Comments (15)
@GouveaHeitor would you like nipe
containerized? If so, I can get the Dockerfile written.
This could be a cool idea. In theory, the container image can be used to help employ the use of Tor for other containerized applications. Thoughts?
from nipe.
Hi there,
Thanks à lot for this amazing tool.
I had the same idea. I forked the repo to "dockerize" nipe.
I worked on it à but today and managed to get à proper image, without errors.
However, the container doesn't start, or at least, do not last. For it to work, I have to exec bash and manualy issue the commands.
If you'd like to take à look, it's over there : Repo
from nipe.
The problems were related to iptables... I confess that I did not strive to look for the real reasons for this.
from nipe.
Yes, the idea is to have everything operating in the same container ... I think people want Nipe in this format to be able to use it as a kind of proxy in their networks ... I'm trying to work on that because many people want to use it the nipe that way.
from nipe.
Hi @naltun,
Yes, we would like to see Nipe running in a docker container! I tried to write Dockerfile a few times but I always got some problems/bugs!
If you write Dockerfile, it will be of great help!
Thx!
from nipe.
@GouveaHeitor Alright, I'll try writing a Dockerfile. I'm new to Docker, but I've written a handful of Dockerfiles.
Mind telling me what issues/complications you found when trying?
from nipe.
@GouveaHeitor that is really helpful info. Thanks!
from nipe.
A couple things I've already found:
perl nipe.pl install
isn't installing the config files. I'll look into this...iptables
isn't installed by default on the perl images I'm using. I've already fixed this by installing it via the Dockerfile.
About point 1, check this out (me inside of the container):
The exit status of perl nipe.pl install
is also 0.
About point 2, I believe that all/most perl official container runtimes are using Debian as the system. Currently I am using perl:5.28-stretch
, although I tried perl:5.28-slim-stretch
(to reduce the image size). I encountered an error here w/ CPAN modules... So for the time being I am going to move forward to the regular stretch
image. 👍
Edit for Appending notes:
- I do not think
system()
subroutine calls are working across the scripts
from nipe.
Currently running into this gem:
iptables v1.6.0: can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
Edit: Even running sudo perl nipe.pl start
throws this error. Also, I noticed that even though I receive this iptables
issue, nipe.pl
still exits with a status of 0. This may want to be changed?
from nipe.
I'm working off of this branch, by the way.
So I've gotten everything set up. I can start/stop the service, but perl nipe.pl status
, even when the service is started, gives this:
[!] ERROR: sorry, it was not possible to establish a connection to the server.
from nipe.
@GouveaHeitor @naltun ok, I just got the same error while playing around with nipe in my machine (not container). Not even a direct request to https://check.torproject.org/api/ip
with curl
worked.
What I figured out after some debugging was that I had a conflicting iptables rule with TCP/UDP output packets that Nipe set vs another component had set previously (libvirt to be more precise, related to virtualization).
The solution I found was to basically flush the whole iptable rules I had:
--flush -F [chain] Delete all rules in chain or all chains
Hence:
$ ./nipe.pl start
...
$ ./nipe.pl status
[!] ERROR: sorry, it was not possible to establish a connection to the server.
$ curl https://check.torproject.org/api/ip
curl: (6) Could not resolve host: check.torproject.org
$ ./nipe.pl stop
# iptables-save > iptable-rules.save
# iptables -F
$ ./nipe.pl start
...
$ curl https://check.torproject.org/api/ip
{"IsTor":true,"IP":"46.165.245.154"}
$ ./nipe.pl status
[+] Status: activated.
[+] Ip: 87.118.116.103
We could force a flush on iptables rules before nipe set its own rules, but I don't know how other apps rules would interact and, possibly, conflict with nipe's.
FWIW, Issue #49 was closed and was related to this specific issue. I'm going to open a new issue to further investigate it.
from nipe.
I started to develop an image for Nipe using the Dockerfile, it is available in the "develop" branch, however it is not ready yet.
I believe that because it is an isolated and restricted container, we will not face problems such as conflict of rules of other applications, only if it is something of the docker image itself.
from nipe.
@GouveaHeitor the idea is to keep both nipe and tor running on the same container? If so, yep, it may work without any problems.
I have another idea that we'll need to discus further in the near future, involving a more robust approach with VMs instead of containers (which could be included, of course :P).
from nipe.
It's still not 100% but the best image I've managed to get so far is:
FROM perl:latest
EXPOSE 9050 9061
WORKDIR /nipe
COPY . /nipe
RUN cpan install IO::Socket::SSL Try::Tiny Config::Simple JSON
RUN apt update && \
apt upgrade &&
RUN perl nipe.pl install
CMD ["perl" "nipe.pl" "start"]
CMD ["perl", "nipe.pl" "status"]
# docker run -d --cap-add=NET_ADMIN --net=host nipe
from nipe.
Thx @MrNonoss
from nipe.
Related Issues (20)
- Mac OS installation HOT 2
- Sometimes works! HOT 4
- ERROR: sorry, it was not possible to establish a connection to the server HOT 9
- Can't install on MacOS HOT 2
- Can't locate Config/Simple.pm in @INC HOT 1
- archlinux not working / double starting of tor
- I have been using for a while, and it seems sometimes it wont connect the first time. The only way i can get it to work is by stop command. sudo perl nipe.pl stop followed by a start command sudo perl nipe.pl start. Repeat it for a few times and it should work. HOT 1
- fixed. did the iptables -F command and it fixed
- Do I need this to run in the background? HOT 1
- App a downloader HOT 1
- Nipe doesn't change the ip address after restarting HOT 2
- can we have it on OpenSuse? :) HOT 1
- Didmasdos1na
- TIGERVIRUS 2.3
- Add a SAST to the pipeline
- Add SCA to monitor dependencies
- Add unit tests
- cpanm --installdeps . command not working. gives the following... HOT 1
- Feature: Add snowflake or other obfuscation method
- [!] ERROR: sorry, it was not possible to establish a connection to the server. HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nipe.