On Sat, Feb 15, 2014 at 6:44 AM, Delton Barnes delton.bar...@mail.ruwrote:
Upon upgrading obfsproxy to 0.2.6 and Tor to 0.2.5.1-alpha-dev
(git-f63b394d90583b77+96972c4) for scramblesuit, I got this in the Tor log:
Feb 15 04:40:03.000 [notice] We are a bridge with a pluggable transport
proxy but the Extended ORPort is disabled. The Extended ORPort helps Tor
communicate with the pluggable transport proxy. Please enable it using
the ExtORPort torrc option.
How should this be set? What does it do? I saw some web pages
suggesting ExtORPort 6699 for statistics-gathering purposes.
I personally think there should be some kind of notice (or it should be
more verbose) for obfsproxy bridge operators who are upgrading to the
newest obfsproxy, telling them to enable ExtORPort and so on. That notice
should include instructions how to do this, which is very simple (assuming
obfsproxy bridge operators are already familiar with torrc):
You just need to add one line to your torrc:
ExtORPort some_unused_port
so for example
ExtORPort 6699
If obfsproxy is already running, it's probably best to then simply restart
tor (vs. just reloading, that is, 'sudo service tor reload' or 'sudo
killall -HUP tor'). Tor will start listening to that port, and will
automatically inform obfsproxy (upon starting it) to use this port for
communication.
What does it do?
As far as I understand it, ExtORPort tells tor to open a local-only (bound
to localhost) socket for getting information from / communicating with
obfsproxy (the pluggable transport proxy executable); i.e. the only
communication that happens through this port is between tor and obfsproxy.
Information exchanged includes statistics about obfsproxy bridge users
(such as the number of users coming from a specific country and the number
of users per each pluggable transport). Tor then aggregates this data
(rounding up to a number, etc.) in a way that makes sure it is anonymized /
cannot be used by anyone attempting to pinpoint users of this specific
bridge and so on.
You can e.g. look up some statistics that come from this kind of reporting
on the Tor Metrics portal.[1] (the actual numbers are probably
significantly different from what is currently shown; hence the need for
more bridges with ExtORPort enabled.
I may have misunderstood something, though. But in any case, it's best if
you just include a ExtORPort some_port line in your torrc - that should
be enough.
[1]: e.g. obfs3 transport users:
https://metrics.torproject.org/users.html?graph=userstats-bridge-transportstart=2013-11-17end=2014-02-15transport=obfs3#userstats-bridge-transport
--
Kostas.
0x0e5dce45 @ pgp.mit.edu
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
