mirror of https://github.com/oxen-io/oxen-core.git
parent
82cb6460ac
commit
26b24fd787
48
README.md
48
README.md
|
@ -403,54 +403,6 @@ oxen-wallet-cli, and possibly oxend, if you get crashes refreshing.
|
|||
|
||||
See [README.i18n.md](README.i18n.md).
|
||||
|
||||
## Using Tor
|
||||
|
||||
> There is a new, still experimental, [integration with Tor](ANONYMITY_NETWORKS.md). The
|
||||
> feature allows connecting over IPv4 and Tor simulatenously - IPv4 is used for
|
||||
> relaying blocks and relaying transactions received by peers whereas Tor is
|
||||
> used solely for relaying transactions received over local RPC. This provides
|
||||
> privacy and better protection against surrounding node (sybil) attacks.
|
||||
|
||||
While Oxen isn't made to integrate with Tor, it can be used wrapped with torsocks, by
|
||||
setting the following configuration parameters and environment variables:
|
||||
|
||||
* `--p2p-bind-ip 127.0.0.1` on the command line or `p2p-bind-ip=127.0.0.1` in
|
||||
oxend.conf to disable listening for connections on external interfaces.
|
||||
* `--no-igd` on the command line or `no-igd=1` in oxend.conf to disable IGD
|
||||
(UPnP port forwarding negotiation), which is pointless with Tor.
|
||||
* `DNS_PUBLIC=tcp` or `DNS_PUBLIC=tcp://x.x.x.x` where x.x.x.x is the IP of the
|
||||
desired DNS server, for DNS requests to go over TCP, so that they are routed
|
||||
through Tor. When IP is not specified, oxend uses the default list of
|
||||
servers defined in [src/common/dns_utils.cpp](src/common/dns_utils.cpp).
|
||||
* `TORSOCKS_ALLOW_INBOUND=1` to tell torsocks to allow oxend to bind to interfaces
|
||||
to accept connections from the wallet. On some Linux systems, torsocks
|
||||
allows binding to localhost by default, so setting this variable is only
|
||||
necessary to allow binding to local LAN/VPN interfaces to allow wallets to
|
||||
connect from remote hosts. On other systems, it may be needed for local wallets
|
||||
as well.
|
||||
* Do NOT pass `--detach` when running through torsocks with systemd, (see
|
||||
[utils/systemd/oxend.service](utils/systemd/oxend.service) for details).
|
||||
* If you use the wallet with a Tor daemon via the loopback IP (eg, 127.0.0.1:9050),
|
||||
then use `--untrusted-daemon` unless it is your own hidden service.
|
||||
|
||||
Example command line to start oxend through Tor:
|
||||
|
||||
```bash
|
||||
DNS_PUBLIC=tcp torsocks oxend --p2p-bind-ip 127.0.0.1 --no-igd
|
||||
```
|
||||
|
||||
### Using Tor on Tails
|
||||
|
||||
TAILS ships with a very restrictive set of firewall rules. Therefore, you need
|
||||
to add a rule to allow this connection too, in addition to telling torsocks to
|
||||
allow inbound connections. Full example:
|
||||
|
||||
```bash
|
||||
sudo iptables -I OUTPUT 2 -p tcp -d 127.0.0.1 -m tcp --dport 22023 -j ACCEPT
|
||||
DNS_PUBLIC=tcp torsocks ./oxend --p2p-bind-ip 127.0.0.1 --no-igd --rpc-bind-ip 127.0.0.1 \
|
||||
--data-dir /home/amnesia/Persistent/your/directory/to/the/blockchain
|
||||
```
|
||||
|
||||
## Debugging
|
||||
|
||||
This section contains general instructions for debugging failed installs or problems encountered with Oxen. First ensure you are running the latest version built from the Github repo.
|
||||
|
|
Loading…
Reference in New Issue