README.md 3.88 KB
Newer Older
1
2
3
4
# Probetest

This is a collection of scripts for performing automatic reachability tests of Snowflake and obfs4. 

5
6
Datasets from multiple probe points are published by us at: https://people.torproject.org/~cohosh/bootstrap.csv

7
8
9
10
11
12
13
14
15
16
### Setup


#### Docker

We have a docker image for performing these tests.

#### Manual

1. Install dependencies
17
- the following packages:
18
```
19
apt-get install python3 tcpdump wget tor
20
```
21
22
- Go 1.13+
- tcpdump
23
24

2. Build the stun test
25
```
26
cd stun-test
27
28
29
30
go get -d && go build
```

3. Configure tcpdump (Optional)
31

32
33
34
35
36
37
38
39
If you're running this as a non-root (or sudo) user, and you want to take packet captures, you'll have to set up tcpdump as follows:

```
groupadd tcpdump
usermod -a -G tcpdump user
chgrp tcpdump /usr/sbin/tcpdump
setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump
```
40
41
42
43
44

### Running tests

Usage: `./probetests.sh [TYPE] [SITENAME]`

45
`[SITENAME]` is an arbitrary identifier for the probe site
46
47
that you have to choose.

48
`[TYPE]` is the type of probe test to be performed. Right now
49
50
there are two types: "obfs4"|"snowflake"

51
52
53
54
55
56
57
58
The `bridge_lines.txt` file should contain a list of bridges to test. Each line corresponds to a bridge and should be of the form:
```
<nickname>,<bridge_line>
```
where `<bridge_line>` is the line to go in the torrc file and is structured as follows:
```
obfs4 <IP:Port> <FINGERPRINT> cert=<CERT> iat-mode=0
```
59
60

Add to crontab to run tests 4x a day:
61
62
63
64
65
66
67
68
69
70
71
72
```
0 */6 * * * cd ~/bridgetest && ./probetest.sh [TYPE] [SITENAME]
```

### Analyzing tests results

#### Data format

All data from the tests are located in the created `log/` directory. The directory structure is as follows:
```
log/[TYPE]/[SITENAME]/[RUN]
```
Cecylia Bocovich's avatar
Cecylia Bocovich committed
73
where `[RUN]` is the timestamp of the test run in the format `YYYYMMDD-HHMM`.
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

Inside of each run's directory are a combination of capture files and logs, depending on the type of test.

##### Snowflake data output

The snowflake tests checks the reachability of the default STUN servers and then proceeds to make a connection to snowflake and download a file over the connection for a set number of times. This produces the following output:

- `stun-test.csv` is a CSV file with entries of the format:
    ```
    <url>,<reachability>,<error>
    ```

    where `url` is the URL of the STUN server, `reachability` is a boolean value of whether it was reachable or not, and `error` is an error message that was produced in case it was not reachable.

- `snowflake-probe-[n]-client.log` is a log file with output from the snowflake client binary.
- `snowflake-probe-[n]-eth0.pcap` is a packet capture of all snowflake network traffic
- `snowflake-probe-[n]-lo.pcap` is a packet capture of local traffic, useful for measuring the rate of the file download
- `snowflake-probe-[n]-tor.log` is the tor bootstrapping output
- `snowflake-probe-[n].tcpdump.err` is the tcpdump error output


#### Analysis scripts
We've written some scripts to analyze and extract data from the packet captures, but in some cases manually inspecting the capture files might prove useful.
97
98

Analyze Tor bootstrap progress from logs:
Cecylia Bocovich's avatar
Cecylia Bocovich committed
99
1. Make the CSV:
100
101
102
    ```
    find log/[TYPE] -name '*.log' | sort | ./makecsv > bootstrap.csv
    ```
Cecylia Bocovich's avatar
Cecylia Bocovich committed
103
104

2. Plot the results:
105
106
107
    ```
    Rscript plot-bootstrap.R bootstrap.csv
    ```
108
109

Analyze obfs4 throughput from pcap files:
Cecylia Bocovich's avatar
Cecylia Bocovich committed
110
111
112
1. Adapt the variables `CLIENT_TUPLE` and `SERVER_TUPLE` in `infer-throughput.py`.

2. Run the script:
113
114
115
    ```
    python obfs4-throughput.py download.pcap > download.csv
    ```
Cecylia Bocovich's avatar
Cecylia Bocovich committed
116
117

3. Plot the results:
118
119
120
    ```
    Rscript obfs4-throughput.R download.csv
    ```
121
122

Analyze snowflake throughput from pcap files:
Cecylia Bocovich's avatar
Cecylia Bocovich committed
123
124
125
1. Run the script:

2. Plot the results:
126
127
128
    ```
    Rscript snowflake-throughput.R snowflake-throughput.csv
    ```
129
130

Analyze snowflake reachability from log files:
Cecylia Bocovich's avatar
Cecylia Bocovich committed
131
1. Run the script:
132
133
134
    ```
    find log -name '*.log' | sort | ./snowflake-stage.py > stage.csv
    ```
Cecylia Bocovich's avatar
Cecylia Bocovich committed
135
136

2. Plot the results:
137
138
139
    ```
    Rscript snowflake-stage.R stage.csv
    ```