My Rubber Ducks

Nabarun Pal — Sat, 29 Aug 2020 08:25:25 +0000

Originally published on https://blog.naba.run/posts/my-rubber-ducks/

There are times when I find myself stuck when solving any problem. This deadlock can arise due to several factors. Sometimes I need a new perspective of the problem. Sometimes I just need to go through my approach with a fresh mind.

I can ping my colleagues to get new perspectives or explain to them what I am trying to achieve. But, not always can I find someone to listen to me since everyone is busy with their work.

What I do in those situations is either

write down my approach on a piece of paper in the simplest terms, or
talk to my Rubber Ducks about the approach assuming that the ducks have ZERO knowledge about what I am doing.

I learned about the Rubber Duck debugging paradigm when reading The Pragmatic Programmer by Andrew Hunt and David Thomas. It is a gem of a book. I feel every software engineer looking to excel in their art should read the book. They discuss this method in the Debugging chapter of the book. The idea to find the cause of a problem by explaining it in very simple terms to someone else. The other person listening to you shouldn't speak a word and should just nod to what you are saying. This simple exercise of explaining your approach in very well defined and atomic steps can give you new insights to your problem.

Obviously you can't have someone with you all the time to just listen to you. And here comes the importance of inanimate objects that can't speak. They are the ideal ones that you can explain your problem to. There are some positive effects like they won't ever judge you, they are always with you no matter what happens. Having said all that, I want to introduce you to my rubber ducks:

In the front row is Goldie, then Zee, then Captain Kube and the tall bloke is Phippy. The whole gang is known as Phippy and Friends. They are always on my table looking over me and listen to me whenever I want to speak to them. I know it's a bit intimidating someone looking at you all the time, but eventually you get along with them. ;)

Do note that this method works for me, but not necessarily would it work for everyone. I always ask people to find their own debugging comfort zone.

Running Tor Proxy with Docker

Nabarun Pal — Mon, 06 Jul 2020 09:19:38 +0000

Originally published on https://blog.naba.run/posts/running-tor-proxy-with-docker/

Today I was testing dns-tor-proxy which required a SOCKS5 Tor proxy and realized I never ran a Tor service on my current machine. I use Tor browser almost daily for browsing websites I have absolutely no trust on, but not the standalone Tor proxy. In this article, I will try to set one up using the system package as well as inside a Docker container.

What is a Tor proxy?

A Tor proxy is a SOCKS5 proxy which routes your traffic through the Tor network. The Tor network ensures that any traffic originating from inside the network gets routed through atleast 3 random relays before exiting through the exit node.

It helps you to anonymize traffic, block trackers and, prevent surveillance amongst other benefits. If you are wondering who should use Tor, the answer is every person who cares about their privacy. You can read more about the architecture here.

Arch Linux

Tor is available in the Arch package repository and can be simply installed by:

# Install Tor
$ sudo pacman -S tor
...
# Start the service
$ sudo systemctl start tor

# Check whether the service is running
$ sudo netstat -tunlp | grep tor
tcp     0   0   127.0.0.1:9050  0.0.0.0:*   LISTEN  3808529/tor

We see above that installing tor through pacman set up the systemd service as well. Jump to Using the proxy for the demo.

Debian/Ubuntu

The packages in the Debian ecosystem are often outdated. To get the latest version, one almost always needs to add third-party package repositories. I am not going into detail how to install Tor in that ecosystem, since there are a lot of distribution/version combinations. The steps are well detailed in the official Tor installation docs.

Docker

We will be building a very lightweight Docker image to reduce footprint.

Let's start with the Tor configuration,

SocksPort 0.0.0.0:9050

The above should get one started with the defaults. Feel free to change the port to whatever you like. The address being listened should be 0.0.0.0 as we would be accessing the server from outside the docker container.

# set alpine as the base image of the Dockerfile
FROM alpine:latest

# update the package repository and install Tor
RUN apk update && apk add tor

# Copy over the torrc created above and set the owner to `tor`
COPY torrc /etc/tor/torrc
RUN chown -R tor /etc/tor

# Set `tor` as the default user during the container runtime
USER tor

# Set `tor` as the entrypoint for the image
ENTRYPOINT ["tor"]

# Set the default container command
# This can be overridden later when running a container
CMD ["-f", "/etc/tor/torrc"]

Let's build the image now.

$ docker build -t palnabarun/tor .
Sending build context to Docker daemon  67.58kB
Step 1/6 : FROM alpine:latest
 ---> a24bb4013296
Step 2/6 : RUN apk update && apk add tor
 ---> Using cache
 ---> a5ea632ba987
Step 3/6 : COPY torrc /etc/tor/torrc
 ---> 5b351b9847bc
Step 4/6 : RUN chown -R tor /etc/tor
 ---> Running in 1f6950f03475
Removing intermediate container 1f6950f03475
 ---> 060ded5c532c
Step 5/6 : USER tor
 ---> Running in aa0553be76dc
Removing intermediate container aa0553be76dc
 ---> d763c1181285
Step 6/6 : ENTRYPOINT ["tor"]
 ---> Running in 97fd7f9ee693
Removing intermediate container 97fd7f9ee693
 ---> 13c889f5b018
Successfully built 13c889f5b018
Successfully tagged palnabarun/tor:latest

You might also be wondering what is the image size?

$ docker image ls | grep palnabarun/tor
palnabarun/tor  latest  13c889f5b018    About a minute ago 21.1MB

The image is just a mere 21.1MB. Building docker images using Alpine Linux as base results in a very lightweight image.

Let's run the proxy.

$ docker run \
    --rm \
    --detach \
    --name tor \
    --publish 9050:9050 \ # change the port to whatever you put in the torrc
    palnabarun/tor
aef03d84628b

$ docker ps | grep tor
aef03d84628b    palnabarun/tor  "tor"   31 seconds ago  Up 30 seconds   0.0.0.0:9050->9050/tcp  tor

After sometime the Tor proxy will succesfully establish a Tor circuit and it will be ready to use.

The Tor config and Dockerfile can be found here and there is a ready to consume image on Docker Hub

Using the proxy

Let's test whether the proxy is working correctly by some simple curl calls.

The request below is not going through the proxy and hence would show your ISP provided IP address.

$ curl https://check.torproject.org/api/ip
{"IsTor":false,"IP":"49.30.XX.XX"}

Now, if we specify the Tor proxy when making the request, the IP address would be different.

$ curl --socks5 127.0.0.1:9050 https://check.torproject.org/api/ip
{"IsTor":true,"IP":"185.220.XXX.XXX"}

Also, notice the value of IsTor in both the cases, the service running at check.torproject.org knows whether the traffic was routed through the Tor network.

The very same proxy can be used in your browser by going to the Network Settings and changing to a manual proxy configuration. I, however, highly recommend to use the Tor browser if you just want to browse the internet through Tor.

Note: The IP addresses are partially redacted for privacy reasons.

If you are like me who cherishes reading RFCs, check out the following links

DEV Community: Nabarun Pal