[tor-relays] Protecting the bridge port from active probes
Roger Dingledine
arma at torproject.org
Sat Mar 30 22:02:32 UTC 2019
On Sat, Mar 30, 2019 at 08:44:45PM +0000, Alexander Nasonov wrote:
> This works for me:
>
> AssumeReachable 1
> PublishServerDescriptor 0
> ORPort PUBLIC-IP:2345 NoListen
> ORPort 127.0.0.1:2345 NoAdvertise
> ExtORPort 127.0.0.1:3456 # you can try auto
> ServerTransportListenAddr obfs4 PUBLIC-IP:4567
> ServerTransportPlugin obfs4 exec /path/to/obfs4proxy
You probably also want a "BridgeRelay 1" in there too. That will help
make sure you fetch appropriate directory information in order to have
it available for users of your bridge. And depending on your Tor version,
it will also make sure that your exit policy is reject *:*. (Not that
bridge clients should be trying to exit from you, but you want to make
sure that they don't succeed if for some reason they try :)
--Roger
More information about the tor-relays
mailing list