Skip to content

GitLab

Closed
Created by Trac@tracbot

Can't connect with TBB to my private bridge using OBFS3/4, if I use NOPROTOCOL it connects. The Bridge says it is properly set.

I Think the problem is in my private bridge, it's just unfindable to me. I doubt my TBB is the cause since this problem also appears using whonix.

I have set a Private Bridge on one of my servers. When I try to use it with the TBB(tor browser bundle) of one of my laptops it does connect only if I specify no protocol, If I use obfs3 or obfs4 I get erros, and I have already checked it is correctly set (the obfs4 plugin) in my server. Weird thing is that if I connect with no protocol, and then once it is connected I change the bridge line and insert obfs3 or obfs4 and keep browsing, then it switches to using the protocol without errors, but if I restart the browser then I get the error. Basically it only fails at starting the connection when I use the obfs3/obfs4 protocols in my private bridge line.

HERE ARE THE OUTPUTs of errors and configs.

1- OUTPUT when I specify no protocol (and it connects successfully and I can normally browse the web with my TBB):

08/03/2017 16:54:51.400 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop 
08/03/2017 16:54:52.100 [NOTICE] Bootstrapped 90%: Establishing a Tor circuit 
08/03/2017 16:54:53.000 [NOTICE] new bridge descriptor 'Unnamed' (fresh): $HERE-IS-MY-SERVER-FINGERPRINT~Unnamed at HERE-IS-MY-SERVER-IP-ADDRESS 
08/03/2017 16:54:54.200 [NOTICE] Tor has successfully opened a circuit. Looks like client functionality is working. 
08/03/2017 16:54:54.200 [NOTICE] Bootstrapped 100%: Done 
08/03/2017 16:54:55.200 [NOTICE] New control connection opened from 127.0.0.1. 
08/03/2017 16:54:55.200 [NOTICE] New control connection opened from 127.0.0.1.

2-OUTPUT when I specify protocol obfs3 ( and I restart the browser to make the first connection USING the protocol obfs3):

08/03/2017 13:03:45.200 [NOTICE] Bootstrapped 80%: Connecting to the Tor network 
08/03/2017 13:03:45.700 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop 
08/03/2017 13:03:46.200 [WARN] Proxy Client: unable to connect to HERE-IS-MY-SERVER-IP-ADDRESS:27654 ("general SOCKS server failure") 
08/03/2017 13:03:47.100 [WARN] Proxy Client: unable to connect to HERE-IS-MY-SERVER-IP-ADDRESS:27654 ("general SOCKS server failure") 
08/03/2017 13:03:47.700 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit. 
08/03/2017 13:03:47.900 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150 
08/03/2017 13:03:47.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. 
08/03/2017 13:03:47.900 [NOTICE] Closing old Socks listener on 127.0.0.1:9150 
08/03/2017 13:03:48.700 [NOTICE] Delaying directory fetches: DisableNetwork is set.

3-OUTPUT when I specify protocol obfs4 ( and I restart the browser to make the first connection USING the protocol obfs4):

08/03/2017 12:56:29.300 [NOTICE] Bootstrapped 80%: Connecting to the Tor network 
08/03/2017 12:56:29.600 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop 
08/03/2017 12:56:29.600 [WARN] Proxy Client: unable to connect to HERE-IS-MY-SERVER-IP-ADDRESS:27654 ("general SOCKS server failure") 
08/03/2017 12:56:30.600 [WARN] Proxy Client: unable to connect to HERE-IS-MY-SERVER-IP-ADDRESS:27654 ("general SOCKS server failure") 
08/03/2017 12:56:31.600 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit. 
08/03/2017 12:56:32.600 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit. 
08/03/2017 12:56:33.400 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150 
08/03/2017 12:56:33.400 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. 
08/03/2017 12:56:33.400 [NOTICE] Closing old Socks listener on 127.0.0.1:9150 
08/03/2017 12:56:33.600 [NOTICE] Delaying directory fetches: DisableNetwork is set.

4-OUTPUT of my torrc file in my private bridge (my server):

SocksPort 0
ORPort 27654
BridgeRelay 1
PublishServerDescriptor 0
Exitpolicy reject *:*

# Use obfs4proxy to provide the obfs4 protocol.
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy

5-OUTPUT of my /var/log/syslog so you can see that my private bridge server successfully opens circuit and that it SUCCESSFULLY USES the OBFS4 PLUGIN. -if you want to see /var/log/tor/log well it does not exist in my server, instead the /var/log/tor/log gets printed at syslog.:

Aug  3 12:27:53 server1 tor[1607]: Configuration was valid
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.488 [notice] Tor 0.3.0.9 (git-100816d92ab5664d) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.488 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.488 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.489 [notice] Read configuration file "/etc/tor/torrc".
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.494 [notice] Your ContactInfo config option is not set. Please consider setting it, so we can contact you if your server is misconfigured or somet$
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.494 [notice] Based on detected system memory, MaxMemInQueues is set to 768 MB. You can override this by setting MaxMemInQueues by hand.
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.495 [notice] I think we have 64 CPUS, but only 1 of them are available. Telling Tor to only use 1. You can override this with the NumCPUs option
Aug  3 12:27:53 server1 tor[1610]: Aug 03 12:27:53.496 [notice] Opening OR listener on 0.0.0.0:27654
Aug  3 12:27:53 server1 Tor[1610]: Can't get entropy from getrandom().
Aug  3 12:27:53 server1 Tor[1610]: Tor 0.3.0.9 (git-100816d92ab5664d) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Aug  3 12:27:53 server1 Tor[1610]: Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Aug  3 12:27:53 server1 Tor[1610]: Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Aug  3 12:27:53 server1 Tor[1610]: Read configuration file "/etc/tor/torrc".
Aug  3 12:27:53 server1 Tor[1610]: Your ContactInfo config option is not set. Please consider setting it, so we can contact you if your server is misconfigured or something else goes wrong.
Aug  3 12:27:53 server1 Tor[1610]: Based on detected system memory, MaxMemInQueues is set to 768 MB. You can override this by setting MaxMemInQueues by hand.
Aug  3 12:27:53 server1 Tor[1610]: I think we have 64 CPUS, but only 1 of them are available. Telling Tor to only use 1. You can override this with the NumCPUs option
Aug  3 12:27:53 server1 Tor[1610]: Opening OR listener on 0.0.0.0:27654
Aug  3 12:27:53 server1 Tor[1610]: We use pluggable transports but the Extended ORPort is disabled. Tor and your pluggable transports proxy communicate with each other via the Extended ORPort so it$
Aug  3 12:27:53 server1 Tor[1610]: Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Aug  3 12:27:53 server1 Tor[1610]: Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Aug  3 12:27:53 server1 Tor[1610]: Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now.
Aug  3 12:27:54 server1 Tor[1610]: Your Tor server's identity key fingerprint is 'Unnamed HERE-IS-MY-SERVER-FINGERPRINT'
Aug  3 12:27:54 server1 Tor[1610]: Your Tor bridge's hashed identity key fingerprint is 'Unnamed HERE-IS-MY-SERVER-bridgedhashed-FINGERPRINT'
Aug  3 12:27:54 server1 Tor[1610]: Bootstrapped 0%: Starting
Aug  3 12:27:56 server1 Tor[1610]: Starting with guard context "default"
Aug  3 12:27:56 server1 Tor[1610]: Bootstrapped 80%: Connecting to the Tor network
Aug  3 12:27:56 server1 systemd[1]: Started Anonymizing overlay network for TCP.
Aug  3 12:27:56 server1 Tor[1610]: Signaled readiness to systemd
Aug  3 12:27:56 server1 Tor[1610]: Opening Control listener on /var/run/tor/control
Aug  3 12:27:56 server1 Tor[1610]: Bootstrapped 85%: Finishing handshake with first hop
Aug  3 12:27:57 server1 Tor[1610]: Bootstrapped 90%: Establishing a Tor circuit
Aug  3 12:27:57 server1 Tor[1610]: Registered server transport 'obfs4' at '[::]:39979'
Aug  3 12:27:58 server1 Tor[1610]: Tor has successfully opened a circuit. Looks like client functionality is working.
Aug  3 12:27:58 server1 Tor[1610]: Bootstrapped 100%: Done
Aug  3 12:27:58 server1 Tor[1610]: Now checking whether ORPort HERE-IS-MY-SERVER-IP-ADDRESS:27654 is reachable... (this may take up to 20 minutes -- look for log messages indicating success)
Aug  3 12:27:58 server1 Tor[1610]: Self-testing indicates your ORPort is reachable from the outside. Excellent.
Aug  3 12:28:03 server1 Tor[1610]: Performing bandwidth self-test...done.

OUTPUT of my tor version in my private bridge server:

tor:
  Installed: 0.3.0.9-1~xenial+1

My private bridge server OS is Unbutu 16.04 Xenial. Sorry I didn't know how to put the code in the boxes since "[code]" doesn't work..

When I connect from my TBB to my private bridge I used the normal syntax: <protocol(if any)> :<port,in my case is 27654>

Please help me, I have even changed OS from debian to ubuntu thinking this would solve the problem. As a matter of fact now I have the same problem as before...

Trac:
Username: help-OBFS4-BRIDGE