centos7.x搭建Tor私人网桥

1. 下载并安装 Tor

yum install tor -y

2. 安装 obfs4

通过python进行编译安装:

  • (1)安装 所需依赖软件模块:
yum install make automake gcc python-pip python-devel libyaml-devel
  • (2)安装 obfs4proxy:
pip install obfsproxy

通过go进行编译安装:

  • (1)下载go的obfs4项目:
git clone http://www.github.com/Yawning/obfs4
  • (2)进入obfs4目录进行编译:

go build -o obfs4proxy/obfs4proxy ./obfs4proxy
  • (3)复制bofs4proxy到系统工作目录下:
cp ./obfs4proxy/obfs4proxy /usr/bin/obfs4proxy

3. 配置 Tor Bridges

  • 编辑 /etc/tor/torrc:
vim /etc/tor/torrc
  • 定义一个 ORPort,不作为出口节点,设置成 Bridge:
Log notice file /var/log/tor/notices.log
RunAsDaemon 1
ORPort 4443
Exitpolicy reject *:*
BridgeRelay 1
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
ExtORPort auto
PublishServerDescriptor 0
  • 重启tor服务:
systemctl restart tor
  • 查看tor服务状态

systemctl status tor

4. 使用网桥

  • 查看日志文件,命令:
cat /var/log/tor/notices.log

内容如下:

[notice] Your Tor server's identity key fingerprint is 'Unnamed 530FA95A79B9145D315F15F01215BE2F3BE921EB'
[notice] Your Tor bridge's hashed identity key fingerprint is 'Unnamed 83D1AC9EC2F15D7024278461DC91A8B2E9BBF43A'
[notice] Registered server transport 'obfs4' at '[::]:46396'
[notice] Tor has successfully opened a circuit. Looks like client functionality is working.
[notice] Bootstrapped 100%: Done
[notice] Now checking whether ORPort <redacted>:4443 is reachable... (this may take up to 20 minutes -- look for log messages indicating success)
[notice] Self-testing indicates your ORPort is reachable from the outside. Excellent.

注意:记住输出中 obfs4 监听的端口(本例中是 46396)。并且还能找到你的 server identity fingerprint(本例中是 530FA95A79B9145D315F15F01215BE2F3BE921EB),也复制下来。

在 /var/lib/tor/pt_state/obfs4_bridgeline.txt 文件中可以看到类似如下的内容:

Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=oG6a3K7CtearIloUp2OCUk60oNMgw+jVgCNhGumMkODS659UEgRRx7yxZuoEo9Crp9GGXg iat-mode=0
  • 根据日志中的信息获得最终的网桥配置:
obfs4 <IP ADDRESS>:46396 530FA95A79B9145D315F15F01215BE2F3BE921EB cert=oG6a3K7CtearIloUp2OCUk60oNMgw+jVgCNhGumMkODS659UEgRRx7yxZuoEo9Crp9GGXg iatmode=0

5.将网桥配置信息填入Tor浏览器中,如下图

 

6.防火墙firewalld放行端口

  • 编辑防火墙公共配置/etc/firewalld/zones/public.xml文件,命令:
vim /etc/firewalld/zones/public.xml

 内容如下(本例ORPort端口 => 4443, obfs4端口 => 46396):

<port protocol="tcp" port="ORPort端口"/>
<port protocol="udp" port="ORPort端口"/>
<port protocol="tcp" port="obfs4端口"/>
<port protocol="udp" port="obfs4端口"/>
  •  使防火墙配置生效,命令:
firewall-cmd --complete-reload

7. 最后附上官方Tor浏览器下载地址

https://www.torproject.org/download/

评论 6
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值