Just to touch base on this, and to give a rough status of where things
are.
The tor codebase no longer includes the C tor-fw-helper as of:
d2cb92332009567ae778b3570e8fd3420c207446
Closes https://trac.torproject.org/projects/tor/ticket/13338
The new (Go based code) now lives at:
https://g
On 7/24/15, Yawning Angel wrote:
> On Fri, 24 Jul 2015 16:21:31 +
> Jacob Appelbaum wrote:
> [snip]
>> > At this point with all the resources available, I will guess that if
>> > the user needs something like tor-fw-helper, they probably have no
>> > idea what router firmware is.
>> >
>>
>> R
On 7/24/15, Yawning Angel wrote:
> ...
> I have less objections towards people using tor-fw-helper for bridges
> than for something like flashproxy or full fledged relays.
> ...
> IMO similar to relays with insufficient bandwidth, relays that can't
> connect to any other relay on demand as require
On Fri, 24 Jul 2015 16:21:31 +
Jacob Appelbaum wrote:
[snip]
> > At this point with all the resources available, I will guess that if
> > the user needs something like tor-fw-helper, they probably have no
> > idea what router firmware is.
> >
>
> Right - but why should they need to know? The
On 7/24/15, Yawning Angel wrote:
> On Thu, 23 Jul 2015 23:46:26 +
> Jacob Appelbaum wrote:
>
> [snip]
>> > Do users know that their router's implementation of NAT-PMP/uPnP is
>> > shit?
>>
>> Who knows better than the user? And who better than the user to take
>> an action and to learn it?
>
On 7/23/15, David Stainton wrote:
>> Why are we avoiding allowing users to make this choice because of the
>> above reasons? If a user wants to run a relay or a bridge, we should
>> make it easy. We don't answer the above questions when it is hard -
>> are we really off the hook there? It just see
On Thu, 23 Jul 2015 23:46:26 +
Jacob Appelbaum wrote:
[snip]
> > Do users know that their router's implementation of NAT-PMP/uPnP is
> > shit?
>
> Who knows better than the user? And who better than the user to take
> an action and to learn it?
At this point with all the resources available
On 7/23/15, Yawning Angel wrote:
> On Thu, 23 Jul 2015 19:18:34 +
> Jacob Appelbaum wrote:
>
>> Why are we avoiding allowing users to make this choice because of the
>> above reasons? If a user wants to run a relay or a bridge, we should
>> make it easy. We don't answer the above questions wh
On Tue, Jul 21, 2015 at 11:38:00AM -0400, Nick Mathewson wrote:
> Yawning's mail below reminds me: I am considering removing the C
> implementation of tor-fw-helper from the tor distribution, and recommending
> Yawning's pure-Go implementation instead. But before I do this, I'd like
> to get some
On Thu, 23 Jul 2015 12:50:29 -0700
David Stainton wrote:
> >> But we have a gigantic userbase, and playing "consumer router
> >> support technician" for all of the ones that ship with broken
> >> uPnP/NAT-PMP implementations does not fill me with warm fuzzy
> >> feelings.
> >
> > I think this is
On Thu, 23 Jul 2015 19:18:34 +
Jacob Appelbaum wrote:
> Why are we avoiding allowing users to make this choice because of the
> above reasons? If a user wants to run a relay or a bridge, we should
> make it easy. We don't answer the above questions when it is hard -
> are we really off the ho
> Why are we avoiding allowing users to make this choice because of the
> above reasons? If a user wants to run a relay or a bridge, we should
> make it easy. We don't answer the above questions when it is hard -
> are we really off the hook there? It just seems ridiculous.
Obviously NAT has destr
On 7/23/15, Yawning Angel wrote:
> On Thu, 23 Jul 2015 18:26:33 +
> Jacob Appelbaum wrote:
>
>> >> Also - does this mean that after many many years... that this new
>> >> version of tor-fw-helper be enabled by default at build time?
>> >> Pretty please? :-)
>> >
>> > Unlikely, AFAIK the gener
On Thu, 23 Jul 2015 18:26:33 +
Jacob Appelbaum wrote:
> >> Also - does this mean that after many many years... that this new
> >> version of tor-fw-helper be enabled by default at build time?
> >> Pretty please? :-)
> >
> > Unlikely, AFAIK the general plan was to have it as a separate
> > pac
It's probably for the best. The implementation of upnp and nat-pmp is
frequently done incorrectly. Many implementations simply break the fw
security or leak identifying information by enabling the feature. I
once saw a case which opened port 0 everytime upnp was used. Not
closed, or stealth, but op
>> Also - does this mean that after many many years... that this new
>> version of tor-fw-helper be enabled by default at build time? Pretty
>> please? :-)
>
> Unlikely, AFAIK the general plan was to have it as a separate package.
>
That is really a major bummer if so - we should be shipping this
On Thu, 23 Jul 2015 16:54:33 +
Jacob Appelbaum wrote:
> On 7/21/15, Nick Mathewson wrote:
> > Yawning's mail below reminds me: I am considering removing the C
> > implementation of tor-fw-helper from the tor distribution, and
> > recommending Yawning's pure-Go implementation instead. But be
On 7/21/15, Nick Mathewson wrote:
> Yawning's mail below reminds me: I am considering removing the C
> implementation of tor-fw-helper from the tor distribution, and recommending
> Yawning's pure-Go implementation instead. But before I do this, I'd like
> to get some sense of whether folks are sh
On Tue, Jul 21, 2015 at 11:56 AM, Yawning Angel wrote:
> On Tue, 21 Jul 2015 11:38:00 -0400
> Nick Mathewson wrote:
>
>> Yawning's mail below reminds me: I am considering removing the C
>> implementation of tor-fw-helper from the tor distribution, and
>> recommending Yawning's pure-Go implementat
On Tue, 21 Jul 2015 11:38:00 -0400
Nick Mathewson wrote:
> Yawning's mail below reminds me: I am considering removing the C
> implementation of tor-fw-helper from the tor distribution, and
> recommending Yawning's pure-Go implementation instead. But before I
> do this, I'd like to get some sense
Yawning's mail below reminds me: I am considering removing the C
implementation of tor-fw-helper from the tor distribution, and recommending
Yawning's pure-Go implementation instead. But before I do this, I'd like
to get some sense of whether folks are shipping tor-fw-helper today, or
using it in
21 matches
Mail list logo
