[tor-relays] (Announcement) WebTunnel, a new pluggable transport for bridges, now available for deployment

Mailing Lists tor-relays
1

Dear Tor relay operators,

We’re excited to announce WebTunnel, a new bridge pluggable transport (PT) for the Tor ecosystem. It is a censor resistant proxy that try to imitate HTTPS traffic, based on HTTPT research. We are currently operating a trial soft launch for WebTunnel, and encourage bridge operators to set up WebTunnel bridges to discover issues within the implementation of this new pluggable transport.

How it works

When connecting to a WebTunnel Bridge, the client send a http 1.1 upgrade request to the load balancer over an encrypted connection, like how WebSocket works. Thus, from an observator’s point of view, this process looks like a real websocket connection to the real website. If one ever try to connect to the fronting website, then what will be presented will be that fronting website. Without the full URL including the path, which the censor don’t know, it is very difficult to tell if a website hosts a WebTunnel by probing the HTTPS port.

Technical requirements

To set up a WebTunnel Bridge, you will need a self-hosted website, a domain under your control,a configurable load balancer, static IPv4, and environment to setup Tor Bridge to setup a WebTunnel Bridge. Docker or other container runtime is recommended to streamline setup process, but is not required.

The setup guide is available here: The Tor Project / Anti-censorship / Pluggable Transports / WebTunnel · GitLab

How to test and report issues

You can test the WebTunnel bridge by using themost recent version of Tor Browser Alpha. Currently, WebTunnel is only distributed over the HTTPS distributor(torrc setting:‘BridgeDistribution https’).

You can report issues on the Tor Project GitLab Anti-censorship group:
The Tor Project / Anti-censorship / Pluggable Transports / WebTunnel · GitLab.

Given that this new PT is only available now on Tor Browser Alpha, relay operators should not expect significant usage or a large number of users at the moment.

Please let us know if you encountered any difficulty with WebTunnel setup. Thanks for your contribution to the Tor ecosystem.

2 Likes
2

I tried getting a bridge line from
https://bridges.torproject.org/bridges/?transport=webtunnel
but it gave me an error: "It seems there was an error getting your
QRCode."

Are there just not enough bridges for the distributor to distribute yet?

···

On Thu, Jun 29, 2023 at 03:38:13PM +0100, Shelikhoo wrote:

How to test and report issues
-----------------------------

You can test the WebTunnel bridge by using the most recent version of Tor
Browser Alpha (Tor Project | Download Tor Browser Alpha). Currently,
WebTunnel is only distributed over the HTTPS distributor (torrc
setting:'BridgeDistribution https').

You can report issues on the Tor Project GitLab Anti-censorship group:
The Tor Project / Anti-censorship / Pluggable Transports / WebTunnel · GitLab.

Given that this new PT is only available now on Tor Browser Alpha, relay
operators should not expect significant usage or a large number of users at the
moment.

Please let us know if you encountered any difficulty with WebTunnel setup.
Thanks for your contribution to the Tor ecosystem.

_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

3

Quoting David Fifield (2023-06-29 19:35:31)

On Thu, Jun 29, 2023 at 03:38:13PM +0100, Shelikhoo wrote:
> How to test and report issues
> -----------------------------
>
> You can test the WebTunnel bridge by using the most recent version of Tor
> Browser Alpha (Tor Project | Download Tor Browser Alpha). Currently,
> WebTunnel is only distributed over the HTTPS distributor (torrc
> setting:'BridgeDistribution https').
>
> You can report issues on the Tor Project GitLab Anti-censorship group:
> The Tor Project / Anti-censorship / Pluggable Transports / WebTunnel · GitLab.
>
> Given that this new PT is only available now on Tor Browser Alpha, relay
> operators should not expect significant usage or a large number of users at the
> moment.
>
> Please let us know if you encountered any difficulty with WebTunnel setup.
> Thanks for your contribution to the Tor ecosystem.

I tried getting a bridge line from
https://bridges.torproject.org/bridges/?transport=webtunnel
but it gave me an error: "It seems there was an error getting your
QRCode."

Are there just not enough bridges for the distributor to distribute yet?

Yes, there are very few bridges, so depending on your IP address you might not
get any. There is also a bug that requires you to click on 'Do you need IPv6
address?', as webtunnel bridges claim to have IPv6 addresses bridgedb. But the
fix is already in its way, I hope will be delpoyed soon:
  Use IPv6 for webtunnel bridges (!56) · Merge requests · The Tor Project / Anti-censorship / BridgeDB · GitLab

--
meskio | https://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
My contact info: https://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
tor-relays Info Page