v0.1.0
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE1MTdYA1m9lqO/FEeGPNoXAAiv/MFAlpLoBUACgkQGPNoXAAi
v/MUcRAAvuioT9UYwwIs4CAu3dOGte3ETdbBwRd5rNzZP5SqpHVvHvG+j3z5IFaq
VJg40GwESCSFL569H+DtNqWt0/EyQW/exqoXpGFPBvE7GUuyF/WECP5lgV/u1gn5
2+vRpma0oNkRCRRsTXIqgavAYc2OW0iBZbLP6xnPUL7N1mmlhp7sZqkY306ohn4m
K9LSnfdXf36qlEF7w7PTTmnsxOYkzeessNk4xhFWrYLkZL9DyRSbGNhtRTXVlrcA
hvB89Xf70WSwnuIXRrEDiA3uA3V0CjAU3iZQcWyw8hATCPiXZ4pOsdqaaxW8oW/l
dJm0UjYp1t7+Ojozi5Lv5yCHJmhFtNzbswImzqf98bgDR6wxIfNKoL4g/FkW2jBg
VoVueFdRo7aAOeB6lap93X5u4KGapp2r4zg2HdAjMRT+7oo2N353jYSt1RHD7YGC
cNdKOftEuxRs+zcPCk5CButE8e22bcb8yu9GoxCnDCPdyCSvNj4ZAZRrxSocRvhV
HAG8kkJrnRGhtW+UZvGc9k+7qILvoOvvS8g+RNwRqyFTuNDmGtapYHr/1mett2hb
bOX26IHLj/kCXTd9H1wZg3V92y9BW6mywkaPf/6vb+1IU5e7iLT5yx8vTZ2YpF4N
UDX/J55L5QtLXF/O2X3SxXPN0yFmjqcxufZLTqzykBwZAQZmnUk=
=ZGzw
-----END PGP SIGNATURE-----
Bump version to v0.1.0

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
2 files changed
tree: 8316d724c8bb8c200184736687311a5b0f0ac97b
  1. .gitignore
  2. .travis.yml
  3. Dockerfile
  4. Dockerfile.test
  5. Gopkg.lock
  6. Gopkg.toml
  7. LICENSE
  8. Makefile
  9. README.md
  10. VERSION
  11. hack/
  12. main.go
  13. tor/
  14. vendor/
  15. version/
README.md

onion

Travis CI

Tor networking plugin for docker containers

Installation

Binaries

Via Go

$ go get github.com/jessfraz/onion

Usage

NOTE: Make sure you are using Docker 1.9 or later

WARNING: Use with caution this is still under active development

WARNING: By default all outbound udp traffic in the network should be blocked because it will not be routed through tor.

Start the tor router

NOTE: in the future it should be easier to start any container to route and have the plugin be smart about finding it, but for now.... deal with it.

$ docker run -d \
    --net host \
    --name tor-router \
    jess/tor-router

# follow the logs to make sure it is bootstrapped successfully
$ docker logs -f tor-router

Run the plugin container

$ docker run -d \
    --net host \
    --cap-add NET_ADMIN \
    --name onion \
    -v /run/docker/plugins:/run/docker/plugins \
    -v /var/run/docker.sock:/var/run/docker.sock \
    jess/onion

Create a new network

$ docker network create -d tor vidalia

Test it out!

$ docker run --rm -it --net vidalia jess/httpie -v --json https://check.torproject.org/api/ip

Running the tests

Unit tests:

$ make test

Integration tests:

$ make dtest

Thanks

Thanks to the libnetwork team for writing the networking go plugin and of course the networking itself ;) Also a lot of this code is from the bridge driver in libnetwork itself.

Also huge thanks to the Tor project for protecting the internet.

TODO

  • FIND A WAY TO DO THIS WITHOUT IPTABLES
  • the tor router should be discoverable as any docker image or container name etc and the ports for forwarding should be able to be found through that
  • the tor router should not have to be run as --net host
  • moar tests (unit and integration)
  • exposing ports in the network is a little funky
  • saving state?
  • make deny all udp traffic configurable
  • udp integration tests suck
  • unit tests