[tor-talk] Tor transparent proxy implementation on Windows

[Lee Fisher]

On 12/22/11 4:28 AM, andrew at torproject.org wrote:
> https://svn.torproject.org/svn/torvm/trunk/doc/design.html.

I realize there are many reasons why a VM-based solution is useful, 
compared to a native solution.

However, this statement is incorrect:

"This is important in a Windows environment where capabilities like 
Linux(R) netfilter or BSD(R) packet filter do not exist."

The WFP (Windows Filtering Platform) driver model has these 
capabilities. WFP deprecates the older TDI and NDIS solutions, which 
also had these capabilities. Granted, the command line interface to the 
early Windows Firewall didn't match iptables, but these days it does. 
But the OS interface to do transparent proxying has been in NT for 
decades, first with TDI and NDIS, now with WFP.

I also am confused by modern LibEvent performance and this comment:

"For Windows platforms offloading the TCP session intensive Tor process 
to a Linux guest with edge triggered IO can significantly improve the 
performance of Tor and eliminate socket buffer problems."

Is it really a performance increase to use add: VirtualBox or QEmu (N 
components), a second OS (N components), WinPCap, and the OpenVPN 
TAP-Win32 driver to the solution? I would have thought a single WFP (or 
TDI or NDIS) driver would be improve the performance more than running a 
VM with a second OS and using TAP to talk to the virtual OS Linux network.

Is the current Windows implementation of LibEvent still that 
performance-challenged? I thought Nick and other [GSoC] LibEvent 
contributers have improved LibEvent to be a "first class citizen" on 
Windows, and have reasonably performance event implementation these 
years? Didn't the GSoC update include modern WinSock2/WinNT async model, 
and wasn't that helpful over the original WinSock1/Win9x model, for perf?

The document also as a broken URL pointer (HTTP 404):
http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy