Tor over VPN functionality #1512
Conversation
|
So I am trying to understand the high level feature that you implementing. The checkbox [x] Tor/Redirects all VPN traffic over Tor is not clear enoujgh what checking that box means. Is VPN traffic the tunnelled traffic or is this the traffic the VPN packets themselves? I would be better to make this a clearer indications what the different layers are here. |
|
All apps traffic is routed through Orbot (127.0.0.1:9050), except for Orbot traffic, which is routed through OpenVPN connection. I understand that you want me to make this checkbox description more understandable. What about "Redirects all traffic through Tor while Tor traffic is redirected through OpenVPN"? |
|
Is the API that you use with Orbot documented somewhere? |
|
Thanks for your review! I'll start working on those mistakes shortly |
|
Hello, @schwabe! I've done some refactoring according to your comments, also I had to do some optimization in order to increase connection speed. Now it's working a lot better. Though I've encountered a problem that after some time Orbot changes exit node (identity), I will contact Orbot developers to help me with it, because I'm not sure that it's a normal behavior. Also I had to add a list of public tor nodes to get rid of expensive getConnectionOwnerUid call. I hope it looks better now :) |
It's not documented. I got it from here https://github.com/guardianproject/orbot/blob/9f230c73e9f2ac11d8f6cbd998077896e3bcbb09/orbotservice/src/main/java/org/torproject/android/service/vpn/OrbotVpnManager.java |
|
Also if you think it would be an appropriate solution, I could add functionality of updating public tor nodes |
|
@schwabe so, what do you think? |
|
The patch is quite large and I did not really have time to look into it in detail. |
Sure. If you want me to change something or more in-depth explanation of this patch, just let me know! :) |
|
Hello, @schwabe ! Any updates on this PR? :) |
schwabe
force-pushed
the
master
branch
4 times, most recently
from
2290b8d
to
f010753
Compare
Hello! This changes add functionality of routing all applications' traffic through VPN and then Tor network (Your device -> VPN -> Tor).
Why?
In some countries it is illegal or suspicious to use Tor, therefore such countries block access to Tor. This means that such group of people should hide the fact of using Tor from ISP in order not to draw unwanted attention to their traffic.
And if your VPN server is configured properly it will increase your anonymity.
Related links: https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#vpnssh-fingerprinting, https://www.whonix.org/wiki/Bridges#cite_ref-2, https://tor.stackexchange.com/questions/559/vpn-versus-bridges
This functionality will also help in beating Android's limitation of one active VPN connection on devices for people who want to use OpenVPN and Orbot at the same time.
Screenshots
Issues
That's the only related issue I've found so far #1074
P.S.
I'm new to Android development and contributing to open-source therefore I assume that my code may contain flaws. I will be happy to fix those flaws if you'll kindly point out to them.
Thanks! I really hope that you'll like this contribution and it will be merged