June 2018 - tor-commits - lists.torproject.org

[webwml/staging] FAQ (relay section): increase min. bw from 2 to 8 MBit/s and add bridge info
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 660b94dc904c73bdbfa4884ad02f5f488531f7c6 Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 13:11:47 2018 +0000 FAQ (relay section): increase min. bw from 2 to 8 MBit/s and add bridge info --- docs/en/faq.wml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index b15de6f2..9165a7cd 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -2034,9 +2034,11 @@ from the source code release tor-0.2.4.16-rc is: run a relay?</a></h3> <p> We're looking for people with reasonably reliable Internet connections, - that have at least 250 kilobytes/second each way. If that's you, please - consider <a href="https://www.torproject.org/docs/tor-relay-debian">helping - out</a>. + that have at least 1 MByte/second (that is 8 MBit/second) available bandwidth each way. If that's you, please + consider <a href="<wiki>TorRelayGuide">running a Tor relay</a>. + </p> + <p> + Even if you do not have at least 8 MBit/s of available bandwidth you can still help the Tor network by running a <a href="<page docs/pluggable-transports>#operator">Tor bridge with obfs4 support</a>. In that case you should have at least 1 MBit/s of available bandwidth. </p> <hr>

1 0

[webwml/staging] Update debian-selector.js and fix default text in page
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 7bf85595ea1e22e2af5306c587e62234455970ba Author: hiro <hiro(a)torproject.org> Date: Mon Apr 2 18:20:56 2018 +0200 Update debian-selector.js and fix default text in page --- docs/debian-selector.js | 4 ++-- docs/en/debian.wml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/debian-selector.js b/docs/debian-selector.js index 12554c19..493fd235 100644 --- a/docs/debian-selector.js +++ b/docs/debian-selector.js @@ -132,7 +132,7 @@ function update() { package = package.split(' ')[0]; source_install = true; } - txt += "http://deb.torproject.org/torproject.org"; + txt += "https://deb.torproject.org/torproject.org"; txt += " "; txt += keys[i]; txt += " main"; @@ -140,7 +140,7 @@ function update() { target = keys[i]; txt = "deb " + txt + "\ndeb-src " + txt; if (version != 'stable') { - txt2 = "http://deb.torproject.org/torproject.org"; + txt2 = "https://deb.torproject.org/torproject.org"; txt2 += " "; txt2 += package; txt2 += "-"; diff --git a/docs/en/debian.wml b/docs/en/debian.wml index 1fe14dfa..6f86bd28 100644 --- a/docs/en/debian.wml +++ b/docs/en/debian.wml @@ -89,7 +89,7 @@ version <div id="apt-source"> <p>You need to add the following entry in <code>/etc/apt/sources.list</code> or a new file in <code>/etc/apt/sources.list.d/</code>:</p> -<blockquote><pre id="sources">deb https://deb.torproject.org/torproject.org stretch main +<blockquote><pre id="sources">deb https://deb.torproject.org/torproject.org jessie main </pre></blockquote> </div>

1 0

[webwml/staging] FAQ (relay section): refrase static IP section into a question
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 60dd405a39149835a104429b811b56b1e3d388c2 Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 14:46:06 2018 +0000 FAQ (relay section): refrase static IP section into a question --- docs/en/faq.wml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index 6c113eb3..05eb799e 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -143,7 +143,7 @@ country) <li><a href="#MostNeededRelayType">What type of relays are most needed?</a></li> <li><a href="#WhyIsntMyRelayBeingUsedMore">Why isn't my relay being used more?</a></li> - <li><a href="#IDontHaveAStaticIP">I don't have a static IP.</a></li> + <li><a href="#IDontHaveAStaticIP">Can I run a Tor relay using a dynamic IP address?</a></li> <li><a href="#PortscannedMore">Why do I get portscanned more often when I run a Tor relay?</a></li> <li><a href="#HighCapacityConnection">How can I get Tor to fully @@ -2079,8 +2079,8 @@ from the source code release tor-0.2.4.16-rc is: <hr> <a id="IDontHaveAStaticIP"></a> - <h3><a class="anchor" href="#IDontHaveAStaticIP">I don't have a static - IP.</a></h3> + <h3><a class="anchor" href="#IDontHaveAStaticIP">Can I run a Tor relay using a + dynamic IP address?</a></h3> <p> Tor can handle relays with dynamic IP addresses just fine. Just leave

1 0

[webwml/staging] fix youtube url: "This channel does not exist."
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 397cbcdbccd7e438582ab431df5f56a4bd89f517 Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 11:25:13 2018 +0000 fix youtube url: "This channel does not exist." --- getinvolved/en/volunteer.wml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getinvolved/en/volunteer.wml b/getinvolved/en/volunteer.wml index 22eeaa38..5ece2ca8 100644 --- a/getinvolved/en/volunteer.wml +++ b/getinvolved/en/volunteer.wml @@ -64,7 +64,7 @@ meetings around the world.</li> href="https://media.torproject.org/video/">Tor's Media server</a>, <a href="http://www.howcast.com/videos/90601-How-To-Circumvent-an-Internet-Proxy/">Howcast</a>, - and <a href="http://www.youtube.com/c/thetorproject">YouTube</a>.</li> + and <a href="https://www.youtube.com/user/TheTorProject">YouTube</a>.</li> <li>Create a poster around a theme, such as "Tor for Freedom!"</li> <li>Create a t-shirt design that incorporates "<a href="https://check.torproject.org/">Congratulations! You are using

1 0

[webwml/staging] FAQ (relay section): new entry: most wanted relay type
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit fbd1ac8776c556a94be2669a0f6c206b3e355c09 Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 13:55:07 2018 +0000 FAQ (relay section): new entry: most wanted relay type --- docs/en/faq.wml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index 9165a7cd..bef1beed 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -140,6 +140,7 @@ country) <li><a href="#HowDoIDecide">How do I decide if I should run a relay? </a></li> + <li><a href="#MostNeededRelayType">What type of relays are most needed?</a></li> <li><a href="#WhyIsntMyRelayBeingUsedMore">Why isn't my relay being used more?</a></li> <li><a href="#IDontHaveAStaticIP">I don't have a static IP.</a></li> @@ -2043,6 +2044,19 @@ from the source code release tor-0.2.4.16-rc is: <hr> + <a id="MostNeededRelayType"></a> + <h3><a class="anchor" href="#MostNeededRelayType">What type of relays are most needed?</a></h3> + <p> + <ul> + <li>The exit relay is the most needed relay type but it also comes with the highest legal exposure and risk (and you + should NOT run them from your home).</li> + <li>If you are looking to run a relay with minimal effort, fast guard relays are also very useful</li> + <li>followed by bridges.</li> + </ul> + </p> + + <hr> + <a id="WhyIsntMyRelayBeingUsedMore"></a> <h3><a class="anchor" href="#WhyIsntMyRelayBeingUsedMore">Why isn't my relay being used more?</a></h3>

1 0

[webwml/staging] FAQ (relay section): dynamic IPs are covered in a dedicated answer already
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 881b6370b5419794a7e4d72f78027be072c2425a Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 13:58:10 2018 +0000 FAQ (relay section): dynamic IPs are covered in a dedicated answer already --- docs/en/faq.wml | 3 --- 1 file changed, 3 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index bef1beed..ba7d9854 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -2160,9 +2160,6 @@ relays. sure it's not too often, since connections using the relay when it disconnects will break. </li> - <li>We can handle relays with dynamic IPs just fine — simply - leave the Address config option blank, and Tor will try to guess. - </li> <li>If your relay is behind a NAT and it doesn't know its public IP (e.g. it has an IP of 192.168.x.y), you'll need to set up port forwarding. Forwarding TCP connections is system dependent but

1 0

[webwml/staging] FAQ (relay section): bw shaping is covered in its own section (this section is about stability)
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit aef4bb669457c4596c5c5c14f5720878a22166f1 Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 14:40:02 2018 +0000 FAQ (relay section): bw shaping is covered in its own section (this section is about stability) --- docs/en/faq.wml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index 4dc00320..0bd4eb5e 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -2141,16 +2141,6 @@ need to be?</a></h3> sure it's not too often, since connections using the relay when it disconnects will break. </li> - <li>Tor has built-in support for <a - href="#BandwidthShaping"> - rate limiting</a>. Further, if you have a fast - link but want to limit the number of bytes per - day (or week or month) that you donate, check out the <a - -href="#LimitTotalBandwidth"> -hibernation - feature</a>. - </li> <li>Each Tor relay has an <a href="#ExitPolicies">exit policy</a> that specifies what sort of outbound connections are allowed or refused

1 0

[webwml/staging] FAQ (relay section): put most relevant answer in this question at the beginning
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 8b81e16dc15de36ddea985d55a4324ec3afa69e8 Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 14:00:25 2018 +0000 FAQ (relay section): put most relevant answer in this question at the beginning --- docs/en/faq.wml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index ba7d9854..4dc00320 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -2136,6 +2136,11 @@ need to be?</a></h3> </p> <ul> + <li>It's fine if the relay goes offline sometimes. The directories + notice this quickly and stop advertising the relay. Just try to make + sure it's not too often, since connections using the relay when it + disconnects will break. + </li> <li>Tor has built-in support for <a href="#BandwidthShaping"> rate limiting</a>. Further, if you have a fast @@ -2155,11 +2160,6 @@ your relay, you can set it up to only allow connections to other Tor relays. </li> - <li>It's fine if the relay goes offline sometimes. The directories - notice this quickly and stop advertising the relay. Just try to make - sure it's not too often, since connections using the relay when it - disconnects will break. - </li> <li>If your relay is behind a NAT and it doesn't know its public IP (e.g. it has an IP of 192.168.x.y), you'll need to set up port forwarding. Forwarding TCP connections is system dependent but

1 0

[webwml/staging] FAQ (relay section): move two questions out of the relay section
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 6d5896ac66201bd8d640f28196c0216ef0283fa9 Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 16:37:13 2018 +0000 FAQ (relay section): move two questions out of the relay section the following two questions have been moved from the relay to the "Advanced Tor usage" section as they are more client related: I want to run my Tor client on a different computer than my applications. Can I install Tor on a central server, and have my clients connect to it? --- docs/en/faq.wml | 156 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 78 insertions(+), 78 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index fa763adb..a5c3038d 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -132,6 +132,10 @@ country) worry?</a></li> <li><a href="#SocksAndDNS">How do I check if my application that uses SOCKS is leaking DNS requests?</a></li> + <li><a href="#TorClientOnADifferentComputerThanMyApplications">I want to run my Tor client on a + different computer than my applications.</a></li> + <li><a href="#ServerClient">Can I install Tor on a central server, and + have my clients connect to it?</a></li> </ul> <a id="relay"></a> @@ -167,10 +171,6 @@ be?</a></li> Why did that happen?</a></li> <li><a href="#MyRelayRecentlyGotTheGuardFlagAndTrafficDroppedByHalf">My relay recently got the Guard flag and traffic dropped by half.</a></li> - <li><a href="#TorClientOnADifferentComputerThanMyApplications">I want to run my Tor client on a - different computer than my applications.</a></li> - <li><a href="#ServerClient">Can I install Tor on a central server, and - have my clients connect to it?</a></li> <li><a href="#JoinTheNetwork">So I can just configure a nickname and ORPort and join the network?</a></li> <li><a href="#RelayOrBridge">Should I be a normal relay or bridge @@ -2027,6 +2027,80 @@ from the source code release tor-0.2.4.16-rc is: <hr> + <a id="TorClientOnADifferentComputerThanMyApplications"></a> + <h3><a class="anchor" href="#TorClientOnADifferentComputerThanMyApplications">I + want to run my Tor client on a different computer than my applications. + </a></h3> + <p> + By default, your Tor client only listens for applications that + connect from localhost. Connections from other computers are + refused. If you want to torify applications on different computers + than the Tor client, you should edit your torrc to define + SocksListenAddress 0.0.0.0 and then restart (or hup) Tor. If you + want to get more advanced, you can configure your Tor client on a + firewall to bind to your internal IP but not your external IP. + </p> + + <hr> + + <a id="ServerClient"></a> + <h3><a class="anchor" href="#ServerClient">Can I install Tor on a + central server, and have my clients connect to it?</a></h3> + <p> + Yes. Tor can be configured as a client or a relay on another + machine, and allow other machines to be able to connect to it + for anonymity. This is most useful in an environment where many + computers want a gateway of anonymity to the rest of the world. + However, be forwarned that with this configuration, anyone within + your private network (existing between you and the Tor + client/relay) can see what traffic you are sending in clear text. + The anonymity doesn't start until you get to the Tor relay. + Because of this, if you are the controller of your domain and you + know everything's locked down, you will be OK, but this configuration + may not be suitable for large private networks where security is + key all around. + </p> + <p> +Configuration is simple, editing your torrc file's SocksListenAddress +according to the following examples: + </p> + <pre> + + #This provides local interface access only, + #needs SocksPort to be greater than 0 + SocksListenAddress 127.0.0.1 + + #This provides access to Tor on a specified interface + SocksListenAddress 192.168.x.x:9100 + + #Accept from all interfaces + SocksListenAddress 0.0.0.0:9100 + </pre> + <p> +You can state multiple listen addresses, in the case that you are +part of several networks or subnets. + </p> + <pre> + SocksListenAddress 192.168.x.x:9100 #eth0 + SocksListenAddress 10.x.x.x:9100 #eth1 + </pre> + <p> +After this, your clients on their respective networks/subnets would specify +a socks proxy with the address and port you specified SocksListenAddress +to be. + </p> + <p> +Please note that the SocksPort configuration option gives the port ONLY for +localhost (127.0.0.1). When setting up your SocksListenAddress(es), you need +to give the port with the address, as shown above. + <p> +If you are interested in forcing all outgoing data through the central Tor +client/relay, instead of the server only being an optional proxy, you may find +the program iptables (for *nix) useful. + </p> + + <hr> + <a id="RunningATorRelay"></a> <h2><a class="anchor" href="#RunningATorRelay">Running a Tor relay:</a></h2> @@ -2476,80 +2550,6 @@ users <hr> - <a id="TorClientOnADifferentComputerThanMyApplications"></a> - <h3><a class="anchor" href="#TorClientOnADifferentComputerThanMyApplications">I - want to run my Tor client on a different computer than my applications. - </a></h3> - <p> - By default, your Tor client only listens for applications that - connect from localhost. Connections from other computers are - refused. If you want to torify applications on different computers - than the Tor client, you should edit your torrc to define - SocksListenAddress 0.0.0.0 and then restart (or hup) Tor. If you - want to get more advanced, you can configure your Tor client on a - firewall to bind to your internal IP but not your external IP. - </p> - - <hr> - - <a id="ServerClient"></a> - <h3><a class="anchor" href="#ServerClient">Can I install Tor on a - central server, and have my clients connect to it?</a></h3> - <p> - Yes. Tor can be configured as a client or a relay on another - machine, and allow other machines to be able to connect to it - for anonymity. This is most useful in an environment where many - computers want a gateway of anonymity to the rest of the world. - However, be forwarned that with this configuration, anyone within - your private network (existing between you and the Tor - client/relay) can see what traffic you are sending in clear text. - The anonymity doesn't start until you get to the Tor relay. - Because of this, if you are the controller of your domain and you - know everything's locked down, you will be OK, but this configuration - may not be suitable for large private networks where security is - key all around. - </p> - <p> -Configuration is simple, editing your torrc file's SocksListenAddress -according to the following examples: - </p> - <pre> - - #This provides local interface access only, - #needs SocksPort to be greater than 0 - SocksListenAddress 127.0.0.1 - - #This provides access to Tor on a specified interface - SocksListenAddress 192.168.x.x:9100 - - #Accept from all interfaces - SocksListenAddress 0.0.0.0:9100 - </pre> - <p> -You can state multiple listen addresses, in the case that you are -part of several networks or subnets. - </p> - <pre> - SocksListenAddress 192.168.x.x:9100 #eth0 - SocksListenAddress 10.x.x.x:9100 #eth1 - </pre> - <p> -After this, your clients on their respective networks/subnets would specify -a socks proxy with the address and port you specified SocksListenAddress -to be. - </p> - <p> -Please note that the SocksPort configuration option gives the port ONLY for -localhost (127.0.0.1). When setting up your SocksListenAddress(es), you need -to give the port with the address, as shown above. - <p> -If you are interested in forcing all outgoing data through the central Tor -client/relay, instead of the server only being an optional proxy, you may find -the program iptables (for *nix) useful. - </p> - - <hr> - <a id="RelayOrBridge"></a> <h3><a class="anchor" href="#RelayOrBridge">Should I be a normal relay or bridge relay?</a></h3>

1 0

[webwml/staging] FAQ (relay section): NAT is covered in its own section (this section is about stability)
by boklm＠torproject.org 26 Jun '18

26 Jun '18

commit 546a9e38e3785e3f0be6e0c7618559aa530454ae Author: nusenu <nusenu-github(a)riseup.net> Date: Sat Feb 10 14:41:19 2018 +0000 FAQ (relay section): NAT is covered in its own section (this section is about stability) --- docs/en/faq.wml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/docs/en/faq.wml b/docs/en/faq.wml index 0bd4eb5e..6c113eb3 100644 --- a/docs/en/faq.wml +++ b/docs/en/faq.wml @@ -2150,12 +2150,6 @@ your relay, you can set it up to only allow connections to other Tor relays. </li> - <li>If your relay is behind a NAT and it doesn't know its public - IP (e.g. it has an IP of 192.168.x.y), you'll need to set up port - forwarding. Forwarding TCP connections is system dependent but - <a href="#BehindANAT">this FAQ entry</a> - offers some examples on how to do this. - </li> <li>Your relay will passively estimate and advertise its recent bandwidth capacity, so high-bandwidth relays will attract more users than

1 0