Delivery-Date: Wed, 20 Jan 2016 19:26:43 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id B9C061E2D62;
	Wed, 20 Jan 2016 19:26:41 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id C26C7394A1;
	Thu, 21 Jan 2016 00:26:36 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 28F3539493
 for <tor-talk@lists.torproject.org>; Thu, 21 Jan 2016 00:26:33 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id H1RlJxou146c for <tor-talk@lists.torproject.org>;
 Thu, 21 Jan 2016 00:26:33 +0000 (UTC)
Received: from mail-pf0-x234.google.com (mail-pf0-x234.google.com
 [IPv6:2607:f8b0:400e:c00::234])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id E45BA3942A
 for <tor-talk@lists.torproject.org>; Thu, 21 Jan 2016 00:26:32 +0000 (UTC)
Received: by mail-pf0-x234.google.com with SMTP id q63so13520726pfb.1
 for <tor-talk@lists.torproject.org>; Wed, 20 Jan 2016 16:26:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=disposition-notification-to:return-receipt-to:in-reply-to
 :references:mime-version:content-transfer-encoding:content-type
 :subject:from:date:to:message-id;
 bh=QkYmbGdTpSETZsDekTBcQLnw4/hhkmS+j3XIVNhJ55M=;
 b=iLnrv9Q5wh7rErhtiWQ6ENujy8kREoGnj1YbbFJ/lhGFjssxLKVeRpdEZCf61Ezux5
 oZYnD9nsiQ7zsJJPse8xGyflsjcthOMCFLJsPvOtNc4XWOGYW1BTldOgE8FqMj6d77SI
 9oWozN4FKntm9RcQO1HcLRCVVWtagJPUdtAPHL9MmY6BR9O86MX0K5Z5Lx8oubj2I4Np
 6kWkUQt4iC6L2bppD0SJXIEeAZtyPOCKa6Ox46lmGzQvUxYjxfZPMmhJm+18FOEfImna
 Y4R2UDJ455mNIPnaYod/+kQwG4ARrK6QTPQ81cxgfmRo4n4KHixFvAiVNTK4uGvttvti
 X6kw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:disposition-notification-to:return-receipt-to
 :in-reply-to:references:mime-version:content-transfer-encoding
 :content-type:subject:from:date:to:message-id;
 bh=QkYmbGdTpSETZsDekTBcQLnw4/hhkmS+j3XIVNhJ55M=;
 b=NUGJCC8qJrl9DeoA3YOOSrdLSsuJwHYH7gHjLJ8tDNSIXDk8vXAczHyrT+uG8oom7m
 7W2fJJsaza3IKJJu3zNPjuroH9intgDT9hjgH0CZ1bH+EfCJUR70dy1yYDEmrZN0ibNG
 P5Vj7NcU+JkWP6aJ/BD9wjPqjxX5EoimLkij/YXPYAnu7JO2+woCHp8Y8dXjc4tn3gXH
 QXqMZfxssztKPxX6W+AP4bSYU7ohWdDAcil/kjV94zf3xLZd4RdhPyITE7tHmd96gftW
 7g21i3YKjOSWxFLXRdNN2yXl+FvRd4SXiyrEow8Mlj2wOH+PddhGNVWT6mqgmMxKzhLs
 OFJA==
X-Gm-Message-State: ALoCoQmzswp7vNbHhre1WtvZ22R6fKLRGzrLR/BALxf3gsZimLMqIuGssMI9S9H3dZXXgpo5KpYSyZmkwGIkJpkGImxi5fUQKg==
X-Received: by 10.98.14.68 with SMTP id w65mr57692819pfi.146.1453335990263;
 Wed, 20 Jan 2016 16:26:30 -0800 (PST)
Received: from [192.168.3.128] (c-76-22-98-172.hsd1.wa.comcast.net.
 [76.22.98.172])
 by smtp.gmail.com with ESMTPSA id xa9sm34399033pab.44.2016.01.20.16.26.28
 (version=TLSv1/SSLv3 cipher=OTHER);
 Wed, 20 Jan 2016 16:26:28 -0800 (PST)
In-Reply-To: <CAJVRA1SX3wFFm519DXQsYcRYSkRbzJDXJGe+ctj=V1Yeon47yg@mail.gmail.com>
References: <0C175F9B-9446-41E7-9479-A52E3589F379@gmail.com>
 <CAJVRA1SX3wFFm519DXQsYcRYSkRbzJDXJGe+ctj=V1Yeon47yg@mail.gmail.com>
MIME-Version: 1.0
From: Michael <strangerthanbland@gmail.com>
Date: Wed, 20 Jan 2016 16:26:51 -0800
To: tor-talk@lists.torproject.org
Message-ID: <C70326E8-0427-4D41-9B0D-4F7D0767D4E1@gmail.com>
Subject: Re: [tor-talk] Scripted installer of Tor and more being worked on
	at GitHub, ya may want to sit down for this...
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Coderman, most welcome. 

To answer your question on port binding; that's a bit tricky, and depends on what types of Tor nodes are chosen. Oh and the most up to date documentation for variables and script arguments can be found in the [ ~/variables/ blank_torinstall_vars.sh ] file, I'll have to rename it and/or split it up by package name latter (much like the default variables files) as well as do more edits to ensure that it nulls all variables on exit.
 - for bridge torrc files this is assigned within the `case` statement and only if "public" subtype was selected; sets to port "0" by default to keep public out of your bridge's socks. I'll have to read up a little more on security issues/mitigation for bridge nodes in relation to socks port. More than likely the "privet" bridge option will be making use of Polipo so I'll be sure to at least add a bridge socks port option soon.
- for client torrc files this is assigned within the `for` loop starting at port 10010 on line 11 for SocksPort, ie [ SocksPort 100${_tor_count}0 ] and counting up to the number given via [-C=4] command which also maybe assigned with [ _connection_count =4 ]  within a configuration file passed with [ -vf=some_config.sh ] command. This same value is also used by Privoxy so I'll have to write a few sanity checks and edits before adding a client socks port prefix option. For [ SocksBindAddress ] and listen and accept policies I'll be adding two new options [ -TSBA ] and [ -TSLA ] for binding and listening and then use some scripted logic for acceptance lines... oh well that wasn't to hard :-D next code push now includes these last two options.
- for exit torrc files this like public bridges is set to "0" as well as setting the socks acceptance policy to reject by default. Note next code push will now include variable [ ${_tor_dir_port:-9030} ] set by [ -TDP=9030 ] for assigning torrc's DirPort. Additionally I've added some checks for binding to the external and local IP:Port or Port alone (makes Tor guess) for config lines like [ OutboundBindAddress ], and the [ -TOP=9001 ] or [ ${_tor_or_port:-9001} ] has been corrected for assigning the ORPort. I still have to add a `for` loop for IPv4/v6 [ ExitPolicy accept ... ] to allow for adding more ports than just the restrictive policy list currently coded for.
- for hidden service torrc files socks ports and addresses have not even been set yet but it may be best to disable it completely.

If you happen to know which versions are incompatible with Tor port binding configuration or where I can find this info I can add another set of checks based on Tor version where needed.

Thanks for taking the dive into the code Coderman, more eyes are defiantly better when dealing with this many lines of configurations.

On January 20, 2016 3:54:43 AM PST, coderman <coderman@gmail.com> wrote:
>On 1/19/16, Michael <strangerthanbland@gmail.com> wrote:
>> Salutations Tor,
>>
>> I've something special to share with you all; regardless of if you're
>a node
>> operator, hidden service provider, client or completely new to Tor
>> installation and configurations... in short... a script pack aimed to
>> install and configure the previously listed node types and then a
>little
>> more.
>> https://github.com/S0AndS0/Perinoid_Linux_Project
>
>interesting; thank you!
>
>
>> ... Feel free to ask questions,
>
>i did not see a way for general preferance of control socket, socks
>socket, etc, over IP:Port in configs. this would be useful, but also
>need graceful fallback as older Tor versions do not support socket
>type for some services...  [codespelunking continues]
>
>
>best regards,

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

