Hi Markus,
On 16 Feb 2017, at 12:52, Markus m@euse.de wrote: ...
what i want to achive:
i set up a sensor node running openwrt in an area in germany without wifi. so i want to connect (to) it via gsm/gprs (german telekom/d1).
connecting from the node to the internet is no problem.
problem is: i cant reach any services on the node from the internet because the gsm-carrier runs some intransparant internal ipv4-proxy or switch or whatever to save ipv4-addresses so neither the ip nor dyndns is working.
Ah, carrier-grade NAT.
my idea to workaround: run tor hidden services on the node. http [2] for luci/graphical admin interface and ssl [3] for general administrative tasks. for setup i followed one general howto [4] and one ssl specific [5]. i tried to debug via [1]. i enclosed my torrc further down.
This should work, onion services are useful for NAT-punching.
i waited over one hour for tor to broadcast its new services. but not even just the hello-world-page is popping up in my clients tor browser. didnt even try to connect to ssl yet.
checked server config, curl 127.0.0.1:8080 is returning hello-world, checked tor config and files over and over. the tor browser on the client is working. no idea what else to try.
There are a few things that could be wrong: Something could be misconfigured. The carrier could block Tor. Some 4G carriers drop long-lived connections.
Is your hidden service able to connect to the tor network?
What version of tor are you running?
It would be very helpful to have the hidden service logs It might help to have the client logs as well. Notice level could help, and is generally safe.
#### /etc/tor/torrc
## Basic configuration Log notice syslog RunAsDaemon 1 DataDirectory /etc/tor User tor
## Hidden service configuration HiddenServiceDir /etc/tor/hidden_service HiddenServicePort 80 127.0.0.1:8080 HiddenServiceDir /etc/tor/hidden_ssh HiddenServicePort 2233 127.0.0.1:2233
##EOF
This torrc looks ok.
[1] https://www.torproject.org/docs/tor-hidden-service.html.en [2] xrscbcihug2ezrrb.onion [3] ntk6i23e5fcxo3j3.onion [4] https://gist.github.com/Informatic/65261ffd1aee8ddae861 [5] http://unethicalblogger.com/2012/06/13/ssh-as-a-hidden-service.html
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------