OpenGFW icon indicating copy to clipboard operation
OpenGFW copied to clipboard
verified publisher icon apernet

feat: tor analyzer (phase 1)

Open eddc005 opened this issue 1 year ago • 0 comments

A very straightforward Tor analyzer. Blocks all public relays by querying the authoritative directory. Doesn't block private bridges yet

Example rule

- name: Block Tor relays
  action: block
  expr: tor != nil && tor.relay

Testing

# Install Tor command line
$ sudo apt-get install tor

# We want to run tor interactively, so stop the service
$ sudo systemctl stop tor

# Without running OpenGFW, tor will bootstrap successfully
$ tor
...
Jun 12 00:00:00.000 [notice] Bootstrapped 100% (done): Done

# With OpenGFW, tor will fail to bootstrap
$ tor
...
Jun 12 00:00:00.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay
(stuck here)

Next step

  1. Periodically update the directory
  2. Block private bridges (more complicated, GFW uses active probe for this)

eddc005 avatar Jun 12 '24 23:06 eddc005