ubuntu 9.10 安装tor+polipo+bridges 成功
根据网上教程一步一步终于把自己的laptop戴上套了!mark为免忘记!所有内容均翻墙转载自网上,希望墙内的朋友也能看看外面精彩的世界!!
第一步:下载并安装 Tor
Tor 最新发布版本可以在下载页面获得。 我们同样提供了 Debian,Red Hat,Gentoo,*BSD 等的软件包。
方法一:
如果你打算从源文件编译,首先安装 libevent, 并确认已安装 openssl 和 zlib(包括 -devel 软件包)。 然后执行:
tar xzf tor-0.2.1.25.tar.gz; cd tor-0.2.1.25
./configure && make
现在你可以通过 src/or/tor 运行 Tor, 或者你可以执行 make install(需要 root 权限)把它安装到 /usr/local, 之后你就能通过 tor 启动 Tor。
默认状态下,Tor 被配置为客户端。它使用一个内置的默认配置文件, 大多数人不需要修改其中的任何设置。Tor 安装完毕。
方法二:
如果你的操作系统是 Ubuntu,不要使用默认的软件包:请使用我们的 deb 仓库:
选择一: Tor on Debian lenny, Debian sid, or Debian testing
If you’re using Debian stable (lenny), unstable (sid), or testing (squeeze), just run
apt-get install tor tor-geoipdb as root.
Note that this might not always give you the latest stable Tor version, but you will receive important security fixes. To make sure that you’re running the latest stable version of Tor, see option two below.
Now Tor is installed and running. Move on to step two of the “Tor on Linux/Unix” instructions.
选择二: Tor on Ubuntu or Debian
Do not use the packages in Ubuntu’s universe. They are unmaintained and out of date. That means you’ll be missing stability and security fixes.
You’ll need to set up our package repository before you can fetch Tor. First, you need to figure out the name of your distribution. If you’re using Ubuntu 9.10, it’s “karmic”, while 9.04 is “jaunty”, 8.10 is “intrepid”, and 8.04 is “hardy”. If you’re using Debian Etch, it’s “etch”, and Debian Lenny is “lenny”. 把下面命令行加到/etc/apt/sources.list 文件:
deb http://deb.torproject.org/torproject.org <DISTRIBUTION> main
(注释:根据你的版本替换<DISTRIBUTION>为etch, lenny, sid, karmic, jaunty, intrepid或hardy,我是ubuntu 9.10,所以替换为karmic))
Then add the gpg key used to sign the packages by running the following commands at your command prompt:
gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
Now refresh your sources and install Tor by running the following commands at your command prompt:
apt-get update
apt-get install tor tor-geoipdb
Now Tor is installed and running. Move on to step two of the “Tor on Linux/Unix”instructions.
第二步:为 Web 浏览安装 Polipo
Tor 安装结束后,你需要配置应用程序来使用它。
第一步是配置 Web 浏览。首先从软件仓库安装 Polipo。 Polipo 是一种缓存 Web 代理,能很好地支持 HTTP 的 pipelining, 因此适合 Tor 的延迟。Polipo 的版本至少应该是 1.0.4,因此早期的版本缺少 SOCKS 支持, 无法与 Tor 配合使用。
Polipo 安装完成后(通过软件包或源文件),你需要配置 Polipo 使用 Tor。 这里是为 Tor 准备的Polipo 配置文件,用它替换当前的 Polipo 配置文件(如 /etc/polipo/config 或 ~/.polipo)。 你需要重启 Polipo 以使修改生效。After installing Tor, you need to configure your applications to use it.
The first step is to set up web browsing. Start by installing Polipo from your favorite repository. Polipo is a caching web proxy that does http pipelining well, so it’s well-suited for Tor’s latencies. Make sure to get at least Polipo 1.0.4, since earlier versions lack the SOCKS support required to use Polipo with Tor. You should uninstall privoxy at this point (e.g. apt-get remove privoxy or yum remove privoxy), so they don’t conflict.
下载 polipo
git clone git://git.torproject.org/git/polipo
Once you’ve installed Polipo (either from package or from source), you will need to configure Polipo to use Tor. Grab our Polipo configuration for Tor and put it in place of your current polipo config file (e.g. /etc/polipo/config or ~/.polipo)
把以下内容替换掉默认的配置文件内容:
### Basic configuration
### *******************
# Uncomment one of these if you want to allow remote clients to
# connect:
# proxyAddress = "::0" # both IPv4 and IPv6
# proxyAddress = "0.0.0.0" # IPv4 only
proxyAddress = "127.0.0.1"
proxyPort = 8118
# If you do that, you'll want to restrict the set of hosts allowed to
# connect:
# allowedClients = "127.0.0.1, 134.157.168.57"
# allowedClients = "127.0.0.1, 134.157.168.0/24"
allowedClients = 127.0.0.1
allowedPorts = 1-65535
# Uncomment this if you want your Polipo to identify itself by
# something else than the host name:
proxyName = "localhost"
# Uncomment this if there's only one user using this instance of Polipo:
cacheIsShared = false
# Uncomment this if you want to use a parent proxy:
# parentProxy = "squid.example.org:3128"
# Uncomment this if you want to use a parent SOCKS proxy:
socksParentProxy = "localhost:9050"
socksProxyType = socks5
### Memory
### ******
# Uncomment this if you want Polipo to use a ridiculously small amount
# of memory (a hundred C-64 worth or so):
# chunkHighMark = 819200
# objectHighMark = 128
# Uncomment this if you've got plenty of memory:
# chunkHighMark = 50331648
# objectHighMark = 16384
chunkHighMark = 67108864
### On-disk data
### ************
# Uncomment this if you want to disable the on-disk cache:
diskCacheRoot = ""
# Uncomment this if you want to put the on-disk cache in a
# non-standard location:
# diskCacheRoot = "~/.polipo-cache/"
# Uncomment this if you want to disable the local web server:
localDocumentRoot = ""
# Uncomment this if you want to enable the pages under /polipo/index?
# and /polipo/servers?. This is a serious privacy leak if your proxy
# is shared.
# disableIndexing = false
# disableServersList = false
disableLocalInterface = true
disableConfiguration = true
### Domain Name System
### ******************
# Uncomment this if you want to contact IPv4 hosts only (and make DNS
# queries somewhat faster):
#
# dnsQueryIPv6 = no
# Uncomment this if you want Polipo to prefer IPv4 to IPv6 for
# double-stack hosts:
#
# dnsQueryIPv6 = reluctantly
# Uncomment this to disable Polipo's DNS resolver and use the system's
# default resolver instead. If you do that, Polipo will freeze during
# every DNS query:
dnsUseGethostbyname = yes
### HTTP
### ****
# Uncomment this if you want to enable detection of proxy loops.
# This will cause your hostname (or whatever you put into proxyName
# above) to be included in every request:
disableVia = true
# Uncomment this if you want to slightly reduce the amount of
# information that you leak about yourself:
# censoredHeaders = from, accept-language
# censorReferer = maybe
censoredHeaders = from,accept-language,x-pad,link
censorReferer = maybe
# Uncomment this if you're paranoid. This will break a lot of sites,
# though:
# censoredHeaders = set-cookie, cookie, cookie2, from, accept-language
# censorReferer = true
# Uncomment this if you want to use Poor Man's Multiplexing; increase
# the sizes if you're on a fast line. They should each amount to a few
# seconds' worth of transfer; if pmmSize is small, you'll want
# pmmFirstSize to be larger.
# Note that PMM is somewhat unreliable.
# pmmFirstSize = 16384
# pmmSize = 8192
# Uncomment this if your user-agent does something reasonable with
# Warning headers (most don't):
# relaxTransparency = maybe
# Uncomment this if you never want to revalidate instances for which
# data is available (this is not a good idea):
# relaxTransparency = yes
# Uncomment this if you have no network:
# proxyOffline = yes
# Uncomment this if you want to avoid revalidating instances with a
# Vary header (this is not a good idea):
# mindlesslyCacheVary = true
# Suggestions from Incognito configuration
maxConnectionAge = 5m
maxConnectionRequests = 120
serverMaxSlots = 8
serverSlots = 2
tunnelAllowedPorts = 1-65535
You’ll need to restart Polipo for the changes to take effect. For example:
/etc/init.d/polipo restart
If you prefer, you can instead use Privoxy with this sample Privoxy configuration. But since the config files both use port 8118, you shouldn’t run both Polipo and Privoxy at the same time.
第三步:配置应用程序使用 Tor
当 Tor 和 Polipo 安装结束后,你需要配置你的应用程序来使用它们。 第一步是配置 Web 浏览。
为了取得最佳的安全性,你应该使用 Firefox 和 Torbutton。安装 Torbutton 插件, 然后重新启动 Firefox,就这么简单:
第四步:添加网桥
在Ubuntu下TOR配置Bridges穿墙
GFW, by vangie.
非常时期,传统的穿墙术都不好使了,TOR,Gladder,VPN统统失效,就连我配了一个自家用的glype也歇菜了。
看了GFW还是有点牛逼的,不过过墙梯总是会有的,下面两位达人的帖子提供了新的方法
非常时期,如何用“套”穿墙
在Ubuntu下如何配置Tor网桥
可惜啊,都写在墙外的blogspot上,翻墙的梯子在墙外,这不是干着急吗?
经过一翻折腾,好不容易才看到穿墙秘籍。
下面介绍如何在Ubuntu下配置TOR bridges
Step1: 获取网桥地址
用你的gmail帐号发送主题和内容为”get bridges”的邮件至[email protected]
Step2: 配置Tor网桥
首先,备份原Tor配置文件torrc至备份目录:
sudo cp -p /etc/tor/torrc your-backup-directory
然后在torrc配置文件末尾添加”UseBridges 1“开关选项(默认是0, 即关闭状态),
UseBridges 1
注意:HOLY JOE’S BLOG 中该字段写的是“UserBridges 1” 经测试应该是笔误,将“Use”写成了“User”
最后,将[email protected]回复邮件中的bridge列表附加至torrc配置文件末尾,请按回复邮件中的bridge的原有格式添加,即:
bridge ip:port fingerprint
上述两篇博客中谈到的邮件中有fingerprint字段,我收到的邮件中没有,但是测试后发现同样有效
Step3: 重启Tor和Privoxy
sudo /etc/init.d/tor restart
sudo /etc/init.d/privoxy restart
Themocracy
呃,老七,我突然发现,你的留言好长啊
哎 看了这个文章 我只好发表下感慨 哥留下的不是评论 是寂寞