我住在伊朗,我需要使用带有 obfs3 网桥的 tor,因此我分别执行以下任务:
apt-get install tor torsocks obfsproxy
我将这些行附加到 /etc/tor/torrc 的末尾
RunAsDaemon 0
UseBridges 1
Bridge obfs3 xxxxxxxxxxxxxxxxxxxx yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
Bridge obfs3 xxxxxxxxxxxxxxxxxxxx yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
Bridge obfs3 xxxxxxxxxxxxxxxxxxxx yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy --managed
然后我执行以下操作:
sudo systemctl start tor
sudo systemctl enable tor
root@KC:~/Downloads# systemctl status tor
● tor.service - Anonymizing overlay network for TCP (multi-instance-master)
Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
Active: active (exited) since Fri 2016-10-21 13:02:10 IRST; 3h 47min ago
Main PID: 5944 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
CGroup: /system.slice/tor.service
Oct 21 13:02:10 KC systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Oct 21 13:02:10 KC systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).
==========
root@KC:~/Downloads# journalctl _PID=5957
-- Logs begin at Thu 2016-10-20 22:16:49 IRST, end at Fri 2016-10-21 16:50:09 IRST. --
Oct 21 13:02:10 KC tor[5957]: Oct 21 13:02:10.909 [notice] Tor v0.2.8.8 (git-8d8a099454d994bd) running on Linux with Libevent 2.0.21-s
Oct 21 13:02:10 KC tor[5957]: Oct 21 13:02:10.909 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www
Oct 21 13:02:10 KC tor[5957]: Oct 21 13:02:10.909 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Oct 21 13:02:10 KC tor[5957]: Oct 21 13:02:10.909 [notice] Read configuration file "/etc/tor/torrc".
Oct 21 13:02:10 KC tor[5957]: Oct 21 13:02:10.913 [notice] Opening Socks listener on 127.0.0.1:9050
==========
root@KC:~/Downloads# journalctl _PID=5960
Oct 21 13:02:10 KC audit[5960]: AVC apparmor="DENIED" operation="exec" info="no new privs" error=-1 profile="system_tor" name="/usr/bin/obfsproxy" pid=5960 comm="tor" requested_mask="x" denied_mask="x" fsuid=125 ouid=0 target="/usr/bin/obfsproxy"
即使我省略添加到 /etc/tor/torrc 的行,“systemctl status tor”的结果也与上面的相同!
root@KC:~/Downloads# tail /etc/tor/torrc | tail
## RunAsDaemon 0
## UseBridges 1
## Bridge obfs3 xxxxxxxxxxxxxxxxxxxx yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
## Bridge obfs3 xxxxxxxxxxxxxxxxxxxx yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
## Bridge obfs3 xxxxxxxxxxxxxxxxxxxx yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
## ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy --managed
==========
systemctl restart tor
journalctl -a | tail -n 20
Oct 21 17:08:06 KC systemd[1]: Stopping Anonymizing overlay network for TCP (multi-instance-master)...
Oct 21 17:08:06 KC systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Oct 21 17:08:06 KC systemd[1]: Stopping Anonymizing overlay network for TCP...
Oct 21 17:08:06 KC systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).
Oct 21 17:08:06 KC systemd[1]: Stopped Anonymizing overlay network for TCP.
Oct 21 17:08:06 KC systemd[1]: Starting Anonymizing overlay network for TCP...
Oct 21 17:08:06 KC tor[8927]: Oct 21 17:08:06.685 [notice] Tor v0.2.8.8 (git-8d8a099454d994bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Oct 21 17:08:06 KC tor[8927]: Oct 21 17:08:06.685 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Oct 21 17:08:06 KC tor[8927]: Oct 21 17:08:06.685 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Oct 21 17:08:06 KC tor[8927]: Oct 21 17:08:06.685 [notice] Read configuration file "/etc/tor/torrc".
Oct 21 17:08:06 KC tor[8927]: Configuration was valid
Oct 21 17:08:06 KC tor[8930]: Oct 21 17:08:06.910 [notice] Tor v0.2.8.8 (git-8d8a099454d994bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Oct 21 17:08:06 KC tor[8930]: Oct 21 17:08:06.910 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Oct 21 17:08:06 KC tor[8930]: Oct 21 17:08:06.910 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Oct 21 17:08:06 KC tor[8930]: Oct 21 17:08:06.910 [notice] Read configuration file "/etc/tor/torrc".
Oct 21 17:08:06 KC tor[8930]: Oct 21 17:08:06.914 [notice] Opening Socks listener on 127.0.0.1:9050
Oct 21 17:08:06 KC audit[8931]: AVC apparmor="DENIED" operation="exec" info="no new privs" error=-1 profile="system_tor" name="/usr/bin/obfsproxy" pid=8931 comm="tor" requested_mask="x" denied_mask="x" fsuid=125 ouid=0 target="/usr/bin/obfsproxy"
Oct 21 17:08:06 KC kernel: audit: type=1400 audit(1477057086.920:79): apparmor="DENIED" operation="exec" info="no new privs" error=-1 profile="system_tor" name="/usr/bin/obfsproxy" pid=8931 comm="tor" requested_mask="x" denied_mask="x" fsuid=125 ouid=0 target="/usr/bin/obfsproxy"
Oct 21 17:08:07 KC systemd[1]: Started Anonymizing overlay network for TCP.
Oct 21 17:08:30 KC zeitgeist-datah[2486]: downloads-directory-provider.vala:120: Couldn't process /home/kave/Downloads/.swpx: Error when getting information for file '/home/kave/Downloads/.swpx': No such file or directory
=========
root@KC:~/Downloads# systemctl status tor
● tor.service - Anonymizing overlay network for TCP (multi-instance-master)
Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
Active: active (exited) since Fri 2016-10-21 17:11:22 IRST; 6s ago
Process: 8984 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 8984 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
CGroup: /system.slice/tor.service
我不明白问题是什么,但我确信问题的根源不是 obfs3 代理,正如我上面所证明的那样
答案1
我使用这个命令停止了 systemd 的 tor 单元
sudo systemctl stop tor.service
然后我运行了这个
kave@KC:/var/log/tor$ sudo tor
Oct 22 13:01:21.014 [notice] Tor v0.2.8.8 (git-8d8a099454d994bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Oct 22 13:01:21.014 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Oct 22 13:01:21.014 [notice] Read configuration file "/etc/tor/torrc".
Oct 22 13:01:21.019 [notice] Opening Socks listener on 127.0.0.1:9050
Oct 22 13:01:21.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Oct 22 13:01:21.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Oct 22 13:01:21.000 [warn] You are running Tor as root. You don't need to, and you probably shouldn't.
Oct 22 13:01:21.000 [notice] Bootstrapped 0%: Starting
Oct 22 13:01:21.000 [notice] new bridge descriptor 'PrivacyIsForPeople' (cached): $0EDFF2E6398BE110DCB7D057D9027D4194A4150D~PrivacyIsForPeople at x.x.x.x
Oct 22 13:01:21.000 [notice] new bridge descriptor 'A2E00CHI01' (cached): $F2670636CD9BD1DEBE6A276D82774CA1DE664FDF~A2E00CHI01 at y.y.y.y
Oct 22 13:01:21.000 [notice] new bridge descriptor 'A2E00BUF02' (cached): $472B0763DF08DC150EBCE6DA6FAC3E3507E6EA62~A2E00BUF02 at z.z.z.z
Oct 22 13:01:21.000 [notice] Delaying directory fetches: Pluggable transport proxies still configuring
Oct 22 13:01:23.000 [notice] Bootstrapped 5%: Connecting to directory server
Oct 22 13:01:23.000 [notice] Bootstrapped 10%: Finishing handshake with directory server
Oct 22 13:01:26.000 [notice] Bootstrapped 15%: Establishing an encrypted directory connection
Oct 22 13:01:26.000 [notice] Bootstrapped 20%: Asking for networkstatus consensus
Oct 22 13:01:27.000 [notice] Bootstrapped 25%: Loading networkstatus consensus
Oct 22 13:01:31.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Oct 22 13:01:31.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Oct 22 13:01:33.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Oct 22 13:01:33.000 [notice] Bootstrapped 100%: Done
Oct 22 13:01:54.000 [warn] Rejecting SOCKS request for anonymous connection to private address [scrubbed].
现在它起作用了!我想知道为什么这个效果很好!