Obsf4 handshake failed: EOF

PacsoT · December 6, 2023, 1:38pm

Hi!

Semi- newbie here. I try to operate a obfs4 bridge on an old single core laptop running the current FreeBSD, and I am getting mixed results.

First of all: I do not have a fixed IPv4 address. My ISP rotates my address every couple days. I know that I will never get the stable flag, but is it good for the network that I operate a bridge this way?

Second of all:
My bridge advertises it’s bandwidth around 1MiB/s. However I do not have any throttling on the line, It could easily do the 100Mbit/s line speed that the laptop has.
If I don’t get the stable flag, Will I only get 1-2-3 clients a day to serve?

And Third:
After a few days, of moderate use, and observing a few unique clients, the OBSF4 log starts to fill up with these lines:

2023/12/06 03:16:04 [INFO]: obfs4([scrubbed]:14798) - new connection
2023/12/06 03:16:06 [WARN]: obfs4([scrubbed]:14798) - handshake failed: read: read: connection reset by peer
2023/12/06 03:16:16 [INFO]: obfs4([scrubbed]:12514) - new connection
2023/12/06 03:16:17 [WARN]: obfs4([scrubbed]:12514) - handshake failed: read: read: connection reset by peer
2023/12/06 03:16:27 [INFO]: obfs4([scrubbed]:16100) - new connection
2023/12/06 03:16:29 [WARN]: obfs4([scrubbed]:16100) - handshake failed: read: read: connection reset by peer
2023/12/06 06:56:21 [INFO]: obfs4([scrubbed]:63608) - new connection
2023/12/06 06:56:31 [WARN]: obfs4([scrubbed]:63608) - handshake failed: EOF
2023/12/06 08:59:01 [INFO]: obfs4([scrubbed]:35076) - new connection
2023/12/06 08:59:04 [WARN]: obfs4([scrubbed]:35076) - handshake failed: EOF

And soon after my bridge goes offline:

obfs4: dysfunctional
  Bandwidth Ratio: 1.457227
  Error: timed out waiting for bridge descriptor

Do you happen to have any advice where to start looking?

PacsoT · December 22, 2023, 11:41am

I mean, I get it. If you want to host anything regarding TOR, you need to know your shit, but the complete lack of responses on this forum is quite discouraging.

Not a single moderator, or tor developer can’t chime in? Where is everyone?

gus · December 22, 2023, 12:02pm

Hello @PacsoT,
Apologies for the late response.

The “stable” flag is not the biggest issue. The issue here is the bridge distributor user experience. Every time a bridge updates its IP address, users are required to obtain a new bridge via bridge distributors such as moat, telegram, email, https, etc. Because of that, it’s very likely that you won’t see a lot of users if your bridge changes the IP very often.

If you would like to help more users, please consider running a Tor snowflake standalone proxy. I believe @egypcio has packed snowflake for FreeBSD, which you can install by running pkg install snowflake-tor.
Alternatively, you have the option to build it from the source or deploy it as a Docker container. More information and instructions can be found at the Tor Community portal: Tor Project | Standalone Snowflake proxy.

Could you upgrade your bridge tor version? I see it’s running Tor 0.4.8.5 on FreeBSD.
And please check your obfs4 version, maybe you’re running an old obfs4proxy package.

Finally, have you tried to connect to your bridge using Tor Browser? Did it work?

PacsoT · February 3, 2024, 5:00pm

Thank you gus for the kind help. As it turns out a new FreeBsd major release is out, so I’ll just rebuild the laptop from scratch.
I found some other nasty log entries that I couldn’t find any useful info on it, so I switched to operating a simple Guards / middle relay for the time being.

Bridge 50B46DFFFFFFFFFFFFFFFFFFPENISFFFFFFFFAF3C7 advertises:

* vanilla: functional
  Last tested: 2024-02-03 04:35:41.584618348 +0000 UTC (11h37m0.999742638s ago)

Thank you for the help, I’ll report back if I end up updating the current obfs4 proxy.