WebTunnel bridges: Work with Tor Browser, but doesn't work with core Tor

I try to understand how to use WebTunnel Bridges with command-line Tor.

I tried two WebTunnel bridges obtained here: Defend yourself against tracking and surveillance. Circumvent censorship. | Bridge Info, and they work perfectly with Tor Browser.

But if I try to use them with command-line Tor, they doesn’t work. My torrc:

UseBridges 1
ClientTransportPlugin meek_lite,obfs4,scramblesuit,webtunnel exec "/Applications/Tor Browser.app/Contents/MacOS/Tor/PluggableTransports/lyrebird"
Bridge webtunnel [2001:db8:a434:2cba:55cb:15a6:1ece:1374]:443 630AABF104AEF8CFEC9AADA366F1955A1F7054BF url=https:// ver=0.0.1
Bridge webtunnel [2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]:443 B55A418B4F30181ED304EB2698EE58D283BEE5BF url=https:// ver=0.0.1

This is the whole file, it consist of just 4 lines.

When I try to connect, I got this:

[notice] Bootstrapped 0% (starting): Starting
[notice] Starting with guard context "bridges"
[notice] Delaying directory fetches: No running bridges

Tor version 0.4.8.13. Tor is running on Darwin with Libevent 2.1.12-stable, OpenSSL 3.4.0, Zlib 1.2.12, Liblzma N/A, Libzstd N/A and Unknown N/A as libc. Tor compiled with clang version 16.0.0

Operating system: macOS Sonoma 14.7.1

Hello @jsx97, please hold on while we investigate this issue. We believe it’s not censorship-related.
Maybe macOS is blocking lyrebird from being launched from the terminal.

I also tried to replace

"/Applications/Tor Browser.app/Contents/MacOS/Tor/PluggableTransports/lyrebird"

with the path to the lyrebird executable from the Tor Expert Bundle instead:

/Users/jsx97/Downloads/tor-expert-bundle-macos-aarch64-14.0.4/tor/pluggable_transports/lyrebird

And it turns out it behaves somewhat differently.

It connects to 100%, though the blocked websites are nevertheless still blocked.

Jan 29 13:14:05.993 [notice] Tor 0.4.8.13 running on Darwin with Libevent 2.1.12-stable, OpenSSL 3.4.0, Zlib 1.2.12, Liblzma N/A, Libzstd N/A and Unknown N/A as libc.
Jan 29 13:14:05.993 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://support.torproject.org/faq/staying-anonymous/
Jan 29 13:14:05.993 [notice] Read configuration file "/opt/homebrew/etc/tor/torrc".
Jan 29 13:14:05.995 [notice] Opening Socks listener on 127.0.0.1:9050
Jan 29 13:14:05.995 [notice] Opened Socks listener connection (ready) on 127.0.0.1:9050
Jan 29 13:14:06.000 [warn] Cannot find maximum file descriptor, assuming: 256
Jan 29 13:14:06.000 [notice] Parsing GEOIP IPv4 file /opt/homebrew/Cellar/tor/0.4.8.13/share/tor/geoip.
Jan 29 13:14:06.000 [notice] Parsing GEOIP IPv6 file /opt/homebrew/Cellar/tor/0.4.8.13/share/tor/geoip6.
Jan 29 13:14:06.000 [notice] Bootstrapped 0% (starting): Starting
Jan 29 13:14:06.000 [notice] Starting with guard context "bridges"
Jan 29 13:14:06.000 [notice] Delaying directory fetches: No running bridges
Jan 29 13:14:06.000 [notice] Bridge 'nullfwt3122' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a434:2cba:55cb:15a6:1ece:1374]:443) based on the configured Bridge address.
Jan 29 13:14:06.000 [notice] new bridge descriptor 'nullfwt3122' (cached): $630AABF104AEF8CFEC9AADA366F1955A1F7054BF~nullfwt3122 [IyxBJiGMMXw5zYKF/97XnZD7zTbbliPr1/piZflDbmQ] at 209.135.170.154 and [2001:db8:a434:2cba:55cb:15a6:1ece:1374]
Jan 29 13:14:06.000 [notice] Bridge 'WTBrRNcgMOmCxy' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]:443) based on the configured Bridge address.
Jan 29 13:14:06.000 [notice] new bridge descriptor 'WTBrRNcgMOmCxy' (cached): $B55A418B4F30181ED304EB2698EE58D283BEE5BF~WTBrRNcgMOmCxy [9GW9bH4MaQGL66qpiXL1meCwiLpL6whXAXM9aSK8wWM] at 69.130.251.224 and [2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]
Jan 29 13:14:06.000 [notice] Bridge 'nullfwt3122' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a434:2cba:55cb:15a6:1ece:1374]:443) based on the configured Bridge address.
Jan 29 13:14:06.000 [notice] new bridge descriptor 'nullfwt3122' (cached): $630AABF104AEF8CFEC9AADA366F1955A1F7054BF~nullfwt3122 [IyxBJiGMMXw5zYKF/97XnZD7zTbbliPr1/piZflDbmQ] at 209.135.170.154 and [2001:db8:a434:2cba:55cb:15a6:1ece:1374]
Jan 29 13:14:06.000 [notice] Bridge 'WTBrRNcgMOmCxy' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]:443) based on the configured Bridge address.
Jan 29 13:14:06.000 [notice] new bridge descriptor 'WTBrRNcgMOmCxy' (cached): $B55A418B4F30181ED304EB2698EE58D283BEE5BF~WTBrRNcgMOmCxy [9GW9bH4MaQGL66qpiXL1meCwiLpL6whXAXM9aSK8wWM] at 69.130.251.224 and [2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]
Jan 29 13:14:07.000 [notice] Bridge 'nullfwt3122' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a434:2cba:55cb:15a6:1ece:1374]:443) based on the configured Bridge address.
Jan 29 13:14:07.000 [notice] Bridge 'WTBrRNcgMOmCxy' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]:443) based on the configured Bridge address.
Jan 29 13:14:07.000 [notice] Bootstrapped 1% (conn_pt): Connecting to pluggable transport
Jan 29 13:14:07.000 [notice] Bootstrapped 2% (conn_done_pt): Connected to pluggable transport
Jan 29 13:14:08.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay
Jan 29 13:14:08.000 [notice] Bootstrapped 14% (handshake): Handshaking with a relay
Jan 29 13:14:08.000 [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done
Jan 29 13:14:08.000 [notice] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits
Jan 29 13:14:08.000 [notice] Bootstrapped 95% (circuit_create): Establishing a Tor circuit
Jan 29 13:14:08.000 [notice] Bridge 'WTBrRNcgMOmCxy' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]:443) based on the configured Bridge address.
Jan 29 13:14:08.000 [notice] Bridge 'nullfwt3122' has both an IPv4 and an IPv6 address.  Will prefer using its IPv6 address ([2001:db8:a434:2cba:55cb:15a6:1ece:1374]:443) based on the configured Bridge address.
Jan 29 13:14:09.000 [notice] Bootstrapped 100% (done): Done

Happy to hear that you manage to connect using the expert bundle.

I wonder if this path or user permission for this file is correct:

"/Applications/Tor Browser.app/Contents/MacOS/Tor/PluggableTransports/lyrebird"

Bridges are only used as a substitute for a Tor guard relay. Using it do not change whether a website blocks Tor exit nodes.

Yes, the path to Tor lyrebird is correct. Now I have discovered that if I simply copy it to another directory, say /usr/local/bin, it works the same as Tor Expert Bundle lyrebird.

I don’t know why, but this is not very interesting from the practical side. What I want to understand is how to actually make it work. Currently, despite connection to Tor Network using WebTunnel is 100%, none of the websites that are blocked in my country work for me, including https://check.torproject.org/.

Maybe I should add HTTPProxy, HTTPSProxy, Socks4Proxy or Socks5Proxy line to my torrc? Or what?

what browser have you torified and how?

Safari for Mac 18.1.1.

To connect to the Tor Network, I open the Terminal app, type tor, and press the Return key.

My torrc consist of only 4 lines:

UseBridges 1
ClientTransportPlugin meek_lite,obfs4,scramblesuit,webtunnel exec /usr/local/bin/lyrebird
Bridge webtunnel [2001:db8:a434:2cba:55cb:15a6:1ece:1374]:443 630AABF104AEF8CFEC9AADA366F1955A1F7054BF url=https:// ver=0.0.1
Bridge webtunnel [2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]:443 B55A418B4F30181ED304EB2698EE58D283BEE5BF url=https:// ver=0.0.1

But after that you need to tell your browser to use tor.
We advice to use Tor Browser for this purpose

1 Like

You cannot torify Safari - you need a browser that supports SOCKS5 proxies, like FireFox.

But again - I would recommend you use Tor Browser instead

2 Likes

But after that you need to tell your browser to use tor.

If I undertood you correctly, by this you mean I need to enable SOCKS5 proxy?

You cannot torify Safari

Safari doesn’t provide a way to specify, enable, or disable SOCKS proxy, but I can specify, enable, or disable SOCKS proxy in macOS itself, either using GUI or using the command-line.

  • Using GUI: Safari > Settings > Advanced > Change Proxies (This opens the macOS System Settings window) > SOCKS Proxy > …
  • Using command-line: sudo networksetup setsocksfirewallproxy "Wi-Fi" 127.0.0.1 9050 && tor

After this, WebTunnel successfully opens blocked websites.

One last thing that I would happy to figure out:

Instead of using sudo networksetup setsocksfirewallproxy "Wi-Fi" 127.0.0.1 9050 && tor, I tried to add Socks5Proxy 127.0.0.1:9050 into my torrc. But then the connection stops at 2%. What I’m doing wrong?

UseBridges 1
ClientTransportPlugin meek_lite,obfs4,scramblesuit,webtunnel exec /usr/local/bin/lyrebird
Bridge webtunnel [2001:db8:a434:2cba:55cb:15a6:1ece:1374]:443 630AABF104AEF8CFEC9AADA366F1955A1F7054BF url=https:// ver=0.0.1
Bridge webtunnel [2001:db8:a379:1522:ea89:9c9d:59c8:1d5a]:443 B55A418B4F30181ED304EB2698EE58D283BEE5BF url=https:// ver=0.0.1
Socks5Proxy 127.0.0.1:9050
Jan 29 17:20:21.000 [notice] Bootstrapped 1% (conn_pt): Connecting to pluggable transport
Jan 29 17:20:21.000 [notice] Bootstrapped 2% (conn_done_pt): Connected to pluggable transport

Socks5Proxy option does not change OS-wide proxy settings.

Socks5Proxy host[:port]

Tor will make all OR connections through the SOCKS 5 proxy at host:port (or host:1080 if port is not specified).

Take a look at torrc manual:
https://manpages.debian.org/jessie/tor/torrc.5

2 Likes

I read this part in the manual, but to be honest it wasn’t clear to me this setting only defines which host and port to use. I assumed it will also enable the SOCKS proxy for the Tor process somehow (like, I suppose, Tor browser enables SOCKS proxy for itself).

So you mean the best avalable option is to add bash aliases?

alias tor_on='sudo networksetup setsocksfirewallproxy "Wi-Fi" 127.0.0.1 9050 && tor'
alias tor_off='sudo networksetup setsocksfirewallproxystate "Wi-Fi" off && killall tor'

This is exactly what I use currently, but I’m not completely happy with this because after stopping the process by pressing Control-C, I have to additionally type tor_off. Not really convenient. If I simply press Control-C without using the tor_off command, SOCKS proxy will prevent regular web browsing.

Try tor_on &, then you can type tor_off to restore proxy settings and kill Tor. After a job starts in the background, something like [job_id] pidwill be printed, fg job_id can move it into the foreground.

If I simply press Control-C without using the tor_off command, SOCKS proxy will prevent regular web browsing.

You could not browse web just because there was not a SOCKS server listening on 127.0.0.1:9050 ( Tor had been stopped ).

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.