Hello everyone, how can I configure snowflake or webtunnel on my server just for myself?
With a webtunnel bridge it should be possible if you set
PublishServerDescriptor 0
in your torrc.
General setup instructions: Tor Project | WebTunnel Bridge
Thx. WebTunnel a bit hard to set up, snowflake is easier, but does snowflake support a bridge for only one user?
No, this feature is not supported.
Can this be added?
It seems the Anti-censorship Team won’t work on this feature:
There is an option of deploying the entire snowflake system (broker, proxy, bridge+snowflake), but it seems a lot of manual work.
In your case, I believe deploying a private obfs4 or webtunnel bridge is easier.
Ok, I set up webtunnel, I think. It was easier than it first seemed. But is there a manual that I need to write in the local torrc file to connect via webtunnel?
You need to compile the WebTunnel client and use this torrc:
UseBridges 1
DataDirectory datadir
## change the path to your WebTunnel client /home/user/webtunnel/client
ClientTransportPlugin webtunnel exec ./client
## add your WebTunnel bridge line
Bridge webtunnel 192.0.2.3:1 url=https://akbwadp9lc5fyyz0cj4d76z643pxgbfh6oyc-167-71-71-157.sslip.io/5m9yq0j4ghkz0fz7qmuw58cvbjon0ebnrsp0
SocksPort auto
#Log info
Reference:
Omg…
I always wondered why not put out a ready-made program, why does the user need to compile something? In general, I expected to see a ready-made client in the TOR Browser folder.
I complied git clone https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel.git
git clone https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel/-/tree/main/main/client
didn’t work.
Then cd webtunnel/main/client
Then go build
Then sudo cp client /usr/local/bin/webtunnel
The resulting file does not run on Windows.
What’s next?
Ops, if compiling is an issue, you can download and use Tor Expert Bundle:“The tor expert bundle contains the tor and pluggable transports binaries, bridge strings, and geoip data used in Tor Browser.”
In your torrc, instead of executing “webtunnel-client.exe”, you’ll need to change to use lyrebird, which is a binary containing obfs4, webtunnel and other PTs clients.
It will look like something like this:
UseBridges 1
DataDirectory datadir
ClientTransportPlugin meek_lite,obfs2,obfs3,obfs4,scramblesuit,webtunnel exec c:\tor\pluggable_transports\lyrebird.exe
Bridge webtunnel 192.0.2.3:1 url=https://akbwadp9lc5fyyz0cj4d76z643pxgbfh6oyc-167-71-71-157.sslip.io/5m9yq0j4ghkz0fz7qmuw58cvbjon0ebnrsp0
SocksPort auto
Now, it totally works! Plus, it works faster than Snowflake. Thank you very much!
It looks like a mistake here: Tor Project | Compile and run WebTunnel from the source
webtunnel 10.0.0.2:443 FINGERPRINT url=https://yourdomain/path
I did according to your example:
Bridge webtunnel 192.0.2.3:1 url=https://qw.er.ty/secretpath
Without FINGERPRINT
Another question is whether you need to somehow configure the BridgeDistribution
parameter? Now it is not in my torrc on the server. I have configured only PublishServerDescriptor 0
and my bridge is not published. I’m fine with that.
And yet, I executed sudo journalctl -e -u tor@default
, and in the output of the log:
Managed proxy "/usr/local/bin/webtunnel" wrote a STATUS line without TRANSPORT: "TYPE=version IMPLEMENTATION=\"webtunnel\" VERSION=\"0.0.1\""
What to do about it?