Page MenuHomePhabricator
Feed Advanced Search

Nov 6 2019

Patrick updated subscribers of T362: systemd SystemCallFilter= containment option seccomp hardening.
Nov 6 2019, 3:34 AM · enhancement, whonixcheck, msgcollector, sdwdate, onion-grater (Control Port Filter Proxy), security, Debian version 9 codename Stretch, systemd, Whonix
Patrick closed T362: systemd SystemCallFilter= containment option seccomp hardening as Resolved.

This was done. If not, please create specific tickets where it isn't done.

Nov 6 2019, 3:34 AM · enhancement, whonixcheck, msgcollector, sdwdate, onion-grater (Control Port Filter Proxy), security, Debian version 9 codename Stretch, systemd, Whonix
Patrick closed T444: test if Ricochet IM instructions are functional as Invalid.

https://www.whonix.org/wiki/Chat#Ricochet_IM

Nov 6 2019, 3:33 AM · onion-grater (Control Port Filter Proxy), research, Whonix

Jul 8 2019

Patrick closed T631: re-enable tor-controlport-filter.service systemd hardening as Resolved.
Jul 8 2019, 9:49 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Removed a few. Would not start without openat, so kept.

Jul 8 2019, 9:49 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
madaidan added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Yay, we have ProtectSystem=strict now.

Jul 8 2019, 8:30 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Yay, we have ProtectSystem=strict now.

Jul 8 2019, 1:06 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Can we exclude ExecStartPre=/usr/lib/onion-grater-merger from systemd hardening?

Jul 8 2019, 12:53 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 7 2019

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Error back after reboot.

Jul 7 2019, 11:50 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 6 2019

madaidan added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

https://github.com/Whonix/onion-grater/blob/master/lib/systemd/system/onion-grater.service currently works without ReadWritePaths. So let's not add?

Jul 6 2019, 4:23 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

https://github.com/Whonix/onion-grater/blob/master/lib/systemd/system/onion-grater.service currently works without ReadWritePaths. So let's not add?

Jul 6 2019, 1:03 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T654: create an unMessage onion-grater profile.

Dead upstream.

Jul 6 2019, 12:28 PM · Whonix, onion-grater (Control Port Filter Proxy)

Jul 4 2019

madaidan added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

It's a file, not a folder.

Jul 4 2019, 5:09 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

https://github.com/Whonix/onion-grater/commit/8480cff304ea019b25dc49d91672e7c3f8599a07

Jul 4 2019, 7:59 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

It's a file, not a folder. Nothing in the code of
/usr/lib/onion-grater-merger writes to /usr/lib/onion-grater-merger.

Jul 4 2019, 7:41 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 3 2019

madaidan added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

I just re-read the error message. Try adding

Jul 3 2019, 5:10 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
madaidan added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

That's weird. Onion-grater is trying to write to somewhere that's being mounted read-only by systemd.

Jul 3 2019, 4:56 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 1 2019

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Merged your changes.

Jul 1 2019, 10:11 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 24 2019

Patrick edited projects for T631: re-enable tor-controlport-filter.service systemd hardening, added: Whonix 15; removed Whonix 16.
Jun 24 2019, 3:49 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 23 2019

madaidan added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Does it work after you comment ProtectSystem=strict and ReadWriteDirectories=? I think on Qubes-Whonix it is trying to write to a directory in /var/run (probably /var/run/qubes-service). I can't test as I don't use Qubes.

Jun 23 2019, 8:25 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Unfortunately not. On Qubes-Whonix. Could be Non-Qubes-Whonix vs
Qubes-Whonix?

Jun 23 2019, 7:53 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
madaidan added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Does it work using this? It looks like it needs the openat syscall which it now allows.

Jun 23 2019, 4:31 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick updated subscribers of T631: re-enable tor-controlport-filter.service systemd hardening.

Does not work yet. @madaidan

Jun 23 2019, 10:27 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Apr 6 2019

Patrick closed T879: qvm-service infrastructure does not work with whonix-gw-14 template as Wontfix.

Reducing the number of lingering, unrealistic tickets, therefore closing.

Apr 6 2019, 8:46 PM · Qubes, onion-grater (Control Port Filter Proxy), Whonix
Patrick closed T503: have sane built-in defaults even if config files are non-existing as Resolved.

https://github.com/Whonix/anon-ws-disable-stacked-tor/commit/128e2312bf58a5c1cea3eecd74d1fa0a1a194b51

Apr 6 2019, 5:17 PM · Whonix 15, tb-updater, tb-starter, open-link-confirmation, rads, onion-grater (Control Port Filter Proxy), uwt, sdwdate, whonixcheck, whonix-ws-firewall, whonix-gw-firewall, Whonix
Patrick updated the task description for T503: have sane built-in defaults even if config files are non-existing.
Apr 6 2019, 5:17 PM · Whonix 15, tb-updater, tb-starter, open-link-confirmation, rads, onion-grater (Control Port Filter Proxy), uwt, sdwdate, whonixcheck, whonix-ws-firewall, whonix-gw-firewall, Whonix

Dec 9 2018

Patrick lowered the priority of T879: qvm-service infrastructure does not work with whonix-gw-14 template from Normal to Wishlist.
Dec 9 2018, 5:52 AM · Qubes, onion-grater (Control Port Filter Proxy), Whonix

Dec 7 2018

Patrick removed a project from T444: test if Ricochet IM instructions are functional: Whonix 15.
Dec 7 2018, 12:05 PM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick removed a project from T362: systemd SystemCallFilter= containment option seccomp hardening: Whonix 15.
Dec 7 2018, 11:57 AM · enhancement, whonixcheck, msgcollector, sdwdate, onion-grater (Control Port Filter Proxy), security, Debian version 9 codename Stretch, systemd, Whonix

Oct 1 2018

Patrick placed T503: have sane built-in defaults even if config files are non-existing up for grabs.
Oct 1 2018, 1:17 PM · Whonix 15, tb-updater, tb-starter, open-link-confirmation, rads, onion-grater (Control Port Filter Proxy), uwt, sdwdate, whonixcheck, whonix-ws-firewall, whonix-gw-firewall, Whonix

Sep 20 2018

Patrick triaged T849: make onion-grater resilient if networking is down as Normal priority.
Sep 20 2018, 11:33 AM · Whonix 16, Whonix, onion-grater (Control Port Filter Proxy)

Aug 15 2018

Patrick updated the task description for T362: systemd SystemCallFilter= containment option seccomp hardening.
Aug 15 2018, 1:06 PM · enhancement, whonixcheck, msgcollector, sdwdate, onion-grater (Control Port Filter Proxy), security, Debian version 9 codename Stretch, systemd, Whonix
Patrick updated the task description for T631: re-enable tor-controlport-filter.service systemd hardening.
Aug 15 2018, 1:04 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 24 2018

Patrick added a comment to T654: create an unMessage onion-grater profile.

Ping @dau.

Jul 24 2018, 12:11 PM · Whonix, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T444: test if Ricochet IM instructions are functional.

There are up to date Whonix 14 testers versions available.

Jul 24 2018, 11:47 AM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick changed Impact from Whonix:triage to Whonix:normal on T444: test if Ricochet IM instructions are functional.
Jul 24 2018, 11:45 AM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick renamed T444: test if Ricochet IM instructions are functional from Ricochet IM to test if Ricochet IM instructions are functional.
Jul 24 2018, 11:45 AM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick updated the task description for T444: test if Ricochet IM instructions are functional.
Jul 24 2018, 11:43 AM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick reopened T503: have sane built-in defaults even if config files are non-existing as "Open".
Jul 24 2018, 5:35 AM · Whonix 15, tb-updater, tb-starter, open-link-confirmation, rads, onion-grater (Control Port Filter Proxy), uwt, sdwdate, whonixcheck, whonix-ws-firewall, whonix-gw-firewall, Whonix

May 9 2018

Patrick changed the status of T444: test if Ricochet IM instructions are functional from Open to testing-in-next-build-required.

https://github.com/Whonix/uwt/commit/907f8e1ee93a0ec47febecce3e86266c681764fa

May 9 2018, 11:48 AM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick changed the status of T444: test if Ricochet IM instructions are functional from Review to Open.
May 9 2018, 11:34 AM · onion-grater (Control Port Filter Proxy), research, Whonix

May 7 2018

Patrick added a comment to T444: test if Ricochet IM instructions are functional.

Yes, please.

May 7 2018, 7:00 AM · onion-grater (Control Port Filter Proxy), research, Whonix

May 6 2018

Tibo added a comment to T444: test if Ricochet IM instructions are functional.

I see. So without these variables set, ricochet tries to to start its
own Tor client?

Yes exactly !

May 6 2018, 11:54 PM · onion-grater (Control Port Filter Proxy), research, Whonix

May 1 2018

Patrick added a comment to T444: test if Ricochet IM instructions are functional.

Tibo (Tibo):

Tibo added a comment.

Any idea why that is required?

Yes, ricochet is looking if a control port is defined in the config file or in
the environment.
If a control port is defined, ricochet will not launch tor and will directly
connect to the control host.

May 1 2018, 12:23 PM · onion-grater (Control Port Filter Proxy), research, Whonix

Apr 30 2018

Tibo added a comment to T444: test if Ricochet IM instructions are functional.

Any idea why that is required?

Apr 30 2018, 7:57 PM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick added a comment to T444: test if Ricochet IM instructions are functional.
In T444#15959, @Tibo wrote:

The only thing missing is to set environment variable TOR_CONTROL_PORT=9151 and TOR_CONTROL_HOST="127.0.0.1".
That's all :).

Apr 30 2018, 9:57 AM · onion-grater (Control Port Filter Proxy), research, Whonix

Apr 26 2018

Tibo added a comment to T444: test if Ricochet IM instructions are functional.

This ticket is in status "needs review". Meaning, implementation is
done, but should be tested in next build.

This status is confusing and for ticket changes we'll be using
testing-in-next-build-required as status.

This ticket is in status "needs review". Meaning, implementation is

done, but should be tested in next build.

So the only remaining work here before you started working on this
ticket was:
Do the instructions in the wiki work as is? If yes, the ticket is done.

Apr 26 2018, 9:19 PM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick added a comment to T444: test if Ricochet IM instructions are functional.

Tibo (Tibo):

Tibo added a comment.

I think I misunderstood something.

Apr 26 2018, 6:29 PM · onion-grater (Control Port Filter Proxy), research, Whonix
Tibo added a comment to T444: test if Ricochet IM instructions are functional.

I think I misunderstood something.
I thought that the goal was to not use EXTERNAL_OPEN_ALL=true and just open one port on the workstation firewall.

Apr 26 2018, 10:14 AM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick added a comment to T444: test if Ricochet IM instructions are functional.

Tibo (Tibo):

Tibo added a comment.

Oh, my bad...

Probably a manual config is required because otherwise
localListenAddress is set to localhost.

Manual config is not how it is supposed to work. It worked before

Yes exactly, and also to set the localListenPort.

Apr 26 2018, 9:09 AM · onion-grater (Control Port Filter Proxy), research, Whonix
Tibo added a comment to T444: test if Ricochet IM instructions are functional.

Oh, my bad...

Apr 26 2018, 1:10 AM · onion-grater (Control Port Filter Proxy), research, Whonix

Apr 24 2018

Patrick added a comment to T444: test if Ricochet IM instructions are functional.

Tibo (Tibo):

Tibo added a comment.

So here are all the steps to make ricochet working :

Open Ricochet and close it (it will create all the config files and folders).
Then edit : *$HOME/.local/share/Ricochet/ricochet.anondist-orig/ricochet.json* :

{

"identity": {
    "dataDirectory": "data-0",
    "localListenAddress": "10.152.152.11",
    "localListenPort": 12345
},
"tor": {
    "controlAddress": "127.0.0.1",
    "controlPort": 9151,
    "socksAddress": "127.0.0.1",
    "socksPort": 9050
},
"ui": {
    "combinedChatWindow": true,
    "language": "",
    "notificationVolume": 0.75
}

}

Apr 24 2018, 10:28 AM · onion-grater (Control Port Filter Proxy), research, Whonix

Apr 23 2018

Tibo added a comment to T444: test if Ricochet IM instructions are functional.

So here are all the steps to make ricochet working :

Apr 23 2018, 10:52 PM · onion-grater (Control Port Filter Proxy), research, Whonix

Apr 19 2018

Tibo added a comment to T444: test if Ricochet IM instructions are functional.

I got Ricochet properly working.
I had some troubles with onion-grater which filtered commands needed by Ricochet.
Even with the config file provided in example :
https://github.com/Whonix/onion-grater/blob/master/usr/share/onion-grater-merger/examples/40_ricochet.yml

Apr 19 2018, 11:38 PM · onion-grater (Control Port Filter Proxy), research, Whonix

Mar 8 2018

Patrick closed T768: use symlinks rather than copy for onion-grater profiles as Resolved.

https://www.whonix.org/w/index.php?title=Template%3AControl_Port_Filter_Python_Profile_Add&type=revision&diff=33314&oldid=33276

Mar 8 2018, 2:52 PM · Whonix, onion-grater (Control Port Filter Proxy), Whonix 14

Mar 7 2018

Patrick closed T503: have sane built-in defaults even if config files are non-existing as Resolved.
Mar 7 2018, 1:22 AM · Whonix 15, tb-updater, tb-starter, open-link-confirmation, rads, onion-grater (Control Port Filter Proxy), uwt, sdwdate, whonixcheck, whonix-ws-firewall, whonix-gw-firewall, Whonix
Patrick closed T274: control-port-filter-proxy sd_notify support as Resolved.
Mar 7 2018, 1:19 AM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick closed T561: find way to have Tor ephermal hidden service using applications in Whonix-Workstation bind on all interfaces as Resolved.
Mar 7 2018, 1:08 AM · uwt, Whonix 14, Whonix, onion-grater (Control Port Filter Proxy)

Feb 27 2018

Patrick triaged T768: use symlinks rather than copy for onion-grater profiles as Normal priority.
Feb 27 2018, 12:00 AM · Whonix, onion-grater (Control Port Filter Proxy), Whonix 14

Jul 23 2017

Patrick edited projects for T631: re-enable tor-controlport-filter.service systemd hardening, added: Whonix 16; removed Whonix 14.
Jul 23 2017, 5:52 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 12 2017

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

All yes.

Jul 12 2017, 1:32 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

sudo netstal -tulpen

Jul 12 2017, 1:25 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

JasonJAyalaP (Jason J. Ayala P.):

JasonJAyalaP added a comment.

sudo apt-get remove control-port-filter-python
It wants to remove everything. I don't think 'Replaces' worked.
Jul 12 2017, 12:13 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 11 2017

JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

sudo service tor-controlport-filter stop
sudo service onion-grater start
same failure
if i try
sudo apt-get remove control-port-filter-python
It wants to remove everything. I don't think 'Replaces' worked.

Jul 11 2017, 11:11 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 9 2017

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Probably tor-controlport-filter systemd unit file (the old one) still
running and blocking the onion-grater systemd unit file.

Jul 9 2017, 2:38 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 7 2017

JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Python is choking on the line:
server = FilteredControlPortProxy(address, FilteredControlPortProxyHandler)

Jul 7 2017, 8:45 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 6 2017

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

sudo journalctl -u onion-grater

Jul 6 2017, 5:38 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

sudo service onion-grater status just tells me that it failed to load. Any clues about how to debug this?

Jul 6 2017, 12:52 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jul 1 2017

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Should be even easier since onion-grater debian/control contains
Replaces: control-port-filter-python. So just installing onion-grater
should do.

Jul 1 2017, 12:05 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Question: To install OG in whonix 14 dev, so I simply pull the repo, make deb-icup, stop the old tor control port filter proxy, and start onion grater?

Jul 1 2017, 3:00 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 28 2017

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

They happily take it if we contribute it.

Jun 28 2017, 12:11 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 27 2017

JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Tails didn't feel the need to use system call filtering?

Jun 27 2017, 6:38 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 26 2017

Patrick updated subscribers of T631: re-enable tor-controlport-filter.service systemd hardening.

Do you mean we ported it from Tails to Whonix?

Jun 26 2017, 1:33 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Using the hardening broke Tails? What do you mean?

Jun 26 2017, 10:45 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
JasonJAyalaP updated the task description for T631: re-enable tor-controlport-filter.service systemd hardening.
Jun 26 2017, 10:42 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
JasonJAyalaP placed T631: re-enable tor-controlport-filter.service systemd hardening up for grabs.
Jun 26 2017, 10:18 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 25 2017

HulaHoop added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

I haven't tested it yet and unfortunately I'm very busy these days, so cpfp apparmor work is up for grabs.

Jun 25 2017, 2:05 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 22 2017

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

@Patrick
What do we need for the next dev release for hula?

Jun 22 2017, 12:07 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
JasonJAyalaP assigned T631: re-enable tor-controlport-filter.service systemd hardening to HulaHoop.
Jun 22 2017, 3:56 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Jun 20 2017

JasonJAyalaP added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

@Patrick
What do we need for the next dev release for hula?

Jun 20 2017, 10:18 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

May 30 2017

Patrick added a comment to T654: create an unMessage onion-grater profile.

Looks good!

May 30 2017, 11:44 PM · Whonix, onion-grater (Control Port Filter Proxy)
dau added a comment to T654: create an unMessage onion-grater profile.

I talked to meejah and GETCONF SOCKSPort is only issued when it fails to use the port that was provided or the default ones. I think we could allow that and leave it up to txtorcon to query the process the right SOCKS port. That will make it easier for us to implement the automatic Tor process handling (one less thing to ask the user).

May 30 2017, 10:32 PM · Whonix, onion-grater (Control Port Filter Proxy)

May 28 2017

dau added a comment to T654: create an unMessage onion-grater profile.

Here is an update, based on the profile you provided and Ricochet's:

May 28 2017, 7:40 PM · Whonix, onion-grater (Control Port Filter Proxy)

Mar 30 2017

Patrick renamed onion-grater (Control Port Filter Proxy) from control-port-filter-python to onion-grater (Control Port Filter Proxy).
Mar 30 2017, 4:12 AM
Patrick created T654: create an unMessage onion-grater profile.
Mar 30 2017, 4:11 AM · Whonix, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T274: control-port-filter-proxy sd_notify support.

tor-controlport-filter has been renamed to onion-grater by upstream Tails.

Mar 30 2017, 3:59 AM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)

Feb 21 2017

Patrick changed the status of T274: control-port-filter-proxy sd_notify support from Open to Review.

Great work by @joysn1980 with the initial implementation.

Feb 21 2017, 7:10 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick assigned T274: control-port-filter-proxy sd_notify support to joysn1980.
Feb 21 2017, 7:00 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)

Feb 20 2017

Patrick updated the task description for T561: find way to have Tor ephermal hidden service using applications in Whonix-Workstation bind on all interfaces.
Feb 20 2017, 11:09 PM · uwt, Whonix 14, Whonix, onion-grater (Control Port Filter Proxy)

Feb 15 2017

Patrick added a project to T274: control-port-filter-proxy sd_notify support: python.
Feb 15 2017, 3:48 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick updated subscribers of T274: control-port-filter-proxy sd_notify support.
Feb 15 2017, 3:38 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick updated the task description for T274: control-port-filter-proxy sd_notify support.
Feb 15 2017, 3:31 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick updated the task description for T274: control-port-filter-proxy sd_notify support.
Feb 15 2017, 3:19 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick updated the task description for T274: control-port-filter-proxy sd_notify support.
Feb 15 2017, 3:17 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick updated the task description for T274: control-port-filter-proxy sd_notify support.
Feb 15 2017, 3:16 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)
Patrick updated the task description for T274: control-port-filter-proxy sd_notify support.
Feb 15 2017, 3:16 PM · python, Whonix 14, Debian version 9 codename Stretch, enhancement, Whonix, onion-grater (Control Port Filter Proxy)

Feb 14 2017

Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Yes, that would be great and there is still time until the final release.

Feb 14 2017, 2:13 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
HulaHoop added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

As soon as the next dev release (with the working KDE menus) is out I'll build it and start working.

Feb 14 2017, 1:41 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)

Feb 13 2017

Patrick updated the task description for T631: re-enable tor-controlport-filter.service systemd hardening.
Feb 13 2017, 8:43 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

As in the seccomp stuff?

Feb 13 2017, 8:42 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)