Mix Installation for other Linux based systems

From JonDonym Wiki
(Difference between revisions)
Jump to: navigation, search
(HowTo install Dante SOCKS proxy (only premium exit mixes))
Line 2: Line 2:
 
<iimg>[[Mix Installation (Source for Linux)]]![[Image:en.png]]</iimg><iimg>[[Mix Installation (Sourcen für Linux)]]![[Image:de.png]]</iimg>
 
<iimg>[[Mix Installation (Source for Linux)]]![[Image:en.png]]</iimg><iimg>[[Mix Installation (Sourcen für Linux)]]![[Image:de.png]]</iimg>
 
== HowTo install the mix server software ==
 
== HowTo install the mix server software ==
This HowTo describes the installation of the mix server and related software for RedHat Linux. For Debian and Ubuntu servers JonDos GmbH provides packages to simplify the installation. See: [[Mix Installation (Debian/Ubuntu)]].
+
This HowTo describes the installation of the mix server and related software for RedHat Linux. For Debian and Ubuntu servers JonDos GmbH provides packages to simplify the installation. See: [[Mix Installation (Debian and Ubuntu)]].
  
 
The software for mix servers is distributed as source code.
 
The software for mix servers is distributed as source code.

Revision as of 12:46, 12 March 2010

File:En.png File:De.png

Contents

HowTo install the mix server software

This HowTo describes the installation of the mix server and related software for RedHat Linux. For Debian and Ubuntu servers JonDos GmbH provides packages to simplify the installation. See: Mix Installation (Debian and Ubuntu).

The software for mix servers is distributed as source code.

Requirements

To compile the mix sources the libraries OpenSSL (at least v.0.9.7) and Xerces-C++ are required. Additional a C++ compiler, make and subversion are required too. You can install all stuff with the package manager of your your operating system. For FreeBSD it may be usefull to install subversion from ports, to disable BDB.

RedHat:  yum install g++ make libssl-devel libxerces-c2-devel subversion

For premium mixes PostgreSQL database server, client and C-libraries for PostgreSQL clients are requiered too.

RedHat:  yum install postgresql postgresql-client libpq-devel

Compile the source code

Checkout the latest stable version from our subversion repository. We recommend the use of the directory /home/mix for sources.

mkdir /home/mix
cd /home/mix
svn checkout https://svn.jondos.de/svn/proxytest/proxytest/branches/stable

Afterwards compile and install the mix software:

cd /home/mix/stable
./configure --enable-new-channel-encryption --enable-new-flow-control
make
make install

Enable additional features

Depending of the features needed by your mix, you can enable some more features for your mix:

 ./configure --enable-new-channel-encryption --enable-new-flow-control --enable-payment .... ....


Mandatory feature for premium services:

  • --enable-payment Specify if to build with payment support.


Monitoring your mix:

  • --enable-server_monitoring Specify if to build with state tracking for server monitoring. You can specify a monitor port in the mix configuration and fetch a XML file from this IP:port time by time to check your mix. A plug-in for Nagios, which is using the monitoring port, you will find in the mix source tree misc.


Additional Logging features:

  • --enable-crime-detection Enable crime detection mode. Crime detection parameters can be specified in the mix configuration file. Do ONLY use it, if you are under constraint by authorities and law. For working well, all mixes of a cascade have to enable this feature.
  • --enable-dataretentionlog Enable log messages according to German data retention law.


Other features:

  • --enable-bandwidth-limitation Specify if to build with last mix bandwidth limitation. The limitation parameters can be specified in the mix configuration file. (only exit mixes)

Create a system user account

It is not a good solution to run the mix server with root privileges. Create a new system user account (recommended name: mix) and specify this user account in the mix configuration file. After start up, the mix server will switch to this UID.

Create a system user account with useradd:

adduser --quiet --system --disabled-password --shell=/bin/false --group mix

Create a log directory

The directory and file for log messages will be specified in the mix configuration file. You have to create the directory and set safe permissions:

mkdir /var/log/mix
chown mix:adm /var/log/mix
chmod 0750 /var/log/mix

No logrotate configuration is necessary. The mix server creates a new file, if the log file size exceeded the configured limit.

Start the mix server

You have to create a mix configuration, became root, raise the number of max. open descriptors to the value specified in the mix configuration file and you can start the mix:

ulimit -SHn 32768
mix -c /path/to/config.xml

After startup the mix server will switch to the sytem UID specified in the mix configuration file.

Update the mix software

Like other software the mix is updated time by time. New features will be added, bugs will be fixed ... and so on. Join the operator mailing list to stay up-to-date about software updates. If an update is announced, run the following steps.

cd /home/mix/stable
make distclean
svn update
./configure  --enable-new-channel-encryption --enable-new-flow-control --enable-server_monitoring --enable-payment .... ....
make
make install

After successful update restart the mix.

HowTo install squid proxy (only exit mixes)

The squid proxy can be installed by the package manager of your your operating system. Do NOT install squid3, please use the latest stable version of squid v.2.7. Only for testing purposes lynx may be installed too.

RedHat:  yum install squid lynx

Stop the squid proxy if it was running after installation and make a backup of the original configuration.

/etc/init.d/squid stop
cd /etc/squid
mv squid.conf squid.conf.orig

Replace the configuration file with an optimized configuration and add the block list squid-block.acl. You may find the squid configuration files provided by Jondos in the mix source code, subdirectory misc/Linux. Choose the suitable squid config an put the files to /etc/squid. The example uses the config for free exit mixes.

cd /home/mix/stable/misc/Linux
cp -f squid.conf.free /etc/squid/squid.conf
cp squid-block.acl /etc/squid/squid-block.acl

Afterward create the cache directories, wait, until the cache is created....

squid -z -d -3

... and start the squid proxy.

/etc/init.d/squid start

... and check if squid was working.

http_proxy=http://127.0.0.1:3128; lynx http://www.anonymous-proxy-servers.net

Update the JonDonym block list

Time by time the JonDonym block list will be updated. You will receive a notice by the mix operator mailing list.

cd /home/mix/stable
svn update
cp -f misc/Linux/squid-block.acl /etc/squid/squid-block.acl
/etc/init.d/squid restart

HowTo install Dante SOCKS proxy (only premium exit mixes)

The Dante SOCKS proxy can be installed by the package manager of your your operating system. For FreeBSD it is recommeded to install dante from the ports tree.

RedHat:  yum install dante-server

Install the configuration files provided by JonDos GmbH. The template for the configuration is part of the stable mix source. You may find it in misc/Linux/danted.conf.template. Replace the template string [% extIP %] in line 9 with your external IP address (you may use the editor pico), copy the file to /etc/danted.conf and restart dante. It contains the block list for JonDonym mix servers and blocks port 25 for spam reasons.

cd /home/mix/stable/misc/Linux
pico danted.conf.template
cp -f danted.conf.template /etc/danted.conf
/etc/init.d/danted restart

Update the JonDonym block list

Time by time the JonDonym block list will be updated. You will receive a notice by the mix operator mailing list. Checkout the latest stable mix source and update your danted.conf. Please note: You have to replace the template string [% extIP %] again with your external IP address.

cd /home/mix/stable
svn update
cd misc/Linux
pico danted.conf.template
cp -f danted.conf.template /etc/danted.conf
/etc/init.d/danted restart
Personal tools