[Whonix-devel] transparent i2p integration

Thu Jul 12 08:29:00 CEST 2018

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi GammaSQ!

Thank you for working on i2p-Whonix!

> I'm uncertain as to how to setup tor. Currently, I use tor with 
> commandline-option --TransPort 9050; would that handle reseeding 
> via SOCKS as well, or do I need to start Tor with --SocksPort set? 
> (I guess Port 9050 is configured somewhere in whonix. Where?)

To answer the question, you may find the output of anon-verify -v
helpful to you in Whonix-Gateway (Whonix 14+):

/===================================================================\
|                 Used Tor Configuration Files                      |
\===================================================================/
5 files are used as Tor configuration files:
/usr/share/tor/tor-service-defaults-torrc /etc/tor/torrc
/etc/torrc.d/95_whonix.conf
/usr/local/etc/torrc.d/40_anon_connection_wizard.conf
/usr/local/etc/torrc.d/50_user.conf
/===================================================================\
|                Verbose Tor Configuration Parsing                  |
\===================================================================/
The Tor configuration files are parsed in such order:
===> Parsing /usr/share/tor/tor-service-defaults-torrc
DataDirectory /var/lib/tor
PidFile /var/run/tor/tor.pid
RunAsDaemon 1
User debian-tor
ControlSocket /var/run/tor/control GroupWritable RelaxDirModeCheck
ControlSocketsGroupWritable 1
SocksPort unix:/var/run/tor/socks WorldWritable
SocksPort 9050
CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /var/run/tor/control.authcookie
Log notice file /var/log/tor/log
DisableNetwork 1
Log notice syslog
Log notice file /run/tor/log
mapaddress 1.1.1.1 k54ids7luh523dbi.onion
mapaddress 2.2.2.2 gbhpq7eihle4btsn.onion
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 10.137.11.1:9040
DnsPort 10.137.11.1:5300 IsolateDestPort
SocksPort 10.137.11.1:9050
SocksPort 10.137.11.1:9100
SocksPort 10.137.11.1:9101 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9102 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9103 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9104
SocksPort 10.137.11.1:9105 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9106 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9107 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9108 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9109 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9110 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9111
SocksPort 10.137.11.1:9112
SocksPort 10.137.11.1:9113
SocksPort 10.137.11.1:9114 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9115 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9116 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9117 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9118 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9119
SocksPort 10.137.11.1:9120 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9121 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9122
SocksPort 10.137.11.1:9123
SocksPort 10.137.11.1:9124
SocksPort 10.137.11.1:9125
SocksPort 10.137.11.1:9150 IPv6Traffic PreferIPv6
KeepAliveIsolateSOCKSAuth
SocksPort 10.137.11.1:9152 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9153
SocksPort 10.137.11.1:9154
SocksPort 10.137.11.1:9155
SocksPort 10.137.11.1:9156
SocksPort 10.137.11.1:9157
SocksPort 10.137.11.1:9158
SocksPort 10.137.11.1:9159
SocksPort 10.137.11.1:9160 IsolateDestAddr
SocksPort 10.137.11.1:9161 IsolateDestAddr
SocksPort 10.137.11.1:9162 IsolateDestAddr
SocksPort 10.137.11.1:9163 IsolateDestAddr
SocksPort 10.137.11.1:9164 IsolateDestAddr
SocksPort 10.137.11.1:9165 IsolateDestAddr
SocksPort 10.137.11.1:9166 IsolateDestAddr
SocksPort 10.137.11.1:9167 IsolateDestAddr
SocksPort 10.137.11.1:9168 IsolateDestAddr
SocksPort 10.137.11.1:9169 IsolateDestAddr
SocksPort 10.137.11.1:9170 IsolateDestPort
SocksPort 10.137.11.1:9171 IsolateDestPort
SocksPort 10.137.11.1:9172 IsolateDestPort
SocksPort 10.137.11.1:9173 IsolateDestPort
SocksPort 10.137.11.1:9174 IsolateDestPort
SocksPort 10.137.11.1:9175 IsolateDestPort
SocksPort 10.137.11.1:9176 IsolateDestPort
SocksPort 10.137.11.1:9177 IsolateDestPort
SocksPort 10.137.11.1:9178 IsolateDestPort
SocksPort 10.137.11.1:9179 IsolateDestPort
SocksPort 10.137.11.1:9180 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9181 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9182 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9183 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9184 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9185 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9186 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9187 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9188 IsolateDestAddr IsolateDestPort
SocksPort 10.137.11.1:9189 IsolateDestAddr IsolateDestPort
TransPort 127.0.0.1:9041
DnsPort 127.0.0.1:5400
SocksPort 127.0.0.1:9100
SocksPort 127.0.0.1:9101 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9102 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9103 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9104
SocksPort 127.0.0.1:9105 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9106 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9107 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9108 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9109 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9110 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9111
SocksPort 127.0.0.1:9112
SocksPort 127.0.0.1:9113
SocksPort 127.0.0.1:9114 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9115 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9116 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9117 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9118 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9119
SocksPort 127.0.0.1:9120 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9121 IsolateDestAddr IsolateDestPort
SocksPort 127.0.0.1:9122
SocksPort 127.0.0.1:9123
SocksPort 127.0.0.1:9124
SocksPort 127.0.0.1:9125
SocksPort 127.0.0.1:9150 IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAut
h
===> Done parsing /usr/share/tor/tor-service-defaults-torrc
===> Parsing /etc/tor/torrc
%include /etc/torrc.d/95_whonix.conf
===> Parsing /etc/torrc.d/95_whonix.conf
%include /usr/local/etc/torrc.d/40_anon_connection_wizard.conf
===> Parsing /usr/local/etc/torrc.d/40_anon_connection_wizard.conf
DisableNetwork 0
===> Done parsing /usr/local/etc/torrc.d/40_anon_connection_wizard.conf
%include /usr/local/etc/torrc.d/50_user.conf
===> Parsing /usr/local/etc/torrc.d/50_user.conf
===> Done parsing /usr/local/etc/torrc.d/50_user.conf
===> Done parsing /etc/torrc.d/95_whonix.conf
===> Done parsing /etc/tor/torrc
=====================================================================

Apart from the configuration files, Tor is started by systemd in Whonix
14 by default:

> user at host:~$ grep -r -i "ExecStart=" 
> /lib/systemd/system/tor at default.service ExecStart=/usr/bin/tor 
> --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f 
> /etc/tor/torrc --RunAsDaemon 0

Hope this will be helpful to you!

Best Regards,
iry
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzKSpZKlpRovTotu+oUtNvG3N1TwFAltG9SQACgkQoUtNvG3N
1TwFuxAAuiFLvjAhACmzw0qvRjrWYo0+H5/mzEuPo24hINN1B/j9zejVPdj6fXff
no/+URNS7ZGeHS7o61yZtejRh3nmC08sT1KMamvDZXwaj9X5IbFWN+AHHoKEOE0K
YyQ9hux9WCw4e/q9/GOHxb/6czi/nf5bE86BmpOXN23UXTCAmF1w6RU74Bc6l2Bh
qYpNV94Va3IFiWTbDmT/mi7RKg8T91Fckh9Z4Z5OcUGReKwz4E8ZKemkAq83g6MR
aQ33kbMxcSy6wvCQfSH4mksB/jsEcRE9uT0gNVmC7z0cPXnRzf4IWt0LJEABB1OT
LGVp3nXkI+o1TFd7o5juFE134WpjEa5pgIbDbdEmySQVE1NnlwfPtFsD5WtnRA5Y
aH8Dc7TzueP4m/EKc6u+TBzBGOKPCorOl3irdfCLoUNfBoUQodoIV9rfE0qH/hB5
r1Xnimrgricy2FCdZPXhadbnfs5qrOjA2MLJoX2NAz3K6wCDONg8im/9+/rCqh6A
4Kiv+DlaK/sY5pUWHxXY68c36OL8Wl1BcSedOBH/bXFrUMFqwuMbjpz3zkcUsQkF
ai7Kzk+fT7pFzG3lCNHskYvMvEcctR2+Pkn2tYUR4LVKvD5ZWjdgLhWn/qTGnq+4
gVq64JZiPLO0G8JBCxucx4VnhmGxERvzLcMYDq/f/Da9AVBmm8k=
=UOiv
-----END PGP SIGNATURE-----