshooting
Make sure someone is viewing http://crypto.stanford.edu/flashproxy/, or
another web page with a flash proxy badge on it.
You can add the --log option to the ClientTransportPlugin command line
in order to save debugging log messages.
If tor hangs at 10% with these messages:
[notice] Bootstrapped 10%: Finishing handshake with directory server.
[notice] no known bridge descriptors running yet; stalling
as a last resort you can try deleting the files in ~/.tor and
/var/lib/tor, and then restarting tor.
If tor apparently hangs here:
[notice] Bootstrapped 50%: Loading relay descriptors.
[notice] new bridge descriptor '...' (fresh)
wait a few minutes. It can take a while to download relay descriptors.
If you suspect that the facilitator has lost your client registration, you can
re-register:
$ flashproxy-reg-email
$ flashproxy-reg-http
== How to run a relay
The relay runs with a WebSocket proxy in external proxy mode.
$ git clone git://github.com/kanaka/websockify.git
$ git apply ~/flashproxy/patches/websockify-binary-default.patch
Install websockify as a daemon that will restart at boot. These
instructions are for CentOS 5.
$ cd websockify
$ git apply ~/flashproxy/patches/websockify-binary-default.patch
$ su
# cp websockify websocket.py /usr/local/bin
# useradd -d /dev/null -s /bin/false websockify
# mkdir /var/websockify
# chown -R websockify.websockify /var/websockify
# cp ~/flashproxy/init.d/websockify /etc/init.d/websockify
# chkconfig --add websockify
# service websockify start
Add this line to torrc to make the relay use the external proxy:
ServerTransportPlugin websocket proxy 127.0.0.1:9901
== How to put a flash proxy badge on a web page
Paste in this HTML where you want the badge to appear:
<iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="80" height="15" frameborder="0" scrolling="no"></iframe>