<div dir="ltr">Hi,<div><br></div><div>So yes I had obfs4 installed. I accidentally set it to the same port as tor without relazing, silly me. Here is my new torrc:</div><div><br></div><div>Nickname gbridge<br>ORPort 8080<br>SocksPort 0<br>BridgeRelay 1<br>PublishServerDescriptor bridge<br>BridgeDistribution email<br>ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy<br>ServerTransportListenAddr obfs4 <a href="http://0.0.0.0:8081">0.0.0.0:8081</a><br>ExtOrPort auto<br>Log notice file /var/log/tor/notices.log<br>ExitPolicy reject *:*<br>AccountingMax 50 GB<br>ContactInfo keiferdodderblyyatgmaildoddercom<br><br>I am wanting to limit to 50GB per month to avoid being overcharged. Would this do that? Thanks.<br><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">--Keifer</div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 23, 2023 at 4:43 AM gus <<a href="mailto:gus@torproject.org">gus@torproject.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Keifer,<br>
<br>
You can't use the same port.<br>
<br>
Here is a simple example:<br>
<br>
BridgeRelay 1<br>
ORPort 56331<br>
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy<br>
ServerTransportListenAddr obfs4 <a href="http://0.0.0.0:53333" rel="noreferrer" target="_blank">0.0.0.0:53333</a><br>
ExtORPort auto<br>
ContactInfo keiferdodderblyyatgmaildoddercom<br>
Log notice file /var/log/tor/notices.log<br>
BridgeDistribution email<br>
Nickname gbridge<br>
AccountingStart day 12:00<br>
AccountingMax 50 GB<br>
<br>
<br>
Example: Let's say you want to allow 50 GB of traffic every day in each<br>
direction and the accounting should reset at noon each day:<br>
<br>
For more details about AccountinMax, see this Support doc:<br>
<a href="https://support.torproject.org/relay-operators/limit-total-bandwidth/" rel="noreferrer" target="_blank">https://support.torproject.org/relay-operators/limit-total-bandwidth/</a><br>
<br>
Did you also install obfs4proxy package? Because on Metrics it says<br>
that your bridge don't have any 'transport protocol'.<br>
<br>
cheers,<br>
Gus<br>
<br>
On Tue, Feb 21, 2023 at 08:23:44AM -0800, Keifer Bly wrote:<br>
> Ok, changed to port 8080 and upped my allowed traffic a bit:<br>
> <br>
> GNU nano 3.2<br>
> /etc/tor/torrc<br>
> <br>
> <br>
> Nickname gbridge<br>
> ORPort 8080<br>
> SocksPort 0<br>
> BridgeRelay 1<br>
> PublishServerDescriptor bridge<br>
> BridgeDistribution email<br>
> ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy<br>
> ServerTransportListenAddr obfs4 <a href="http://0.0.0.0:8080" rel="noreferrer" target="_blank">0.0.0.0:8080</a><br>
> ExtOrPort auto<br>
> Log notice file /var/log/tor/notices.log<br>
> ExitPolicy reject *:*<br>
> AccountingMax 50 GB<br>
> ContactInfo keiferdodderblyyatgmaildoddercom<br>
> <br>
> Yes, I have limited bandwidth I can give so as to avoid being<br>
> massively charged for traffic. Perhaps there is a way to set tor to only<br>
> allow traffic with a small connection? Thanks.<br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> --Keifer<br>
> <br>
> <br>
> On Tue, Feb 21, 2023 at 1:29 AM trinity pointard <<a href="mailto:trinity.pointard@gmail.com" target="_blank">trinity.pointard@gmail.com</a>><br>
> wrote:<br>
> <br>
> > > And the reason why it's on port 443 is so as to be on a port that's not<br>
> > likely blocked by network administrators.<br>
> ><br>
> > That might be useful for the ORPort of a relay, and for the obfs4 port<br>
> > of a bridge, but not for the ORPort of a bridge. Clients are not<br>
> > supposed to connect to it.<br>
> > The only reason it's exposed is because the bridge authority still<br>
> > requires it to verify the bridge is reachable. See<br>
> > <a href="https://gitlab.torproject.org/tpo/core/tor/-/issues/7349" rel="noreferrer" target="_blank">https://gitlab.torproject.org/tpo/core/tor/-/issues/7349</a>.<br>
> > You are better of using 443 for the ServerTransportListenAddr, and<br>
> > some high port for ORPort.<br>
> ><br>
> > On Tue, 21 Feb 2023 at 03:05, Keifer Bly <<a href="mailto:keifer.bly@gmail.com" target="_blank">keifer.bly@gmail.com</a>> wrote:<br>
> > ><br>
> > > Well,<br>
> > ><br>
> > > So I just changed my torrc to this:<br>
> > ><br>
> > > Nickname gbridge<br>
> > > ORPort 443<br>
> > > SocksPort 0<br>
> > > BridgeRelay 1<br>
> > > PublishServerDescriptor bridge<br>
> > > BridgeDistribution email<br>
> > > ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy<br>
> > > ServerTransportListenAddr obfs4 <a href="http://0.0.0.0:8080" rel="noreferrer" target="_blank">0.0.0.0:8080</a><br>
> > > ExtOrPort auto<br>
> > > Log notice file /var/log/tor/notices.log<br>
> > > ExitPolicy reject *:*<br>
> > > AccountingMax 50 GB<br>
> > > ContactInfo keiferdodderblyyatgmaildoddercom<br>
> > ><br>
> > > Trying to avoid being charged a huge amount for traffic as these VPS<br>
> > providers can be ridiculous when it comes to that, which is why it was set<br>
> > to so little. Ran killall -HUP tor to reload it and see that happens in the<br>
> > next day or so. And the reason why it's on port 443 is so as to be on a<br>
> > port that's not likely blocked by network administrators. Thank you.<br>
> > > --Keifer<br>
> > ><br>
> > ><br>
> > > On Mon, Feb 20, 2023 at 2:23 PM trinity pointard <<br>
> > <a href="mailto:trinity.pointard@gmail.com" target="_blank">trinity.pointard@gmail.com</a>> wrote:<br>
> > >><br>
> > >> Hi,<br>
> > >><br>
> > >> Your torrc is correct wrt to distribution mechanism (your bridge is<br>
> > >> indicating "bridge-distribution-request any" in the descriptor it<br>
> > >> sends), but for the record, the line would have been<br>
> > >> "BridgeDistribution any".<br>
> > >> A bridge uses less bandwidth than a relay, but it's still a proxy. At<br>
> > >> 5GB per month, you'd be providing a steady 16kbps over the month, or a<br>
> > >> single mbps for little over 11 hours. That's very little, if you can't<br>
> > >> have more bandwidth (by using a provider with no bandwidth accounting,<br>
> > >> or one that gives better pricing per bandwidth), I fear your bridge<br>
> > >> won't be very useful at all. Mine consumes between a few hundred GB<br>
> > >> and a few TB depending on the distribution mechanism.<br>
> > >><br>
> > >> Are you sure your bridge is reachable? Bridgestrap reports suggest it<br>
> > isn't.<br>
> > >> As the bridge operator, you should know its bridge line. Can you test<br>
> > >> it with Tor Browser to make sure?<br>
> > >> Given your accounting limits, it could be unreachable because<br>
> > >> currently hibernating. Or you could have a firewall issue, or<br>
> > >> something else.<br>
> > >> I believe not passing bridgestrap can explain not being assigned a<br>
> > >> distribution mechanism.<br>
> > >><br>
> > >> It might also explain why it would be considered blocked in Russia: if<br>
> > >> it's not reachable from anywhere, it's not reachable from Russia. An<br>
> > >> other possibility, given you use 443 for your ORPort, is that your<br>
> > >> bridge was indeed detected by just scanning the whole internet. The<br>
> > >> ORPort is very recognizable (enough that some of my former bridges<br>
> > >> ended up tagged "tor" on Shodan) so it should be put on a port that's<br>
> > >> less likely to be scanned.<br>
> > >><br>
> > >> Regards,<br>
> > >> trinity-1686a<br>
> > >><br>
> > >> On Mon, 20 Feb 2023 at 21:29, Keifer Bly <<a href="mailto:keifer.bly@gmail.com" target="_blank">keifer.bly@gmail.com</a>> wrote:<br>
> > >> ><br>
> > >> > Where in the torrc file would I set it to any? I am looking for a way<br>
> > to run a bridge without being charged a huge amount of money for it, and I<br>
> > was curious how it would have been detected by Russia if noone had used the<br>
> > bridge there? Thanks.<br>
> > >> > --Keifer<br>
> > >> ><br>
> > >> ><br>
> > >> > On Mon, Feb 20, 2023 at 8:45 AM <<a href="mailto:lists@for-privacy.net" target="_blank">lists@for-privacy.net</a>> wrote:<br>
> > >> >><br>
> > >> >> On Samstag, 18. Februar 2023 18:56:00 CET Keifer Bly wrote:<br>
> > >> >> > Ok. Here is the torrc file:<br>
> > >> >> ><br>
> > >> >> > GNU nano 3.2 /etc/tor/torrc<br>
> > >> >> ><br>
> > >> >> ><br>
> > >> >> > Nickname gbridge<br>
> > >> >> > ORPort 443<br>
> > >> >> > SocksPort 0<br>
> > >> >> > BridgeRelay 1<br>
> > >> >> > PublishServerDescriptor bridge<br>
> > >> >> > ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy<br>
> > >> >> > ServerTransportListenAddr obfs4 <a href="http://0.0.0.0:8080" rel="noreferrer" target="_blank">0.0.0.0:8080</a><br>
> > >> >> > ExtOrPort auto<br>
> > >> >> > Log notice file /var/log/tor/notices.log<br>
> > >> >> > ExitPolicy reject *:*<br>
> > >> >> > AccountingMax 5 GB<br>
> > >> >> > ContactInfo keiferdodderblyyatgmaildoddercom<br>
> > >> >> ><br>
> > >> >> ><br>
> > >> >> > Where in this torrc file is that configured?<br>
> > >> >> Then set it to 'any' and wait 24-48 hours to see what happens. Maybe<br>
> > there was<br>
> > >> >> an error in the db.<br>
> > >> >><br>
> > >> >> If your bridge is still not distributed, it could be due to the<br>
> > outdated<br>
> > >> >> obfs4proxy or because of 'AccountingMax 5 GB'.<br>
> > >> >> Sorry but, 5 GB is a 'fart in the wind' the accounting period would<br>
> > only be a<br>
> > >> >> few hours a month. It's not even worth distributing them because it<br>
> > would only<br>
> > >> >> frustrate the users.<br>
> > >> >><br>
> > >> >> > And how would it be blocked in<br>
> > >> >> > Russia already if it hasn't even been used?<br>
> > >> >> Why should this new feature of the bridgedb, more precisely the<br>
> > rdsys backend,<br>
> > >> >> have anything to do with whether someone uses a bridge? This is a<br>
> > bridgedb<br>
> > >> >> distribution method introduced by meskio.<br>
> > >> >><br>
> > >> >><br>
> > >> >> --<br>
> > >> >> ╰_╯ Ciao Marco!<br>
> > >> >><br>
> > >> >> Debian GNU/Linux<br>
> > >> >><br>
> > >> >> It's free software and it gives you<br>
> > freedom!_______________________________________________<br>
> > >> >> tor-relays mailing list<br>
> > >> >> <a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
> > >> >> <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
> > >> ><br>
> > >> > _______________________________________________<br>
> > >> > tor-relays mailing list<br>
> > >> > <a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
> > >> > <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
> > >> _______________________________________________<br>
> > >> tor-relays mailing list<br>
> > >> <a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
> > >> <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
> > ><br>
> > > _______________________________________________<br>
> > > tor-relays mailing list<br>
> > > <a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
> > > <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
> > _______________________________________________<br>
> > tor-relays mailing list<br>
> > <a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
> > <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
> ><br>
<br>
> _______________________________________________<br>
> tor-relays mailing list<br>
> <a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
> <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
<br>
<br>
-- <br>
The Tor Project<br>
Community Team Lead<br>
_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</blockquote></div>