set up fte bridge doesn't work #181
Description
I tried to set up a FTE bridge on a static IP address, and use Tor browser bundle (on another computer) as a client to connect to it. But it doesn't work properly.
Environment:
FTEproxy version is 0.2.19 on the server.
Client uses Tor browser 5.0.3.
Both server and client are ubuntu. Server is 14.04 LTS, and client is 12.04 LTS.
client-port = 59000
server-port = 59004
proxy-port = 59003
--Server Tor Config file (@/etc/tor/torrc)
Log notice file /var/log/tor/fte_log
SocksPort 0
ORPort 59003
BridgeRelay 1
ExitPolicy reject :
PublishServerDescriptor 0
ServerTransportListenAddr fte 0.0.0.0:59004
ServerTransportPlugin fte exec /usr/local/bin/fteproxy --managed --mode server # enable fte transport
--Client Tor config (GUI config from Tor browser bundle)
fte server-ip:59004 server-fingerprint'
I started the server with 'sudo tor', and the server is started successfully (log is '[notice] Registered server transport 'fte' at '0.0.0.0:59004''). But from the client, the connection falied with the following log:
10/23/2015 14:13:21.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
10/23/2015 14:13:21.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
10/23/2015 14:13:21.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
10/23/2015 14:13:21.700 [NOTICE] Opening Socks listener on 127.0.0.1:9150
10/23/2015 14:18:23.400 [WARN] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 2; recommendation warn; host server-fingerprint at server-ip:59004)
10/23/2015 14:18:23.400 [WARN] 2 connections have failed:
10/23/2015 14:18:23.400 [WARN] 2 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE
The Tor network traffic is the following.
Based on Kevin's suggestion, I started the following debugging.
Test 1: Tor without FTE ------> Works! (Tor is fine)
Test 2: Tor with pre-configured FTE ------> Works! (Idea of FTE is fine)
Test 3: Tor with Obfsproxy/ScambleSuit as bridge ---------> Works! (Network is fine)
Test 4: FTE without Tor (normal mode) ----------> Doesn't work!
I tested it FTE alone (without Tor PT) on two machines. But it turns out that it doesn't work either. To rule out the library issue, I use virtualenv for setting up both client and server. And fteproxy passed the '--mode test'.
Here are the commands that I used in order (comments/output starte with ##):
-- On the client machine (with client-ip as IP address):
(1) sudo pip install virtualenv
(2) sudo pip install virtualenvwrapper
(3) mkdir my_virtual_project
(4) cd my_virtual_project/
(5) virtualenv venv
(6) source venv/bin/activate
(7) pip install fteproxy
(8) fteproxy --mode test ##(it works fine)
(9) netstat -lpn | grep 59000 ## (no output, verify that nothing binds to client port)
(10) fteproxy --client_ip client-ip --client_port 59000 --server_ip server-ip --server_port 59004
-- On the server machine (with server-ip as IP address):
(1) -(8) same
(9) sudo netstat -lpn | grep 59003 ## (no output, verify that nothing binds to proxy port)
(10) fteproxy --server_ip server-ip --server_port 59004 --proxy_ip server-ip --proxy_port 59003
(11) ssh -D server-ip:59003 username@server-ip ## in another terminal
-- On the client:
(11) curl --socks client-ip:59000 google.com ## in another terminal
The output on the client terminal (from step (11) of client) is 'curl: (28) SOCKS5 read timeout'.
Network traffic is the following.
Test 5: FTE without Tor (dummy mode) ----------> Doesn't work!
Then as Kevin suggested, I tried to replace client command (10) as 'fteproxy --client_ip client-ip --client_port 59000 --server_ip server-ip --server_port 59004 --upstream-format=dummy-request --downstream-format=dummy-response'. It still doesn't work with the same error and network traffic from Test 4.