hi tim,
thanks for your quick reply.
first: looking around for more logs i discovered that storage was full on yun's internal memory. tor couldn't completely write its caches. so i changed tor data dir to the sd card. now all tor data fits.
more logs commenting your requests:
Am 16.02.2017 um 03:49 schrieb teor:
Hi Markus,
On 16 Feb 2017, at 12:52, Markus m@euse.de wrote: ...
what i want to achive:
i set up a sensor node running openwrt in an area in germany without wifi. so i want to connect (to) it via gsm/gprs (german telekom/d1).
connecting from the node to the internet is no problem.
problem is: i cant reach any services on the node from the internet because the gsm-carrier runs some intransparant internal ipv4-proxy or switch or whatever to save ipv4-addresses so neither the ip nor dyndns is working.
Ah, carrier-grade NAT.
ah, thats how you call it.
my idea to workaround: run tor hidden services on the node. http [2] for luci/graphical admin interface and ssl [3] for general administrative tasks. for setup i followed one general howto [4] and one ssl specific [5]. i tried to debug via [1]. i enclosed my torrc further down.
This should work, onion services are useful for NAT-punching.
i waited over one hour for tor to broadcast its new services. but not even just the hello-world-page is popping up in my clients tor browser. didnt even try to connect to ssl yet.
checked server config, curl 127.0.0.1:8080 is returning hello-world, checked tor config and files over and over. the tor browser on the client is working. no idea what else to try.
There are a few things that could be wrong: Something could be misconfigured. The carrier could block Tor. Some 4G carriers drop long-lived connections.
Is your hidden service able to connect to the tor network?
i think yes according to the hidden service log saying: "Feb 16 09:14:44.128 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. Feb 16 09:14:44.149 [notice] Bootstrapped 100%: Done."
What version of tor are you running?
root@dragino:~# /etc/init.d/tor restart Feb 16 08:14:52.049 [notice] Tor v0.2.2.39 (git-bec76476efb71549). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux mips) Feb 16 08:14:52.076 [notice] Initialized libevent version 2.0.19-stable using method epoll. Good. Feb 16 08:14:52.076 [notice] Opening Socks listener on 127.0.0.1:9050
cannot find a newer package for openwrt/yun
got it here: src/gz attitude_adjustment http://www.dragino.com/downloads/downloads/motherboards/ms14/Firmware/Yun/Pa... packages there are identical afai can see to here: # src/gz attitude_adjustment http://downloads.arduino.cc/openwrtyun/1/packages
It would be very helpful to have the hidden service logs
couldn't find any. had to activate logs in torrc. now here we go: https://pad.riseup.net/p/oigEOGIBVKYXJFNGAORI
It might help to have the client logs as well. Notice level could help, and is generally safe.
tor browser log on client:
16.02.2017 07:23:52.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop 16.02.2017 07:23:52.600 [NOTICE] Bootstrapped 90%: Establishing a Tor circuit 16.02.2017 07:23:52.900 [NOTICE] Tor has successfully opened a circuit. Looks like client functionality is working. 16.02.2017 07:23:52.900 [NOTICE] Bootstrapped 100%: Done 16.02.2017 07:23:53.700 [NOTICE] New control connection opened from 127.0.0.1. 16.02.2017 07:23:53.700 [NOTICE] New control connection opened from 127.0.0.1. 16.02.2017 07:24:35.400 [NOTICE] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). 16.02.2017 07:25:30.400 [NOTICE] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). 16.02.2017 07:25:48.500 [NOTICE] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). 16.02.2017 07:26:04.100 [WARN] Fetching v2 rendezvous descriptor failed. Retrying at another directory. 16.02.2017 07:26:04.600 [NOTICE] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). 16.02.2017 07:26:14.500 [WARN] Fetching v2 rendezvous descriptor failed. Retrying at another directory. 16.02.2017 07:26:14.700 [WARN] Fetching v2 rendezvous descriptor failed. Retrying at another directory. 16.02.2017 07:26:15.000 [WARN] Fetching v2 rendezvous descriptor failed. Retrying at another directory. 16.02.2017 07:26:15.500 [NOTICE] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). 16.02.2017 08:13:12.500 [NOTICE] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). 16.02.2017 08:13:20.300 [NOTICE] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later). 16.02.2017 08:18:05.500 [NOTICE] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) 16.02.2017 08:22:06.500 [NOTICE] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) 16.02.2017 08:25:44.500 [NOTICE] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) 16.02.2017 08:32:44.500 [NOTICE] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) 16.02.2017 08:45:10.500 [NOTICE] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit)
#### /etc/tor/torrc
## Basic configuration Log notice syslog RunAsDaemon 1 DataDirectory /etc/tor
changed to: DataDirectory /mnt/sda1/arduino/tor
User tor
## Hidden service configuration HiddenServiceDir /etc/tor/hidden_service HiddenServicePort 80 127.0.0.1:8080 HiddenServiceDir /etc/tor/hidden_ssh HiddenServicePort 2233 127.0.0.1:2233
added: ## Send all messages of level 'notice' or higher to /var/log/tor/notices.log Log notice file /var/log/tor/notices.log ## Send every possible message to /var/log/tor/debug.log # Log debug file /var/log/tor/debug.log
let me know if debug.log might help!
##EOF
This torrc looks ok.
[1] https://www.torproject.org/docs/tor-hidden-service.html.en [2] xrscbcihug2ezrrb.onion [3] ntk6i23e5fcxo3j3.onion [4] https://gist.github.com/Informatic/65261ffd1aee8ddae861 [5] http://unethicalblogger.com/2012/06/13/ssh-as-a-hidden-service.html
thanks again, markus