[Whonix-devel] [Tails-dev] Tails control port filter proxy in Whonix?

Patrick Schleizer patrick-mailinglists at whonix.org
Wed Jan 25 22:11:00 CET 2017


>> One minor bug, I think, first line is supposed to be
>>
>> #!/usr/bin/python3 -u (not -v)
>
> That error was not present in the code I looked at. Strange.

Probably by the time you looked at it, Joy already fixed it. Anyhow.
It's looking alright now.

>> Please take:
>>
>> - #!/usr/bin/python3 -u (makes eventual python exceptions and up in
>> journal) - Use yml.safe_load and Python exceptions in journalctl -
>> add --listen_interface option
>
> These were the commits I imported.
>

Great!

anonym:
> Patrick Schleizer:
>> Hello anonym!
>> 
>> anonym:
>>> Feel free to send a PR with your other changes applied to
>>> tor-controlport-filter in Tails Git! Otherwise I'll do it myself
>>> later this week.
>> 
>> Joy rebased Whonix's changes on top of your new version.
>> 
>> base: 
>> https://git-tails.immerda.ch/tails/plain/config/chroot_local-includes/usr/local/lib/tor-controlport-filter
>>
>>
>> 
fork:
>> https://github.com/joysn/control-port-filter-python/blob/master/usr/lib/tor-controlport-filter
>>
>>
>> 
The diff looks simple, I guess.
> 
> If you see my email from earlier today, I already did this:
> https://mailman.boum.org/pipermail/tails-dev/2017-January/011190.html
>
> 
>> Please ignore:
>> 
>> - config parser changes
> 
> I did!
> 
> However, in your repo I still see that commit bed6399b contains the
> merge_yml() code. You are gonna do that externally, right? However,
> the commit talks about "add /etc/tor-controlport-filter.d
> configuration support", so perhaps it was a mistake (i.e. you wanted
> to add a `--filter-dir` option, but picked the wrong commit)?
> 

Created https://phabricator.whonix.org/T617 for it.

What's next? What else? :)

Can we implement /usr/lib/tor-controlport-filter-merger directly in
https://github.com/Whonix/control-port-filter-python or would you prefer
if we implement that elsewhere? Should we implement the systemd override
to actually use it in Whonix elsewhere? If done right, if we move the
Whonix config into another Whonix package, it would not interfere with
Tails.

I'll take
https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/etc/tor-controlport-filter.d?h=feature/12173-end-whonix-controlport-filter-fork
and add to https://github.com/Whonix/control-port-filter-python ? Then
you should be able to build and install that package on Tails if you wish.

(lintian --pedantic warning free as well as most likely reproducible on
stretch.)

Cheers,
Patrick


More information about the Whonix-devel mailing list