2023-03-02 15:15:55.247 [NOTICE] New control connection opened from 127.0.0.1. 2023-03-02 15:15:55.248 [NOTICE] New control connection opened from 127.0.0.1. 2023-03-02 15:15:55.249 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. 2023-03-02 15:15:55.252 [NOTICE] Opening Socks listener on 127.0.0.1:9150 2023-03-02 15:15:55.252 [NOTICE] Opened Socks listener connection (ready) on 127.0.0.1:9150 2023-03-02 15:15:55.252 [WARN] Cannot find maximum file descriptor, assuming: 256 2023-03-02 15:15:56.265 [NOTICE] Bootstrapped 1% (conn_pt): Connecting to pluggable transport 2023-03-02 15:15:56.265 [NOTICE] Bootstrapped 2% (conn_done_pt): Connected to pluggable transport 2023-03-02 15:15:56.267 [NOTICE] Bootstrapped 10% (conn_done): Connected to a relay
注意观察这个日志中的 Opening Socks listener on 127.0.0.1:9150;这个就是我们要找的Socks5代理地址。
Mar 03 09:36:49.721 [notice] Tor 0.4.4.6 (git-2a8b789ea6f308d0) running on Darwin with Libevent 2.1.11-stable, OpenSSL 1.1.1i, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A. Mar 03 09:36:49.721 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Mar 03 09:36:49.722 [notice] Read configuration file “/Users/carlzeng/WebstormProjects/snowflake/client/torrc”. Mar 03 09:36:49.723 [warn] Path for DataDirectory (datadir) is relative and will resolve to /Users/carl/WebstormProjects/snowflake/client/datadir. Is this what you wanted? Mar 03 09:36:49.724 [notice] Opening Socks listener on 127.0.0.1:0 Mar 03 09:36:49.724 [notice] Socks listener listening on port 62501. Mar 03 09:36:49.724 [notice] Opened Socks listener on 127.0.0.1:62501 Mar 03 09:36:49.000 [warn] Cannot find maximum file descriptor, assuming: 256 Mar 03 09:36:49.000 [notice] Bootstrapped 0% (starting): Starting Mar 03 09:36:49.000 [notice] Starting with guard context “bridges” Mar 03 09:36:49.000 [notice] Delaying directory fetches: No running bridges Mar 03 09:36:50.000 [notice] Bootstrapped 1% (conn_pt): Connecting to pluggable transport Mar 03 09:36:50.000 [notice] Bootstrapped 2% (conn_done_pt): Connected to pluggable transport Mar 03 09:36:50.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay Mar 03 09:36:56.000 [notice] Managed proxy “./client”: offer created 。。。。 Mar 03 09:41:57.000 [notice] Bootstrapped 100% (done): Done
慢慢等待1-5分钟,一直等到 Mar 03 09:41:57.000 [notice] Bootstrapped 100% (done): Done
# This file assists operators in (re-)deploying an obfs4 bridge Docker # container. You need the tool 'docker-compose' to use this file. You # can find it in the Debian package 'docker-compose'. # # First, you need to create a configuration file, ".env", in the same directory # as this file, "docker-compose.yml". Add the following environment variables # to this configuration file. EMAIL is your email address; OR_PORT is your # onion routing port; and PT_PORT is your obfs4 port: # # EMAIL=you@example.com # OR_PORT=XXX # PT_PORT=XXX # # If needed, you can also activate there an additional variables processing with: # # OBFS4_ENABLE_ADDITIONAL_VARIABLES=1 # # followed by defining desired torrc entries prefixed with OBFS4V_ # For example: # # OBFS4V_AddressDisableIPv6=1 # # Next, pull the Docker image, by running: # # docker-compose pull obfs4-bridge # # And finally, to (re-)deploy the container, run: # # docker-compose up -d obfs4-bridge
version:"3.4" services: obfs4-bridge: image:thetorproject/obfs4-bridge:latest networks: -obfs4_bridge_external_network environment: # Exit with an error message if OR_PORT is unset or empty. -OR_PORT=${OR_PORT:?EnvvarOR_PORTisnotset.} # Exit with an error message if PT_PORT is unset or empty. -PT_PORT=${PT_PORT:?EnvvarPT_PORTisnotset.} # Exit with an error message if EMAIL is unset or empty. -EMAIL=${EMAIL:?EnvvarEMAILisnotset.} # Nickname with default value: "DockerObfs4Bridge" -NICKNAME=${NICKNAME:-DockerObfs4Bridge} env_file: -.env volumes: -data:/var/lib/tor ports: -${OR_PORT}:${OR_PORT} -${PT_PORT}:${PT_PORT} restart:unless-stopped
# Set required variables OR_PORT=9099 PT_PORT=9050 EMAIL=ame@apple.com # If you want, you could change the nickname of your bridge #NICKNAME=DockerObfs4Bridge # If needed, activate additional variables processing #OBFS4_ENABLE_ADDITIONAL_VARIABLES=1 # and define desired torrc entries prefixed with OBFS4V_ # For example: #OBFS4V_AddressDisableIPv6=1
docker-compose up WARN[0000] /root/obfs4-bridge/docker-compose.yaml: `version` is obsolete [+] Running 15/15 ✔ obfs4-bridge Pulled 39.3s ✔ 04857b38bc21 Pull complete 5.2s ✔ e5bfec8939cb Pull complete 1.6s ✔ 5f68de6710c4 Pull complete 1.8s ✔ b60093912f91 Pull complete 3.2s ✔ ab018a71dd54 Pull complete 5.0s ✔ 3b96c9cd7341 Pull complete 7.1s ✔ 399de59d9384 Pull complete 9.4s ✔ 1fd06b5f7332 Pull complete 6.8s ✔ 9632961b9f45 Pull complete 9.2s ✔ 8887d261ae57 Pull complete 8.7s ✔ 702c64636d8d Pull complete 10.3s ✔ 0c8449df639a Pull complete 10.7s ✔ 5f1156e46d38 Pull complete 11.3s ✔ dbc5b9df9780 Pull complete 12.0s [+] Running 2/1 ✔ Network obfs4-bridge_obfs4_bridge_external_network Created 0.1s ✔ Volume "tor-datadir-9099-9050" C... 0.0s ⠋ Container obfs4-bridge-obfs4-bridge-1 Created 0.0s Attaching to obfs4-bridge-1 obfs4-bridge-1 | Using NICKNAME=DockerObfs4Bridge, OR_PORT=9099, PT_PORT=9050, and EMAIL=ame@apple.com. obfs4-bridge-1 | Starting tor. obfs4-bridge-1 | May 21 04:44:00.842 [notice] Tor 0.4.8.14 running on Linux with Libevent 2.1.12-stable, OpenSSL 3.0.15, Zlib 1.2.13, Liblzma 5.4.1, Libzstd 1.5.4 and Glibc 2.36 as libc. obfs4-bridge-1 | May 21 04:44:00.842 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://support.torproject.org/faq/staying-anonymous/ obfs4-bridge-1 | May 21 04:44:00.842 [notice] Read configuration file "/etc/tor/torrc". obfs4-bridge-1 | May 21 04:44:00.843 [notice] Based on detected system memory, MaxMemInQueues is set to 6296 MB. You can override this by setting MaxMemInQueues by hand. obfs4-bridge-1 | May 21 04:44:00.843 [notice] Opening OR listener on 0.0.0.0:9099 obfs4-bridge-1 | May 21 04:44:00.843 [notice] Opened OR listener connection (ready) on 0.0.0.0:9099 obfs4-bridge-1 | May 21 04:44:00.843 [notice] Opening OR listener on [::]:9099 obfs4-bridge-1 | May 21 04:44:00.843 [notice] Opened OR listener connection (ready) on [::]:9099 obfs4-bridge-1 | May 21 04:44:00.843 [notice] Opening Extended OR listener on 127.0.0.1:0 obfs4-bridge-1 | May 21 04:44:00.843 [notice] Extended OR listener listening on port 44627. obfs4-bridge-1 | May 21 04:44:00.843 [notice] Opened Extended OR listener connection (ready) on 127.0.0.1:44627 obfs4-bridge-1 | May 21 04:44:00.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. obfs4-bridge-1 | May 21 04:44:00.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. obfs4-bridge-1 | May 21 04:44:01.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now. obfs4-bridge-1 | May 21 04:44:01.000 [notice] You are running a new relay. Thanks for helping the Tor network! If you wish to know what will happen in the upcoming weeks regarding its usage, have a look at https://blog.torproject.org/lifecycle-of-a-new-relay obfs4-bridge-1 | May 21 04:44:01.000 [notice] It looks like I need to generate and sign a new medium-term signing key, because I don't have one. To do that, I need to load (or create) the permanent master identity key. If the master identity key was not moved or encrypted with a passphrase, this will be done automatically and no further action is required. Otherwise, provide the necessary data using 'tor --keygen' to do it manually. obfs4-bridge-1 | May 21 04:44:01.000 [notice] Your Tor server's identity key fingerprint is 'DockerObfs4Bridge F22790FB5078D507920743B6D6' obfs4-bridge-1 | May 21 04:44:01.000 [notice] Your Tor bridge's hashed identity key fingerprint is 'DockerObfs4Bridge 811EBA87EE1ACE2893140B5AC' obfs4-bridge-1 | May 21 04:44:01.000 [notice] Your Tor server's identity key ed25519 fingerprint is 'DockerObfs4Bridge YlsH1QKdRNwX70+dDrHQHBoUDDWRMo' obfs4-bridge-1 | May 21 04:44:01.000 [notice] You can check the status of your bridge relay at https://bridges.torproject.org/status?id=811EBA87EE1ACE2893140 obfs4-bridge-1 | May 21 04:44:01.000 [notice] Bootstrapped 0% (starting): Starting obfs4-bridge-1 | May 21 04:44:01.000 [notice] Starting with guard context "default" obfs4-bridge-1 | May 21 04:44:01.000 [notice] Registered server transport 'obfs4' at '[::]:9050' obfs4-bridge-1 | May 21 04:44:02.000 [notice] Unable to find IPv4 address for ORPort 9099. You might want to specify IPv6Only to it or set an explicit address or set Address. obfs4-bridge-1 | May 21 04:44:02.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
obfs4-bridge-1 | May 21 04:48:18.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Connection timed out; TIMEOUT; count 10; recommendation warn; host FA3EC05000800EB7C4 at 94.142.140.158:443) obfs4-bridge-1 | May 21 04:48:18.000 [warn] 9 connections have failed: obfs4-bridge-1 | May 21 04:48:18.000 [warn] 9 connections died in state connect()ing with SSL state (No SSL object) ....
NAT设置 端口转发
Internet‘s 9050 至 docker机的9050
Internet‘s 9059 至 docker机的9099
错误排除
Unable to find IPv4 address for ORPort 9099. You might want to specify IPv6Only to it or set an explicit address or set Address.
1
May 22 08:57:23.000 [notice] Unable to find IPv4 address for ORPort 9099. You might want to specify IPv6Only to it or set an explicit address or set Address.
obfs4-bridge-1 | May 21 07:57:46.000 [notice] Unable to find IPv4 address for ORPort 9099. You mi ght want to specify IPv6Only to it or set an explicit address or set Address.
Ah yes. It's indeed forwarded. Good to know it's normal behavior. I saw multiple posts online like this reddit Post as well.. Maybe we should say this message is normal in most cases, especially a machine behind a nat. After all, it confuses me. As if I was doing something wrong.
version:"3.4" services: obfs4-bridge: image:thetorproject/obfs4-bridge:latest networks: -obfs4_bridge_external_network environment: # Exit with an error message if OR_PORT is unset or empty. -OR_PORT=${OR_PORT:?EnvvarOR_PORTisnotset.} # Exit with an error message if PT_PORT is unset or empty. -PT_PORT=${PT_PORT:?EnvvarPT_PORTisnotset.} # Exit with an error message if EMAIL is unset or empty. -EMAIL=${EMAIL:?EnvvarEMAILisnotset.} # Nickname with default value: "DockerObfs4Bridge" -NICKNAME=${NICKNAME:-DockerObfs4Bridge} -HTTP_PROXY=http://192.168.6.116:7890 -HTTPS_PROXY=http://192.168.6.116:7890 env_file: -.env ....
May 22 14:31:51.242 [warn] Failed to parse/validate config: Unknown option ‘TOR_PT_PROXY’. Failing.
看来torrc 中不能设置TOR_PT_PROXY; 导致整个docker无法启动
修改obfs4 为 meek_lite
也失败了; 错误:
1 2 3 4 5 6 7 8
May 22 14:34:23.000 [notice] Starting with guard context "default" May 22 14:34:23.000 [warn] Server managed proxy encountered a method error. (meek_lite server not supported) May 22 14:34:23.000 [warn] Managed proxy '/usr/bin/lyrebird' was spawned successfully, but it didn't launch any pluggable transport listeners! May 22 14:34:24.000 [notice] Unable to find IPv4 address for ORPort 9099. You might want to specify IPv6Only to it or set an explicit address or set Address. May 22 14:34:24.000 [notice] Bootstrapped 5% (conn): Connecting to a relay May 22 14:38:31.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (No route to host; NOROUTE; count 8; recommendation warn; host B6526852EF18FB54BC91437B54055D16FD581898 at 176.198.159.33:9001) May 22 14:38:31.000 [warn] 7 connections have failed:
/usr/local/bin/start-tor.sh: line 25: /etc/tor/torrc: Permission denied Starting tor.
My internet connection requires an HTTP or SOCKS Proxy
If you’re using Tor Browser, you can set your proxy’s address, port, and authentication information in the Connection Settings.
If you’re using Tor another way, you can set the proxy information in your torrc file. Check out the HTTPSProxy config option in the manual page. If your proxy requires authentication, see the HTTPSProxyAuthenticator option. Example with authentication:
/usr/local/bin/start-tor.sh: line 25: /etc/tor/torrc: Permission denied Starting tor. May 23 08:10:42.437 [notice] Tor 0.4.8.14 running on Linux with Libevent 2.1.12-stable, OpenSSL 3.0.15, Zlib 1.2.13, Liblzma 5.4.1, Libzstd 1.5.4 and Glibc 2.36 as libc. May 23 08:10:42.437 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://support.torproject.org/faq/staying-anonymous/ May 23 08:10:42.437 [notice] Read configuration file "/etc/tor/torrc". May 23 08:10:42.438 [notice] Based on detected system memory, MaxMemInQueues is set to 6296 MB. You can override this by setting MaxMemInQueues by hand. May 23 08:10:42.439 [notice] Opening OR listener on 0.0.0.0:9099 May 23 08:10:42.439 [notice] Opened OR listener connection (ready) on 0.0.0.0:9099 May 23 08:10:42.439 [notice] Opening OR listener on [::]:9099 May 23 08:10:42.439 [notice] Opened OR listener connection (ready) on [::]:9099 May 23 08:10:42.439 [notice] Opening Extended OR listener on 127.0.0.1:0 May 23 08:10:42.439 [notice] Extended OR listener listening on port 45571. May 23 08:10:42.439 [notice] Opened Extended OR listener connection (ready) on 127.0.0.1:45571 May 23 08:10:42.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. May 23 08:10:42.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. May 23 08:10:42.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now. May 23 08:10:43.000 [notice] Your Tor server's identity key fingerprint is 'DockerObfs4Brg2025 BB46A33E093FAB4F48F2F8B433E51E38320DA462' May 23 08:10:43.000 [notice] Your Tor bridge's hashed identity key fingerprint is 'DockerObfs4Brg2025 20A3E084775ECB102401250C53F8E064D6EDA5FA' May 23 08:10:43.000 [notice] Your Tor server's identity key ed25519 fingerprint is 'DockerObfs4Brg2025 GExPVxdmowxMdpW3Erl8HQQbdPhyzjxpEqhJJ7BuZEE' May 23 08:10:43.000 [notice] You can check the status of your bridge relay at https://bridges.torproject.org/status?id=20A3E084775ECB102401250C53F8E064D6EDA5FA May 23 08:10:43.000 [notice] Bootstrapped 0% (starting): Starting May 23 08:10:43.000 [notice] Starting with guard context "default" May 23 08:10:43.000 [warn] Managed proxy '/usr/bin/lyrebird' did not configure the specified outgoing proxy and will be terminated. May 23 08:10:43.000 [warn] Managed proxy "N/A" process terminated with status code 0 May 23 08:10:44.000 [notice] Unable to find IPv4 address for ORPort 9099. You might want to specify IPv6Only to it or set an explicit address or set Address. May 23 08:10:44.000 [notice] Bootstrapped 3% (conn_proxy): Connecting to proxy May 23 08:10:44.000 [notice] Bootstrapped 4% (conn_done_proxy): Connected to proxy May 23 08:10:44.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay May 23 08:10:44.000 [notice] Bootstrapped 14% (handshake): Handshaking with a relay May 23 08:10:44.000 [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done