Proposed student project
Roger Dingledine
arma at mit.edu
Mon Sep 15 18:25:21 UTC 2008
On Mon, Sep 15, 2008 at 02:12:12PM -0400, Chris Akins wrote:
> The basic idea
> is to build a zero-configuration Tor relay in hardware that sits between the
> home user's router and their computer. Two plugs: one to the outside world,
> one to the computer.
Two thoughts come to mind immediately. First, you will want to use
Tor's transparent proxy interface with iptables / pf:
https://wiki.torproject.org/noreply/TheOnionRouter/TransparentProxy
You might like Incognito's firewall rules:
https://svn.torproject.org/svn/incognito/trunk/root_overlay/var/lib/iptables/rules-save
For the software side, you should look at coderman's draft thoughts on
a self-contained Tor in a VM:
https://svn.torproject.org/svn/torvm/trunk/doc/design.html
Second, if you want this Tor to be able to act as a relay too (aka a Tor
server), it will need some non-trivial hardware. Exactly what hardware is
needed is an open question, and worth exploring more. The Tor software
development process seems to have cycles where we 1) accidentally cause
Tor to use too many resources, then 2) fix that, then go back to 1.
So some versions of Tor are much more friendly, cpu and memory wise,
than others. The current 0.2.1.5-alpha version is quite good I believe.
> The relay would automatically handle all the configuration details, and
> render interception almost impossible, barring subversion of the target
> machine.
You may find that some config details, like how much rate limiting the
user wants to put in place, are hard to guess automatically.
--Roger
More information about the tor-talk
mailing list