summaryrefslogtreecommitdiff
path: root/README.md
blob: 6ee442f3c20298016e0329ac200ba383dc507cfb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
### tor-fw-helper - Go language tor-fw-helper rewrite.
#### Yawning Angel (yawning at torproject dot org)

This is a tor-fw-helper rewrite in Go that functions as a drop in replacement
for the original C code.

Features:
 * Interface compatibility with the C tor-fw-helper.
 * UPnP based NAT traversal.
 * NAT-PMP based NAT traversal.

Limitations:
 * go-fw-helper's "-T" option does not write to the log file.
 * As the helper needs to be able to receive UDP packets, the local firewall's
   config may need to be altered.
 * Lease times are hardcoded to "0" for UPnP (Indefinite/1 week depending on
   the UPnP version) and 7200 seconds for NAT-PMP.  RFC 6886 includes dire
   warnings about broken UPnP implementations that freak out for non-"0" lease
   times.

TODO:
 * Maybe also support PCP.  Technically everything that speaks PCP should also
   speak NAT-PMP, so this is relatively low priority.

Further Reading:
 * http://www.upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.0-20080424.pdf
 * http://www.upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf
 * http://www.upnp.org/specs/gw/UPnP-gw-InternetGatewayDevice-v2-Device.pdf
 * http://www.upnp.org/specs/gw/UPnP-gw-WANIPConnection-v2-Service.pdf
 * https://tools.ietf.org/html/rfc6886