[tor-relays] Confusing bridge signs...

Keifer Bly keifer.bly at gmail.com
Tue Feb 21 00:56:12 UTC 2023 

Well,

So I just changed my torrc to this:

Nickname gbridge
ORPort 443
SocksPort 0
BridgeRelay 1
PublishServerDescriptor bridge
BridgeDistribution email
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
ServerTransportListenAddr obfs4 0.0.0.0:8080
ExtOrPort auto
Log notice file /var/log/tor/notices.log
ExitPolicy reject *:*
AccountingMax 50 GB
ContactInfo keiferdodderblyyatgmaildoddercom

Trying to avoid being charged a huge amount for traffic as these VPS
providers can be ridiculous when it comes to that, which is why it was set
to so little. Ran killall -HUP tor to reload it and see that happens in the
next day or so. And the reason why it's on port 443 is so as to be on a
port that's not likely blocked by network administrators. Thank you.
--Keifer


On Mon, Feb 20, 2023 at 2:23 PM trinity pointard <trinity.pointard at gmail.com>
wrote:

> Hi,
>
> Your torrc is correct wrt to distribution mechanism (your bridge is
> indicating "bridge-distribution-request any" in the descriptor it
> sends), but for the record, the line would have been
> "BridgeDistribution any".
> A bridge uses less bandwidth than a relay, but it's still a proxy. At
> 5GB per month, you'd be providing a steady 16kbps over the month, or a
> single mbps for little over 11 hours. That's very little, if you can't
> have more bandwidth (by using a provider with no bandwidth accounting,
> or one that gives better pricing per bandwidth), I fear your bridge
> won't be very useful at all. Mine consumes between a few hundred GB
> and a few TB depending on the distribution mechanism.
>
> Are you sure your bridge is reachable? Bridgestrap reports suggest it
> isn't.
> As the bridge operator, you should know its bridge line. Can you test
> it with Tor Browser to make sure?
> Given your accounting limits, it could be unreachable because
> currently hibernating. Or you could have a firewall issue, or
> something else.
> I believe not passing bridgestrap can explain not being assigned a
> distribution mechanism.
>
> It might also explain why it would be considered blocked in Russia: if
> it's not reachable from anywhere, it's not reachable from Russia. An
> other possibility, given you use 443 for your ORPort, is that your
> bridge was indeed detected by just scanning the whole internet. The
> ORPort is very recognizable (enough that some of my former bridges
> ended up tagged "tor" on Shodan) so it should be put on a port that's
> less likely to be scanned.
>
> Regards,
> trinity-1686a
>
> On Mon, 20 Feb 2023 at 21:29, Keifer Bly <keifer.bly at gmail.com> wrote:
> >
> > Where in the torrc file would I set it to any? I am looking for a way to
> run a bridge without being charged a huge amount of money for it, and I was
> curious how it would have been detected by Russia if noone had used the
> bridge there? Thanks.
> > --Keifer
> >
> >
> > On Mon, Feb 20, 2023 at 8:45 AM <lists at for-privacy.net> wrote:
> >>
> >> On Samstag, 18. Februar 2023 18:56:00 CET Keifer Bly wrote:
> >> > Ok. Here is the torrc file:
> >> >
> >> >   GNU nano 3.2                                   /etc/tor/torrc
> >> >
> >> >
> >> > Nickname gbridge
> >> > ORPort 443
> >> > SocksPort 0
> >> > BridgeRelay 1
> >> > PublishServerDescriptor bridge
> >> > ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
> >> > ServerTransportListenAddr obfs4 0.0.0.0:8080
> >> > ExtOrPort auto
> >> > Log notice file /var/log/tor/notices.log
> >> > ExitPolicy reject *:*
> >> > AccountingMax 5 GB
> >> > ContactInfo keiferdodderblyyatgmaildoddercom
> >> >
> >> >
> >> > Where in this torrc file is that configured?
> >> Then set it to 'any' and wait 24-48 hours to see what happens. Maybe
> there was
> >> an error in the db.
> >>
> >> If your bridge is still not distributed, it could be due to the outdated
> >> obfs4proxy or because of 'AccountingMax 5 GB'.
> >> Sorry but, 5 GB is a 'fart in the wind' the accounting period would
> only be a
> >> few hours a month. It's not even worth distributing them because it
> would only
> >> frustrate the users.
> >>
> >> > And how would it be blocked in
> >> > Russia already if it hasn't even been used?
> >> Why should this new feature of the bridgedb, more precisely the rdsys
> backend,
> >> have anything to do with whether someone uses a bridge? This is a
> bridgedb
> >> distribution method introduced by meskio.
> >>
> >>
> >> --
> >> ╰_╯ Ciao Marco!
> >>
> >> Debian GNU/Linux
> >>
> >> It's free software and it gives you
> freedom!_______________________________________________
> >> tor-relays mailing list
> >> tor-relays at lists.torproject.org
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20230220/cc7bd65d/attachment-0001.htm>

More information about the tor-relays mailing list