This is an un-tested (possibly unfinished) modification to the conjure station which should allow clients to use conjure on ports other than 443 (note: registration still occurs on 443). The client should select the port and include it in the Protobuf sent to the station. In order to get this running, the following should be done:
- Compile proto/signalling.proto into proto/signalling.rs (and signalling.pb.go in the gotapdance repo).
- Modify client to choose port and include in protobuf sent to station during registration (probably set up as a debugging mode first).
- Test client-station connectivity and whether port selection works, and implement fixes if it doesn't.
Refraction Networking is a free-to-use anti-censorship technology, that places proxies at Internet Service Providers, so they are harder to block. This repository implements the conjure stations system including various registration channels, transport protocols, and configuration options.
Refraction Client Library - pure golang client library for connecting to refraction systems. Implements BOTH conjure and tapdance.
Tapdance Station - Tapdance station code implementing the previous iteration of refraction networking development.
This is an abridged install and configuration process, for expanded install instructions, configuration options, or multi-station deployments see the wiki.
Building the station requires both go and rust:
Install packages and go libraries
sudo apt install wget git make gcc bison flex protobuf-compiler curl libssl-dev pkg-config libgmp3-dev libzmq3-dev
go get -d -u -t github.com/refraction-networking/gotapdance/...
# Due to compatibility issue with redis v8 -- checkout the stable 7.4.0 go library version.
go get -d github.com/go-redis/redis
cd ${GOPATH}/src/github.com/go-redis/redis && git checkout tags/v7.4.0 -b v7-master
Install PF_RING
-
- if installing from git / source make the zbalance_ipc executable, and ensure that it is available through your
$PATH
.
- if installing from git / source make the zbalance_ipc executable, and ensure that it is available through your
make
## future
# sudo make install
To run a station configuration modifications are required. This section outlines some minimal changes, for more configuration options see the wiki configuration page.
-
Define global paths, core usage, and pf_ring parameters in
sysconfig/conjure.conf
# ============[ REQUIRED ]============ # The interface(s) which PF_RING Zero Copy will tap. CJ_IFACE="zc:enp179s0f0,zc:enp179s0f1" Public addresses that of non-tap interface - used for kernel DNAT IP4_ADDR="<PUBLIC_STATION_V4_ADDRESS>" IP6_ADDR="<PUBLIC_STATION_V6_ADDRESS>"
Note: ipv6 in disabled by default. To enable IPv6 modify
application/config.toml
# Allow the station to opt out of either version of internet protocol to limit a # station to handling one or the other. For example, v6 on small station deployment # with only v6 phantom subnet, v4 only on station with no puvlic v6 address. enable_v4 = true -enable_v6 = false +enable_v6 = true
-
Define application parameters in
application/congfig.toml
# ============[ REQUIRED ]============ ## Detector [[connect_sockets]] address = "ipc://@detector" type = "NULL"
-
Define the phantom subnet generations that will be supported (this can be updated going forward with new generations) in
sysconfig/phantom_subnets.toml
[Networks] [Networks.1] Generation = 1 [[Networks.1.WeightedSubnets]] Weight = 9 Subnets = ["192.122.190.0/24", "2001:0123:4567:89ab::/64"] [Networks.2] Generation = 2 [[Networks.2.WeightedSubnets]] Weight = 9 Subnets = ["192.0.0.0/24", "2001:0123:4567:89ab::/64"] [[Networks.2.WeightedSubnets]] Weight = 1 Subnets = ["2001:0123:4567:89ab::/96"]
Conjure relies on the kernel to handle provide DNAT to establish these rules we need to configure and run the environment configuration script.
After defining IP4_ADDR
, IP6_ADDR
, and core usage parameters in the
conjure.conf
file run the on-reboot.sh
script to initialize all required
interfaces and rules.
./on-reboot.sh
Generate station keys using the libtapdance tools
cd libtapdance && make genkey
./libtapdance/genkey
mv libtapdance/{priv,pub}key sysconfig/
Copy (or link) the systemd service configurations to the appropriate location
sudo cp sysconfig/*.service /etc/systemd/system/
sudo systemctl enable zbalance
sudo systemctl enable conjure-app
sudo systemctl enable conjure-det
# if enabling and supporting registration api or multi-station registration sharing
sudo systemctl enable conjure-registration-api
Start the station.
# zbalance has to be first or the detector will throw an error
systemctl start zbalance
# Next start the detector and station application processes
systemctl start conjure-det
systemctl start conjure-app
# if enabling and supporting registration api or multi-station registration sharing
systemctl start conjure-registration-api