I found this basic recipe for Linux: https://gist.github.com/DrWhax/7871636
I believe it's possible to do the same with opnsense.
I found this basic recipe for Linux:
https://gist.github.com/DrWhax/7871636
I believe it's possible to do the same with opnsense.
I'm stuck at the resolving stage :(
I have configured torcc and unbound as described, however, any
resolution of a .onion address yields NXDOMAIN :(
a tcpdump doesnt show any query going to tor on port 9053.
Any ideas?
Not really, I never used unbound or the Tor nameserver.
Do you get the same error with dig?
(I guess you have to use the IP address of the unbound machine instead of 127.0.0.1)
Do you get the same error with dig?
(I guess you have to use the IP address of the unbound machine
instead of 127.0.0.1)
I did - no answers.
DIG shows me the soa, but it returns NS records of "localhost", when I think it should have them as the router.
If I do this on the router, it still doesnt work.
Its like unbound is not forwarding the requests ...
problems. Often I cannot reach your Taurus mailer over Tor. Could it be releated the unbound forwarding problem? Or is it just an configuration issue in unbound? You could also try dnsmasq.
problems. Often I cannot reach your Taurus mailer over Tor. Could
it be releated the unbound forwarding problem? Or is it just an
configuration issue in unbound? You could also try dnsmasq.
Not sure why you cannot connect - the tor status page (from opnsense)
does look unusual. When it first starts, it shows lots of circuits -
but I just checked again now and it only shows one. One of the
circuites shows lots of nulls.
I dont think it's related to unbound, since I have IP addresses
forwarding to binkd.
Are there commands to check its status?
problems. Often I cannot reach your Taurus mailer over Tor. Could
it be releated the unbound forwarding problem? Or is it just an
configuration issue in unbound? You could also try dnsmasq.
Not sure why you cannot connect
It's just an experiment. If it doesn't work well, we can try other options for transport encryption or go back to unencrypted connections.
Tor's status? I don't know a specific command. To check connectivity I use ncat:
Tor's status? I don't know a specific command. To check
connectivity I use ncat:
Ahh, this worked...
The bsd version is:
nc -x 127.0.0.1:9050 -X 5 <address>.onion 24554
On 11-22-19 06:51, Alterego wrote to Oli <=-
Give ZT a try. I set it up months ago, and use it on another network
with hubs,
and it just works. I dont even check it anymore.
For a focused use case such as this (transfering mail between specific endpoints), it does the job nicely.
It's just an experiment. If it doesn't work well, we can try
other options for transport encryption or go back to
unencrypted connections.
Give ZT a try. I set it up months ago, and use it on another network
with hubs, and it just works. I dont even check it anymore.
For a focused use case such as this (transfering mail between specific endpoints), it does the job nicely.
I agree, but I'm more interested in solutions that enables all nodes and points
to use encryption. With you zerotier you would have to setup many small VPNs or create a global VPN for the FTN which would be another centralized administrative structure.
I agree, but I'm more interested in solutions that enables all
nodes and points
to use encryption. With you zerotier you would have to setup
many small VPNs or create a global VPN for the FTN which would
be another centralized administrative structure.
In the same topic, if you are ejected from the network, then the ZC
can turn you off, which I imagine a few wont like, but I think it
could be a useful control point.
In this sense it probably doesnt scale well - if your intention is to
join multiple FTN networks. (But in the same context, I'd like to see
the day that you can interact with any FTN zone from any FTN zone -
then it wouldnt be an issue.)
But it doesnt need to be that way - ZT supports "public networks",
which you can join and automatically be assigned an address and
connect with something on the network.
As an example, if you join ff5fea5fea000000 that will enable two
systems to communicate over TCP port 24554 (and only that port).
useful or abuseful ...
So it's a public overlay network, but is there a way to put the node's zeronet address in the nodelist? Like a .onion or .i2p address? I found
this project which uses ztaddr and nwid directly to connect to nodes: https://nanomsg.github.io/nng/man/tip/nng_zerotier.7#_uri_format
On 11-24-19 18:28, Oli wrote to Alterego <=-
So it's a public overlay network, but is there a way to put the node's zeronet address in the nodelist? Like a .onion or .i2p address? I found this project which uses ztaddr and nwid directly to connect to nodes:
useful or abuseful ...
Well, I think useful - and I'm taking the glass half full approach.
If the "operator" was abuseful, would you still want to be part of
the network?
I dont think it is any different to somebody twitlisting you out, or
even more, firewalling you out.
This is not a public service, its a hobby with hobbiests. If the main hunchperson has morals that you dont agree with, then I'd figure you wouldnt want to be part of the group anyway...
Anyway, the glass half full approach, to me it means it becomes a
network of known (trusted?) individuals (you apply, your application
is accepted, you are authorised to connect to the network), and by definition "strangers" are out. (Strangers being script kiddies who
take fun out of denial of sevices and other activities to bring down
a service.)
this project which uses ztaddr and nwid directly to connect to
nodes:
https://nanomsg.github.io/nng/man/tip/nng_zerotier.7#_uri_format
Now this looks interesting - it looks like coms outside of the IP
stack. I wouldnt mind having a play with this - but it'll be a while
before I can think about looking at this - and I'd have some learning
to do.
Sysop: | altere |
---|---|
Location: | Houston, TX |
Users: | 66 |
Nodes: | 4 (0 / 4) |
Uptime: | 11:49:06 |
Calls: | 728 |
Files: | 7,667 |
Messages: | 295,554 |