{ "version": "https:\/\/jsonfeed.org\/version\/1", "title": "Заметки Александра Чернышева: заметки с тегом tor", "_rss_description": "Keep in mind", "_rss_language": "ru", "_itunes_email": "", "_itunes_categories_xml": "", "_itunes_image": "", "_itunes_explicit": "", "home_page_url": "https:\/\/aschernyshev.ru\/tags\/tor\/", "feed_url": "https:\/\/aschernyshev.ru\/tags\/tor\/json\/", "icon": "https:\/\/aschernyshev.ru\/user\/userpic@2x.jpg?1469596960", "author": { "name": "Александр Чернышев", "url": "https:\/\/aschernyshev.ru\/", "avatar": "https:\/\/aschernyshev.ru\/user\/userpic@2x.jpg?1469596960" }, "items": [ { "id": "21", "url": "https:\/\/aschernyshev.ru\/all\/prozrachnoe-proksirovanie-v-i2p-i-tor\/", "title": "Прозрачное проксирование в I2P и TOR.", "content_html": "
\n\"\"\n<\/div>\n

Заметка написана по мотивам статьи «Прозрачное проксирование в I2P и TOR<\/u>»<\/a>.<\/p>\n

_LANNET_<\/b> — локальная подсеть
\n_WANETH_<\/b> — внешний интерфейс
\n_LANETH_<\/b>  — внутренний интерфейс<\/p>\n

DNSMasq<\/h2>\n
vi \/etc\/dnsmasq.conf<\/code><\/pre>
\n
log-queries\r\nlog-facility=\/var\/log\/dnsmasq.log\r\nlisten-address= 0.0.0.0\r\ninterface=_LANETH_\r\nexcept-interface=_WANETH_\r\ndomain-needed \r\nbogus-priv  \r\nstrict-order \r\nno-resolv\r\nserver=77.88.8.88\r\nserver=8.8.8.8\r\naddress=\/.onion\/10.10.99.99\r\naddress=\/.i2p\/10.10.99.99<\/code><\/pre>
\n
systemctl enable dnsmasq.service\r\nsystemctl start dnsmasq.service<\/code><\/pre>
Tor<\/h2>\n
vi \/etc\/tor\/torrc<\/code><\/pre>
\n
SocksPort 9050\r\nSocksListenAddress 127.0.0.1\r\nExcludeNodes {ru}, {ua}, {by}\r\nVirtualAddrNetworkIPv4 10.192.0.0\/10\r\nAutomapHostsOnResolve 1<\/code><\/pre>
\n
systemctl enable tor.service\r\nsystemctl start tor.service<\/code><\/pre>
i2pd<\/h2>\n
vi \/etc\/i2pd\/subscriptions.txt<\/code><\/pre>
\n
http:\/\/inr.i2p\/export\/alive-hosts.txt\r\nhttp:\/\/stats.i2p\/cgi-bin\/newhosts.txt\r\nhttp:\/\/i2p-projekt.i2p\/hosts.txt\r\nhttp:\/\/i2host.i2p\/cgi-bin\/i2hostetag\r\nhttp:\/\/no.i2p\/export\/alive-hosts.txt\r\nhttp:\/\/rus.i2p\/hosts.txt\r\nhttp:\/\/udhdrtrcetjm5sxzskjyr5ztpeszydbh4dpl3pl4utgqqw2v4jna.b32.i2p\/hosts.tx<\/code><\/pre>
\n
vi \/etc\/i2pd\/<\/code><\/pre>
\n
[IRC]\r\ntype = client\r\naddress = 127.0.0.1\r\nport = 6668\r\ndestination = irc.postman.i2p\r\ndestinationport = 6667\r\nkeys = irc-keys.dat<\/code><\/pre>
\n
systemctl enable i2pd.service\r\nsystemctl start i2pd.service<\/code><\/pre>
TinyProxy<\/h2>\n
vim \/etc\/tinyproxy.conf<\/code><\/pre>
\n
User nobody\r\nGroup nogroup\r\nPort 8888\r\nListen _LANNET_\r\nTimeout 200\r\nErrorFile 404 "\/usr\/share\/tinyproxy\/404.html"\r\nErrorFile 400 "\/usr\/share\/tinyproxy\/400.html"\r\nErrorFile 503 "\/usr\/share\/tinyproxy\/503.html"\r\nErrorFile 403 "\/usr\/share\/tinyproxy\/403.html"\r\nErrorFile 408 "\/usr\/share\/tinyproxy\/408.html"\r\nDefaultErrorFile "\/usr\/share\/tinyproxy\/default.html"\r\nStatFile "\/usr\/share\/tinyproxy\/stats.html"\r\nLogfile "\/var\/log\/tinyproxy\/tinyproxy.log"\r\nLogLevel Info\r\nPidFile "\/var\/run\/tinyproxy\/tinyproxy.pid"\r\nupstream 127.0.0.1:8123\r\nupstream 127.0.0.1:4444 ".i2p"\r\nupstream 127.0.0.1:8124 ".onion"\r\nMaxClients 100\r\nMinSpareServers 5\r\nMaxSpareServers 20\r\nStartServers 10\r\nMaxRequestsPerChild 0\r\nAllow 127.0.0.1\r\nAllow 192.168.0.0\/16\r\nViaProxyName "tinyproxy"\r\nConnectPort 443\r\nConnectPort 563<\/code><\/pre>
\n
systemctl enable tinyproxy.service\r\nsystemctl start tinyproxy.service<\/code><\/pre>
Polipo<\/h2>\n
vim \/etc\/polipo\/wan.conf<\/code><\/pre>
\n
##################\r\n# https:\/\/www.irif.fr\/~jch\/software\/polipo\/polipo.html#\r\n##################\r\n\r\ndisplayName = WAN\r\nproxyPort = 8123\r\nallowedClients = 127.0.0.1, _LANNET_\r\ndnsQueryIPv6 = false\r\npidFile = \/var\/run\/polipo\/polipo_wan.pid\r\n#######\r\ncensoredHeaders = from, accept-language\r\ncensorReferer = maybe\r\ndisableVia = true\r\n####### Cache #######\r\ndiskCacheRoot = "\/var\/cache\/polipo\/wan_cache\/"\r\nmaxDiskCacheEntrySize = 524288\r\ndiskCacheDirectoryPermissions = 0700\r\ndiskCacheFilePermissions = 0600\r\nrelaxTransparency = maybe\r\ndontCacheCookies = true\r\ndontCacheRedirects = true\r\ndiskCacheUnlinkTime = 7d\r\ndiskCacheTruncateTime = 3d\r\ndiskCacheTruncateSize = 1MB\r\n######## Memory ########\r\nchunkHighMark = 50331648\r\nobjectHighMark = 16384\r\n######## WEB Interface ########\r\ndisableLocalInterface = true\r\n#disableConfiguration = false\r\n#disableIndexing = false\r\n#disableServersList = false\r\n######## Log ########\r\nlogSyslog = true\r\nlogFile = "\/var\/log\/polipo\/wan.log"<\/code><\/pre>
\n
vim \/etc\/polipo\/tor.conf<\/code><\/pre>
\n
##################\r\n# https:\/\/www.irif.fr\/~jch\/software\/polipo\/polipo.html#\r\n##################\r\n\r\ndisplayName = TOR\r\nproxyPort = 8124\r\nallowedClients = 127.0.0.1, _LANNET_\r\ndnsQueryIPv6 = false\r\npidFile = \/var\/run\/polipo\/polipo_tor.pid\r\n####### SOCKS #######\r\nsocksParentProxy = "127.0.0.1:9050"\r\nsocksProxyType=socks5\r\n#######\r\ncensoredHeaders = from, accept-language\r\ncensorReferer = maybe\r\ndisableVia = true\r\n####### Cache #######\r\ndiskCacheRoot = "\/var\/cache\/polipo\/tor_cache\/"\r\ndiskCacheDirectoryPermissions = 0700\r\ndiskCacheFilePermissions = 0600\r\nrelaxTransparency = maybe\r\ndontCacheCookies = true\r\ndontCacheRedirects = true\r\ndiskCacheUnlinkTime = 7d\r\ndiskCacheTruncateTime = 3d\r\ndiskCacheTruncateSize = 1MB\r\n######## Memory ########\r\nchunkHighMark = 50331648\r\nobjectHighMark = 16384\r\n######## WEB Interface ########\r\ndisableLocalInterface = true\r\n#disableConfiguration = false\r\n#disableIndexing = false\r\n#disableServersList = false\r\n######## Log ########\r\nlogSyslog = true\r\nlogFile = "\/var\/log\/polipo\/tor.log"<\/code><\/pre>
\n
vi \/etc\/systemd\/system\/polipo@.service<\/code><\/pre>
\n
[Unit]\r\nDescription=Polipo Proxy Server\r\nAfter=network.target\r\n\r\n[Service]\r\nUser=proxy\r\nGroup=proxy\r\nType=simple\r\nRestart=always\r\nPIDFile=\/var\/run\/polipo\/polipo_%i.pid\r\nPermissionsStartOnly=true\r\nExecStartPre=\/bin\/mkdir -p \/var\/cache\/polipo\/%i_cache\r\nExecStartPre=\/bin\/chown proxy:proxy \/var\/cache\/polipo\/%i_cache -R\r\nExecStartPre=\/bin\/chmod 700 \/var\/cache\/polipo\/%i_cache -R\r\nExecStart=\/usr\/bin\/polipo -c \/etc\/polipo\/%i.conf\r\nExecReload=\/bin\/kill -USR1 $MAINPID\r\n\r\n\r\n[Install]\r\nWantedBy=multi-user.target<\/code><\/pre>
\n
vi \/etc\/tmpfiles.d\/polipo.conf<\/code><\/pre>
\n
d \/run\/polipo 0755 proxy proxy -<\/code><\/pre>
Скрипт для очистки кеша<\/p>\n
vi \/usr\/local\/polipo\/polipo_trimcache.sh<\/code><\/pre>
\n
#!\/bin\/bash\r\n\r\nexport PATH="$PATH:\/usr\/sbin:\/usr\/bin:\/usr\/local\/sbin:\/usr\/local\/bin"\r\nSN="$(basename "$0")"\r\n\r\nfunction print_help() {\r\n    printf "\\n"\r\n    printf "Использование: %s options...\\n" "$SN"\r\n    printf "Параметры:\\n"\r\n    printf "  -n         Имя копии Polipo.\\n"\r\n    printf "  -h         Справка.\\n"\r\n    printf "\\n"\r\n}\r\n\r\n# Если скрипт запущен без аргументов, открываем справку.\r\nif [[ $# = 0 ]]; then\r\n    print_help && exit 1\r\nfi\r\nwhile getopts ":n:h" opt ;\r\ndo\r\n    case $opt in\r\n        n) NAME=$OPTARG;\r\n            ;;\r\n        h) print_help\r\n            exit 1\r\n            ;;\r\n        *) printf "Неправильный параметр\\n";\r\n           printf "Для вызова справки запустите %s -h\\n" "$SN";\r\n            exit 1\r\n            ;;\r\n        esac\r\ndone\r\n\r\nif [[ "$NAME" == "" ]] ;  then\r\n printf "\\n"\r\n printf "Параметры запуска не указаны.\\n"\r\n printf "Для справки наберите: %s -h\\n" "$SN"\r\n printf "\\n"\r\n exit 1\r\nfi\r\n\r\nCONFIG_FILE=\/etc\/polipo\/$NAME.conf\r\nFORBIDDEN_FILE=\/etc\/polipo\/forbidden\r\nPIDFILE=\/var\/run\/polipo\/polipo_$NAME.pid\r\nRUNAS=proxy\r\n\r\nif [ ! -x \/usr\/bin\/polipo ]; then\r\n  exit 0\r\nfi\r\n\r\nif [ ! -f "$FORBIDDEN_FILE" ]; then\r\n  FORBIDDEN_FILE=\/dev\/null\r\nfi\r\n\r\nif [ -f "$PIDFILE" ]; then\r\n  # Instruct polipo to to flush its in-memory cache to disk (signal USR1)\r\n  kill -USR1 "$(cat "$PIDFILE")"\r\n  # Allow some time for polipo to perform the requested flush\r\n  sleep 2\r\n  # Since f17, the following su command prints "...killed." to stdout ???\r\n  runuser -s \/bin\/sh -c \\\r\n    "nice polipo -x -c $CONFIG_FILE forbiddenFile=$FORBIDDEN_FILE > \/dev\/null" \\\r\n    $RUNAS 2> \/dev\/null\r\n  # Instruct polipo to to discard its in-memory cache (signal USR2)\r\n  kill -USR2 "$(cat "$PIDFILE")"\r\nfi\r\n\r\nexit 0<\/code><\/pre>
\n
vi \/etc\/systemd\/system\/polipo_trimcache@.service<\/code><\/pre>
Создаем сервис для очистки кеша<\/p>\n
\n
[Unit]\r\nDescription=Polipo trim cache on %I\r\nAfter=network-online.target\r\n\r\n[Service]\r\nType=oneshot\r\nExecStart=\/usr\/lib\/polipo\/polipo_trimcache.sh -n %i<\/code><\/pre>
Создаем таймер<\/p>\n
\n
vi \/etc\/systemd\/system\/polipo_trimcache@.timer<\/code><\/pre>
[Unit]\r\nDescription=Polipo trim cache timer on %I\r\n\r\n[Timer]\r\nOnCalendar=*-*-* 00:00:00\r\nPersistent=true\r\n\r\n[Install]\r\nWantedBy=timers.target<\/code><\/pre>
Активируем и запускаем сервисы<\/p>\n
systemctl enable polipo@wan\r\nsystemctl enable polipo_trimcache@wan.timer\r\nsystemctl start polipo@wan\r\nsystemctl sart polipo_trimcache@wan.timer\r\nsystemctl enable polipo@tor\r\nsystemctl enable polipo_trimcache@tor.timer\r\nsystemctl start polipo@tor\r\nsystemctl sart polipo_trimcache@tor.timer<\/code><\/pre>",
            "date_published": "2016-11-24T14:47:40+03:00",
            "date_modified": "2017-03-17T20:17:31+03:00",
            "image": "https:\/\/aschernyshev.ru\/pictures\/i2p_tor_logo.jpg",
            "_date_published_rfc2822": "Thu, 24 Nov 2016 14:47:40 +0300",
            "_rss_guid_is_permalink": "true",
            "_rss_guid": "https:\/\/aschernyshev.ru\/all\/prozrachnoe-proksirovanie-v-i2p-i-tor\/",
            "_e2_data": {
                "is_favourite": false,
                "links_required": [
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css",
                    "system\/library\/highlight\/highlight.js",
                    "system\/library\/highlight\/highlight.css"
                ],
                "og_images": [
                    "https:\/\/aschernyshev.ru\/pictures\/i2p_tor_logo.jpg"
                ]
            }
        },
        {
            "id": "9",
            "url": "https:\/\/aschernyshev.ru\/all\/firefox-ne-otkryvaet-sayty-onion\/",
            "title": "Firefox не открывает сайты .onion",
            "content_html": "
Начиная с версии Firefox 45<\/b>  в настройках about:config<\/b> появилась новая опция network.dns.blockDotOnion<\/b> для блокировки на уровне DNS узлов в скрытой сети .onion<\/b>. По умолчанию указано значение true<\/b>. Для отключения этой опции необходимо изменить значение на false<\/b> и перезапустите браузер.<\/p>\n",
            "date_published": "2016-08-19T10:24:59+03:00",
            "date_modified": "2016-08-19T11:41:35+03:00",
            "_date_published_rfc2822": "Fri, 19 Aug 2016 10:24:59 +0300",
            "_rss_guid_is_permalink": "true",
            "_rss_guid": "https:\/\/aschernyshev.ru\/all\/firefox-ne-otkryvaet-sayty-onion\/",
            "_e2_data": {
                "is_favourite": false,
                "links_required": [],
                "og_images": []
            }
        }
    ],
    "_e2_version": 3576,
    "_e2_ua_string": "E2 (v3576; Aegea)"
}