1. Cumasaigh Nuashonruithe Bogearraí Uathoibríoch
Ceann de na rudaí is tábhachtaí chun do chuid sealaíochta a choinneáil slán ná nuashonruithe slándála a shuiteáil go tráthúil agus go hidéalach go huathoibríoch ionas nach féidir leat dearmad a dhéanamh air.
Lean na treoracha chun nuashonruithe uathoibríocha bogearraí a chumasú le do chóras oibriúcháin.
2. Suiteáil Tor
Cinntigh go ndéanann tú nuashonrú ar bhunachar sonraí na bpacáistí roimh an bpacáiste a shuiteáil, ná cuir glaoch ar apt chun é a shuiteáil:
# apk update
# apk add tor
3. Install Lyrebird
# apk add lyrebird
4. Edit your Tor config file
Copy the provided /etc/tor/torrc.sample to /etc/tor/torrc and set the following options:
BridgeRelay 1
# Cuir calafort Tor de do rogha féin in ionad "TODO1".
# Caithfidh an port seo a bheith insroichte go seachtrach.
# Seachain port 9001 mar go bhfuil baint aige le Tor go coitianta agus seans go bhfuil cinsirí ag scanadh an Idirlín don phort seo.
ORPort TODO1
ServerTransportPlugin obfs4 exec /usr/bin/lyrebird
# Cuir calafort obfs4 de do rogha féin in ionad "TODO2".
# Caithfidh an port seo a bheith insroichte go seachtrach agus a bheith difriúil ón gceann atá sonraithe do ORPort.
# Seachain port 9001 mar go bhfuil baint aige le Tor go coitianta agus seans go bhfuil cinsirí ag scanadh an Idirlín don phort seo.
ServerTransportListenAddr obfs4 0.0.0.0:TODO2
# Port cumarsáide áitiúil idir Tor agus obfs4. Socraigh seo go "uathoibríoch" i gcónaí.
# Ciallaíonn "folíne" "sínte", ní "seachtrach". Ná déan iarracht uimhir phoirt ar leith a shocrú, ná éisteacht ar 0.0.0.0.
ExtORPort auto
# Ionadaigh "<address@email.com>" le do sheoladh ríomhphoist ionas gur féidir linn teagmháil a dhéanamh leat má tá fadhbanna le do droichead.
# Tá sé seo roghnach ach spreagtar é.
ContactInfo <address@email.com>
# Roghnaigh leasainm a thaitníonn leat le do dhroichead. Tá sé seo roghnach.
Nickname PickANickname
Ná déan dearmad na roghanna ORPort, ServerTransportListenAddr, ContactInfo, agus Leasainm a athrú.
Tabhair faoi deara go gcaithfidh port OR Tor agus a phort obfs4 a bheith insroichte. Má tá do dhroichead taobh thiar de bhalla dóiteáin nó NAT, déan cinnte an dá chalafort a oscailt. Is féidir leat ár triail inrochtaineachta a úsáid le fáil amach an bhfuil do phort obfs4 insroichte ón Idirlíon.
(Optional) Allow obfs4 binding to privileged ports
If you decide to use a fixed obfs4 port smaller than 1024 (for example 80 or 443), you will need to give the Lyrebird executable CAP_NET_BIND_SERVICE capabilities so it can bind to the port without root privileges.
Install the packages libcap-setcap and libcap-getcap, then do this:
# setcap cap_net_bind_service=+ep /usr/bin/lyrebird
You can query the currently assigned capabilities by running getcap /usr/bin/lyrebird. Should you ever decide to use an unprivileged port, remember to remove the capability with setcap -r /usr/bin/lyrebird.
6. Tosaigh Tor
Now start the Tor service.
# rc-service tor start
If the service starts successfully, proceed to the next step.
7. Monatóireacht a dhéanamh ar do logs
To confirm your bridge is running with no issues, you should see something like this, usually in /var/log/tor/notices.log (default) or /var/log/messages (syslog):
[notice] Your Tor server's identity key fingerprint is '<NICKNAME> <FINGERPRINT>'
[notice] Your Tor bridge's hashed identity key fingerprint is '<NICKNAME> <HASHED FINGERPRINT>'
[notice] Registered server transport 'obfs4' at '[::]:46396'
[notice] Tor has successfully opened a circuit. Looks like client functionality is working.
[notice] Bootstrapped 100%: Done
[notice] Now checking whether ORPort <redacted>:3818 is reachable... (this may take up to 20 minutes -- look for log messages indicating success)
[notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
8. Nótaí Deiridh
Má tá deacracht agat do dhroichead a shocrú, féach ar ár rannóg cabhrach.
Má tá do dhroichead ag rith anois, seiceáil na nótaí iar-shuiteála.