JAP -- ANONYMITY & PRIVACY

Home

Download

Screenshots

Anonymity Check

Contact / Forum

Help & FAQ

Support AN.ON!

Payment Service

Crime Prevention

Abuse

Survey

Help

Mix Config Tool

Voluntary Commitment

Documentation

Recent publications

Press

Roadmaps

Bugtracking

Source Codes

Compiled Binaries

Admin scripts

This manual covers helper scripts for the Mix server, an InfoService, a firewall and a web proxy. They are useful if you often want to update the code with the newest CVS version. We also propose Operators to encrypt their server file system before installation.

Hint: Normal Mix Operators do not need to install an InfoService. This is planned for the future.

Directories

To run the mix (and optionally an InfoService) you have to create the following directories:

/home/mix/Mixproxy binaries and configuration for Mix server
/home/mix/InfoService binaries and configuration for InfoService
/home/mix/InfoService/log Status statistics of InfoService

To create a directory, type

mkdir [directory name]

In each of the directories the subdirectories

./backup
./cvs

will be generated by the scripts../backup holds old binaries and their log files. As you see you may easily go back to an old but working installation if an update has failed. In ./cvs the source files are stored (and overwritten) when getting a new source code version.

Executables

Please put the following executable files in the proper directories. Note that the InfoService files are optional. There is also a firewall script, but if you want to use it, you will have to adapt it to your needs first.

/home/mix/runANONServer: common script to start, shutdown update and monitor the Mix and the InfoService
/home/mix/rc.status.anon: script for printing status messages
/home/mix/Mixproxy/mix: Mix server binary
/home/mix/Mixproxy/runMixproxy: script to start, shutdown update and monitor the Mix
/home/mix/InfoService/InfoService.jar: InfoService executable jar
/home/mix/InfoService/runInfoService: script to start, shutdown update and monitor the InfoService
/home/mix/firewall: script to start and shutdown your firewall
/home/mix/squidconfigure: configure script for optimizing the squid 2.6 compilation

Make sure that each of these file is really executable by typing

chmod -R /home/mix/* +x

You might also need to convert the executable files to the unix format by installing the sysutils or tofrodos package

e.g. with apt by

apt-get update apt-get install tofrodos

and typing

dos2unix <filename>

on each of the files.

Config files

For running the mix, you only need the config file generated by the MixConfig tool. Please name and place the config files as shown below, otherwise you will have to adapt one or more of the executable scripts and the links to them.

/home/mix/Mixproxy/config.xml: config file for the Mix server
/home/mix/InfoService/Infoservice.properties: config file for the Mix server
/home/mix/squid.conf: config file for squid proxy
/home/mix/squid-block.acl: a file containing blocked websites

Squid proxy installation (for last mixes)

Download the newest squid 2.6 stable sourcecode from

http://www.squid-cache.org/Versions/v2/2.6/

and unpack to /home/mix by typing

tar xzf squid-2.6.STABLE6.tar.gz

Copy the executable squidconfigure into the newly created directory squid-2.6.STABLE6 and type

./squidconfigure
make
make install

Squid is now installed in /usr/local/squid. Link the squid executable to /usr/sbin

ln -s /usr/local/squid/sbin/squid /usr/sbin/squid
mv /usr/local/squid/etc/squid.conf/usr/local/squid/etc/squid.conf~
ln -s /home/mix/squid.conf /usr/local/squid/etc/squid.conf
ln -s /home/mix/squid-block.acl /usr/local/squid/etc/squid-block.acl

Create the cache files

mkdir /var/spool/squid
chown proxy:proxy /var/spool/squid
squid -z -d 3

and start squid:

ulimit -HSn 64000
squid

InfoService Libraries

If you plan to run an InfoService, too, you need to copy the java libraries needed for compilation into the directory

/home/mix/InfoService/lib

If you choose an other directory, you have to adapt the file /home/mix/InfoService/runInfoService.

For installing a java compiler and a runtime environment, you will find a very good installation guide for debian here . As this does not seem to work at the moment, try this. Soon Sun Java will be integrated into Debian stable, as Sun has changed its licence., and may then be easily installed. If you have several Java versions installed on your system, you can switch between them by typing

sudo update-alternatives --config java

Links to the executables

You should set some system-wide links, so that you can use the startup scripts from every directoy:

su
ln -s /home/mix/firewall /usr/bin/firewall
ln -s /home/mix/Mixproxy/runMixproxy /usr/bin/mixproxy
ln -s /home/mix/InfoService/runInfoService /usr/bin/infoservice
exit

Before Mix compilation, may need to install some packages in order to compile the code:

cvs
g++
gcc
gpp
make
automake
postgresql
postgresql-dev or libpq-dev (might other names on different systems)
libssl-dev
libxerces27-dev (or newer)

and dependencies. If you do not find one or more of these libraries, you may, on Debian/Ubuntu systems, look for them using the apt-cache search command.

You may now update the mix with the newest CVS code by typing

mixproxy cvs compile update

Accounting database configuration

If you run pay Mixes, you moreover have to initialise the postgres database. it is only needed for the first Mix. However, you do not know if you may not switch position some time, and therefore also other Mixes should do that.

su postgres (switches to user postgres)
createuser -A -D aiuser (creates the new user aiuser)
createdb -O aiuser aidb (creates the accounting database)
psql -d aidb (logs you into the database environment as user postgres)
alter user aiuser with password 'PASSWORD'; (set the password for this user)
\q (leave the database environment)
Edit the postgres configuration file pg_hba.conf located somewhere in /etc/postgresql and allow connections with password. Replace the commands there that enforce ident or md5 login. Note that Postgres looks only for the first line matching a connection type, so don't insert several lines for the same connection type.
# All other connections by UNIX sockets

local all all password

# All IPv4 connections from localhost

host all all 127.0.0.1 255.255.255.255 ident passwordş
Restart postgres (often done by /etc/init.d/postgresql restart or similar commands)
psql -U aiuser -d aidb < /home/mix/Mixproxy/cvs/proxytest/mixtables.sql (Fill the accounting database with the accounting tables)
psql -U aiuser -d aidb (Login as aiuser with your password)
\dt Check if you see the created tables or not... If you do, everything is OK!)
\q (logout)
exit (switch back to your local user)

Start/Stop/Restart

The Mix server, InfoService and the firewall can be started with running the skripts with the 'start', 'stop' and 'restart' options. With the 'process' option you can list the running processes, 'log' will list the log file entries. 'status' Häufigkeit:- alle paar Wochenshows you if the servers are running at the moment.

You can test if the Mix server has connected properly to a cascade by tying

mixproxy process

If you see more than one running instance of the server process, everythin is OK. This can take about a minute after you started the Mix. Another indication is to check at the end of the logfile for an entry "connected" by typing

mixproxy log | less

and after the log file has opened

Shift+G

The firewall has to be started with 'root' rights. If you do not have 'root' rights it's normally also ok to restart the system. This will automatically also restart the firewall with 'root' privileges.

Runlevel links

If you want the services started automatically when starting the server machine, you have to set links to the executables in runlevel 3 and runlevel 5.

su
ln - s /home/mix/firewall /etc/init.d/firewall
ln - s /home/mix/Mixproxy/runMixproxy /etc/init.d/mixproxy
ln - s /home/mix/InfoService/runInfoService /etc/init.d/infoservice
exit

Log files

New messages will be appended on the end of the logfiles. InfoService can have more than just one logfile but should be configured with just one central log. Please configure the Mix/InfoService to store its logs at those positions:

/var/log/messages messages / logging of your firewall/home/mix/Mixproxy/messagesmessages / logging of the Mix server/home/mix/InfoService/InfoService.logmessages / logging of InfoService/home/mix/InfoService/log/status logs of your cascade

Default runlevel

The default runlevel has been set to 3 so that the the graphical environment will not be loaded. This can be changed by the administrator either while the system is running with:

init 5

or permanently with editing the /etc/inittab entries.

Stable Version
00.10.003

Beta Version
00.10.020

Status of available AN.ON services and information about them.

Announcement: important update Within the next two weeks, we will release an important update for JAP/JonDo The update is essential, as changes in the payment protocol will otherwise lead to broken connections. Moreover, an error has been removed that may lead to broken connections or erroneous data transfers. We also added some important improvements regarding usability and stability of the program. (2008-05-09)

Stop SPAM CookieCooker scrambles cookies, manages your web accounts, protects against SPAM by using trash addresses and blocks (flash) advertisement.