<div class="content"><h1 id="贡献自己的服务器搭建-tor-中转">贡献自己的服务器搭建 tor 中转</h1>
<p>本文告诉大家如何贡献自己的服务器来搭建 tor 中转，支持 tor。本文使用的服务器是 Centos 6 ，如果你的服务器不是 Centos 6 就不要看啦。</p>
<!--more-->
<p>1.下载并安装Tor</p>
<p>安装tor：</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1">yum install tor -y</div></code></pre>
<p>2.编译安装obfs4</p>
<p>安装所需软件：</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1">yum install git mercurial golang -y</div></code></pre>
<p>开始安装obfs4proxy：</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1">export GOPATH=`mktemp -d`</div>
<div class="sourceLine" id="2" href="#2" data-line-number="2">go get git.<span class="fu">torproject</span>.<span class="fu">org</span>/pluggable-transports/obfs4.<span class="fu">git</span>/obfs4proxy</div>
<div class="sourceLine" id="3" href="#3" data-line-number="3">cp $GOPATH/bin/obfs4proxy /usr/local/bin/</div></code></pre>
<p>3.配置Tor Bridges</p>
<p>首先，确认服务器上的时钟日期是正确的。 然后编辑/etc/tor/torrc，定义一个ORPort，不作为出口节点，设置成Bridge，请把中文删除</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1">Log notice file /var/log/tor/notices.<span class="fu">log</span>  设置日志的位置，之后就需要从日志拿到端口和fingerprint</div>
<div class="sourceLine" id="2" href="#2" data-line-number="2">RunAsDaemon <span class="dv">1</span></div>
<div class="sourceLine" id="3" href="#3" data-line-number="3">ORPort <span class="dv">444</span>                                监听的端口，这个可以自己设置</div>
<div class="sourceLine" id="4" href="#4" data-line-number="4">Exitpolicy reject *:*                     不作为出口</div>
<div class="sourceLine" id="5" href="#5" data-line-number="5">BridgeRelay <span class="dv">1</span>                             不对外广播</div>
<div class="sourceLine" id="6" href="#6" data-line-number="6">ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy      </div>
<div class="sourceLine" id="7" href="#7" data-line-number="7">PublishServerDescriptor <span class="dv">0</span></div>
<div class="sourceLine" id="8" href="#8" data-line-number="8"></div>
<div class="sourceLine" id="9" href="#9" data-line-number="9">AccountingMax <span class="dv">500</span> GBytes # 每月分配给 Tor 500G 流量  </div>
<div class="sourceLine" id="10" href="#10" data-line-number="10">AccountingStart month <span class="dv">3</span> <span class="dv">15</span>:<span class="dv">00</span> # 每月3号15点(Locale)清零  </div>
<div class="sourceLine" id="11" href="#11" data-line-number="11">RelayBandwidthRate <span class="dv">100</span> KBytes  # Throttle traffic to 100KB/<span class="fu">s</span> (800Kbps)  </div>
<div class="sourceLine" id="12" href="#12" data-line-number="12">RelayBandwidthBurst <span class="dv">200</span> KBytes # But allow bursts up to <span class="fu">200KB</span> (1600Kb)  </div></code></pre>
<p>重启Tor服务：</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1">service tor restart</div></code></pre>
<p>4.使用网桥</p>
<p>查看日志文件tail -n 100 -F /var/log/tor/notices.log，当看到有类似的输出，证明很成功：</p>
<p>[notice] Tor has successfully opened a circuit. Looks like client functionality is working. [notice] Bootstrapped 100%: Done [notice] Now checking whether ORPort the-vps-ip:444 is reachable… (this may take up to 20 minutes – look for log messages indicating success) [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent.</p>
<p>记住obfs4监听的地址。并且还能找到你的server identity fingerprint，也复制下来</p>
<p>在/var/lib/tor/pt_state/obfs4_bridgeline.txt文件中可以看到类似如下的内容：</p>
<p>Bridge obfs4 <ip address="">:<port> <fingerprint> cert=6LMNcXh6MIfApbZiMksnS4Kj+2sffZ5pybSqtcOO5YoHgfrMpkBJqvLxhuR2Ppau0L2seg iatmode=0</fingerprint></port></ip></p>
<p>把Bridge去了，ip换了，端口写对了，fingerprint粘贴了，之后，把这行复制即可，这个就是你的网桥了。</p>
<p>如果有防火墙，也需要修改</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1">vi /etc/firewalld/zones/<span class="kw">public</span>.<span class="fu">xml</span></div></code></pre>
<p>添加如下行：</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1"></div>
<div class="sourceLine" id="2" href="#2" data-line-number="2">&lt;port protocol=<span class="st">"tcp"</span> port=<span class="st">"ORPort端口"</span>/&gt;</div>
<div class="sourceLine" id="3" href="#3" data-line-number="3">&lt;port protocol=<span class="st">"udp"</span> port=<span class="st">"ORPort端口"</span>/&gt;</div>
<div class="sourceLine" id="4" href="#4" data-line-number="4">&lt;port protocol=<span class="st">"tcp"</span> port=<span class="st">"obfs4端口"</span>/&gt;</div>
<div class="sourceLine" id="5" href="#5" data-line-number="5">&lt;port protocol=<span class="st">"udp"</span> port=<span class="st">"obfs4端口"</span>/&gt;</div></code></pre>
<p>使新规则生效：</p>
<pre class="sourceCode csharp"><code class="sourceCode cs"><div class="sourceLine" id="1" href="#1" data-line-number="1">firewall-cmd --complete-reload</div></code></pre>
<p>其中obfs4端口可以从日志找到。</p>
<p><a href="https://briteming.blogspot.se/2017/05/obfs4tor-bridge.html">FISHERMAN’S BLOG.人生在世，看得穿，又看得远</a></p>
</div>
本文会经常更新,请阅读原文:
https://blog.lindexi.com/post/%E8%B4%A1%E7%8C%AE%E8%87%AA%E5%B7%B1%E7%9A%84%E6%9C%8D%E5%8A%A1%E5%99%A8%E6%90%AD%E5%BB%BAtor%E4%B8%AD%E8%BD%AC.html
,以避免陈旧错误知识的误导,同时有更好的阅读体验。
如果你想持续阅读我的最新博客,请点击 RSS 订阅,推荐使用RSS Stalker订阅博客,或者收藏我的博客导航
本作品采用
知识共享署名-非商业性使用-相同方式共享 4.0 国际许可协议
进行许可。欢迎转载、使用、重新发布,但务必保留文章署名林德熙(包含链接:
https://blog.lindexi.com
),不得用于商业目的,基于本文修改后的作品务必以相同的许可发布。如有任何疑问,请
与我联系
。
无盈利,不卖课,做纯粹的技术博客
以下是广告时间
推荐关注 Edi.Wang 的公众号
欢迎进入 Eleven 老师组建的 .NET 社区
以上广告全是友情推广,无盈利
CodeProject