New Anonsurf version is here! We need you to test it out and help us spotting bugs
Previous tests and reports done by @dmknght are here: Testing for AnonSurf 2.13.8
For every informations, contact Nong Hoang “DmKnght” Tu at [email protected]
Use the following template to test and report:
Parrot - AnonSurf quality test [0.10]
- Nong Hoang “DmKnght” Tu [email protected]
- Date: 05/07/2020 (DD/MM/YYYY)
Report
- [Your name and email]
- Date: [02/07/2020 (DD/MM/YY)]
- Version: [anonsurf_3.0.2+parrot2 (job 2009)]
1. Installation
Goal
- Install with no problem
- Give solutions if install failed
- Check dependencies, version name
- systemd doesn’t enable AnonSurf at boot during installation
Known issues
Problem | Solution |
---|---|
Torrc is missing at /etc/tor/torrc
|
sudo touch /etc/tor/torrc then upgrade / install |
a) [User] [Installer] Use deb file
- Download deb file was built by nest CI script. For example: https://nest.parrotsec.org/packages/tools/anonsurf/-/jobs/2029/artifacts/download
- I’ll give most stable deb file URL for the test.
Excpected | Install without error |
Notice | Any error |
b) [Dev] [Builder] Use devscripts to make new deb file
- Install
devscripts
,nim
and other requirements for Debian packaging - Clone
https://nest.parrotsec.org/packages/debian/libnim-gintro-dev
- Clone AnonSurf
https://nest.parrotsec.org/packages/tools/anonsurf/
- Use
debuild -us -uc -b
to make debian package from source. Testers need to installlibnim-gintro-dev
before makinganonsurf
- Install from deb file
sudo dpkg -i <anonsurf.deb>
Excpected | Install without error |
Notice | - Error or warn while building |
- Missing dependencies | |
- Debian standard |
c) Result (example)
| Installation | Problem |
– | |
---|---|
I used deb file from… version 2.13.x | Installation failed, missing torrc |
I ran debuild -us -uc -b | - Install failed missing package X |
- Warn litian binary not in package |
2. User experiences
Goal: How users use software for the first time
- Description in package (apt show): Do we have enough description in it?
- Help page: enough information? Can new user understand and use it? Grammar
- Man page: Enough information? Can user understand it? grammar
- [Dev] Can user or dev understand the basic concept of AnonSurf (how it works)
- [Dev] Can dev understand the code structure design, and be a new contributor
Result
-
[ ] Description in
apt show anonsurf
is good. Anything wrong write here -
[ ] Help page from AnonSurf command is good
- [ ] Show clear version, contact information
- [ ] User can understand the program, copyright, …
- [ ] Do not take so much space
- [ ] All commands are easy to understand
- [ ] No feature is missing features
- [ ] No old features need to remove
- [ ] No grammar error
- … Anything wrong write here
-
[ ] Manpage of AnonSurf (
man anonsurf
) is good- [ ] Name and usage is easy to read and understand
- [ ] Description explain well
- [ ] No feauture is missing
- [ ] No old feature need to remove
- [ ] Grammar error
- … Write anything wrong here
4. Usage
1. Core features
a) Commands
-
start
will connect the machine to Tor network. Must not run when anonsurf is running. -
stop
will stop Tor connection. Must run when anonsurf is running. -
restart
stop and start anonsurf again. Must run when anonsurf is running.
b) Workflow
-
Start: execute AnonSurf start command
-
AnonSurf script call
make-torrc
binary which- Ask if user wants to kill some apps and clear cache
- Generates new hash and password
- Save hash to torrc, save torrc to
/etc/tor/torrc
. It uses/etc/anonsurf/torrc.base
for core configurations and generate some configurations base on current connection - Save password in cleartext to
/etc/anonsurf/nyxrc
so we can use it for ControlPort
- Save hash to torrc, save torrc to
- Start
tor
service. Tor now use new configuration in/etc/tor/torrc
we’ve generated - Start AnonSurf daemon
-
AnonSurf daemon script is anonsurfd which actually is a bash script that
- Clear IPTables rules (TODO we use other way to do it easily later)
- Create backup of resolv.conf and use localhost only (call
/usr/bin/dnstool
) - Disable IPv6 on system
- Create IPTables rules to forward all trafic to Tor
- Only allow traffic by Tor user go to internet
c) Verify, troubleshooting
- Tor can connect to network (
anonsurf myip
show IP and “You are connected to tor”) -
anonsurf status
call nyx and show network bandwitch - Use browser normally (need to confirm other protocols)
-
/etc/resolv.conf
must benameserver 127.0.0.1
- Iptables must have ruleset (need verify and confirm here by anybody knows IPTables)
"
-A OUTPUT -d 192.168.0.0/16 -j ACCEPT
-A OUTPUT -d 172.16.0.0/12 -j ACCEPT
-A OUTPUT -d 10.0.0.0/8 -j ACCEPT
-A OUTPUT -d 127.0.0.0/9 -j ACCEPT
-A OUTPUT -d 127.128.0.0/10 -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -m owner --uid-owner 109 -j ACCEPT
-A OUTPUT -j REJECT --reject-with icmp-port-unreachable
" - Trouble shooting:
-journalctl -b -u <service name>
to show error log. For examplejournalctl -b -u [email protected]
-netstat -antp
to show open ports. Tor must open 9050, 9051, 9040
- Verify DNS, IPTables rules
2. Extras features
a) Commands
- status: Use nyx command with pre-written password to “watch” the bandwitch AnonSurf must be running
- changeid: Auto change current nodes AnonSurf must be running
- myip: Display current IP Adress and Tor status. Doesn’t require AnonSurf is running
- status-boot: Display if AnonSurf daemon is enabled at boot Doesn’t require AnonSurf is running
- enable-boot / disable-boot: Enable / disable AnonSurf at boot Doesn’t require AnonSurf is running
- dnstool: Go to be standalone tool. Must use stand-alone test case with similar format Doesn’t require AnonSurf is running
5. Test AnonSurf
a) Before start
- [ ] Run `dnstool status` show current DNS settings (not localhost or Under AnonSurf connection)
- [ ] Run `anonsurf myip` show current IP Address and "Not connect to Tor"
- [ ] Run `anonsurf changeid` shows Anonsurf is not running.
- [ ] Run `anonsurf status` shows `AnonSurf is not running!`
**...Write anything wrong here...**
- **dnstool shows wrong status...**
b) Start
-
Run
sudo anonsurf start
- [ ] Can anonsurf start? All services (tor, anonsurfd is actived)
- [ ] All configurations is good after start
- [ ] run
dnstool status
, showUnder AnonSurf
- [ ] resolv.conf is having only
nameserver 127.0.0.1
- [ ]
/etc/tor/torrc
is having valid config (tor --verify-config -f /etc/tor/torrc
) - [ ] Tor control ports are opens
- [ ] IPTables is having custom rules (See list of custom rules above)
- [ ] run
- [ ]
anonsurf myip
shows IP Address andYou are connected to Tor
- [ ]
sudo anonsurf start
shows anonsurf is running
…Write anything wrong here… - I see warning when start…
-
Run
anonsurf changeid
- [ ] Terminal shows responses of Control port (250)
- [ ]
anonsurf myip
shows new IP Address andYou are connected to Tor
…Write anything wrong here… - Can’t not change ID…
-
Run
sudo anonsurf restart
- [ ] All service (tor ,anonsurfd) is restared
- [ ]
anonsurf myip
show new IP and still under Tor network - [ ]
/etc/tor/torrc
has new hash
…Write anything wrong here… - Can’t not restart service…*
c) Stop
-
Stop AnonSurf by user
- [ ] All configurations is good after stop
- [ ]
dnstool status
doesn’t showlocalhost
orunder anonsurf
- [ ]
/etc/resolv.conf
has the same configuration before start anonsurf - [ ] All services are stopped (tor, anonsurfd)
- [ ] Tor control ports are closed
- [ ] iptables no longer has the rules (See list of custom rules above)
- [ ]
- [ ]
anonsurf myip
show current IP Address and “Not connect to Tor” - [ ]
anonsurf status
showsAnonSurf is not running!
- [ ]
anonsurf changeid
shows AnonSurf is not running. - [ ]
sudo anonsurf stop
shows AnonSurf is not running - [ ]
sudo anonsurf restart
shows AnonSurf is not running
…Write anything wrong here… - Stop doesn’t restore this setting…*
- [ ] All configurations is good after stop
-
Stop by rebooting (Disabled start at boot)
This is stand-alone test after start anonsurf. Run the reboot- [ ] All configurations is good after reboot
- [ ]
dnstool status
doesn’t showlocalhost
orunder anonsurf
- [ ]
/etc/resolv.conf
has the same configuration before start anonsurf - [ ] All services are stopped (tor, anonsurfd)
- [ ] Tor control ports are closed
- [ ] iptables no longer has the rules (See list of custom rules above)
- [ ]
- [ ]
anonsurf myip
show current IP Address and “Not connect to Tor” - [ ]
anonsurf status
showsAnonSurf is not running!
- [ ]
anonsurf changeid
shows Anonsurf is not running.
…Write anything wrong here… - Reboot doesn’t restore this setting…*
- [ ] All configurations is good after reboot
d) Boot commands
- [ ] After installation and no custom enable / disable boot. `anonsurf status-boot` show `AnonSurf is disabled`
**...Write anything wrong here...**
- **It is showing wrong status...***
-
Enable boot
- [ ] Run
sudo anonsurf enable-boot
, terminal shows create symlink - [ ]
anonsurf status-boot
showAnonSurf is enabled!
- [ ] Run
sudo anonsurf enable-boot
again, terminal showsAnonsurf is already enabled
- [ ] Reboot system, AnonSurf starts at boot
- [ ] Can anonsurf start? All services (tor, anonsurfd is actived)
- [ ] All configurations is good after start
- [ ] run
dnstool status
, showUnder AnonSurf
- [ ] resolv.conf is having only
nameserver 127.0.0.1
- [ ]
/etc/tor/torrc
is having valid config (tor --verify-config -f /etc/tor/torrc
) - [ ] Tor control ports are opens
- [ ] IPTables is having custom rules (See list of custom rules above)
- [ ] run
- [ ]
anonsurf myip
shows IP Address andYou are connected to Tor
Test change idanonsurf changeid
- [ ] Terminal shows responses of Control port (250)
- [ ]
anonsurf myip
shows new IP Address andYou are connected to Tor
Test restartsudo anonsurf restart
- [ ] All service (tor ,anonsurfd) is restared
- [ ]
anonsurf myip
show new IP and still under Tor network - [ ]
/etc/tor/torrc
has new hash
…Write anything wrong here…
- Start at boot doesn’t work…*
- [ ] Run
-
Disable boot
Runsudo anonsurf disable-boot
- [ ] If AnonSurf wasn’t enabled, it shows
AnonSurf wasn't disabled. Nothing to disable!
- [ ] If AnonSurf was enabled, it shows
Remove symlink
…Write anything wrong here… - It can’t disable AnonSurf at boot…
- [ ] If AnonSurf wasn’t enabled, it shows
Reboot system after sudo anonsurf disable-boot
. Enable-boot was enabled before
- [ ] All configurations is good after reboot
- [ ] dnstool status
doesn’t show localhost
or under anonsurf
- [ ] /etc/resolv.conf
has the same configuration before start anonsurf
- [ ] All services are stopped (tor, anonsurfd)
- [ ] Tor control ports are closed
- [ ] iptables no longer has the rules (See list of custom rules above)
- [ ] anonsurf myip
show current IP Address and “Not connect to Tor”
- [ ] anonsurf status
shows AnonSurf is not running!
- [ ] anonsurf changeid
shows Anonsurf is not running.
**...Write anything wrong here...**
- *** This setting doesn't work***