Hello to you all,
Question: Is there a point to adding IPv6 addresses to the ORPorts of
my bridges? Will they then operate somewhat in the fashion of guards
without published metrics?
Any info would be helpful.
Arisbe
Hey folks!
My relay which is currently hibernating shows something strange.
Hibernation is set to 19 TB’s of outgoing Traffic. Hetzner Cloud shows ~16TB outgoing traffic and the relays log itself 38TB.
vnstat reports exactly 20.38 TiB tx so in conclusion Hetzner can not count there Bits and Bytes or the same as protection is not correct.
Because if Hetzner’s stats are correct i would have send 3 TB’s of Traffic to other Tor servers and clients internally. Because internal traffic is not …
[View More]counted.
I guess that a Juniper routers net flow tool is correct so how can i look at this? Because my second relay in Helsinki does have this too with a difference of 2 TB’s.
"Heartbeat: Tor's uptime is 27 days 1:39 hours, with 0 circuits open. I've sent 38486.76 GB and received 38489.42 GB. We are currently hibernating.“
When i divide that by two this gives me 19 TB’s of outgoing Traffic. So i guess that this is a bug?
Thanks!
Tobias
[View Less]
I brought up my first relay over the weekend and I am waiting for traffic to ramp up.
In a few places I've read the suggestion to use NTP to keep the relay's clock in sync. Fair enough, but now there is a problem...
I've been reading up on NTP a bit and using ntpdate to occasionally update the system time is now deprecated. We're supposed to run ntpd. Ntpd docs make it sound like ntpd needs to run a listener to function at all. I'd rather not add additional attack surface to my relay.
Those …
[View More]of you who run relays, how are you keeping your system clock in sync?
My relay is on FreeBSD 11.
Thanks,
---mkb
[View Less]
Hi,
Form the instructions to install obsf4:
https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/obfs4…
---
```
ExtORPort auto
```
[...]
```
[notice] Registered server transport 'obfs4' at '[::]:46396'
```
Remember the random port associated to your bridge needs to be open for
incoming connections. You can find it from the logs: it's 46396 in this
example.
---
I can assume that using `ExtORPort auto` would mean that potentially any
time Tor is restarted or reload a new …
[View More]port will be picked.
Furthermore, in this thread[1] it is said:
---
[...] ExtORPort tells tor to open a local-only (bound to localhost)
socket for getting information from / communicating with obfsproxy
---
So, if I want to be sure to know in advance which firewall port I should
let open it is better that I choose a fixed port. Also, that port needs
only to accept connections from localhost, i.e. the loopback interface?
The only port that needs to be reachable from anywhere is the ORPort?
Also, in this answer on Tor Stack Exchange[2] it is said that is
possible to run both obfs3 and obfs4 from the same bridge. Is this
useful/recommended? Also, in the answer:
---
I had to make port forwards for the given obfs ports in iptables (easy
with gufw) as well as in my hardware (internet-)firewall to make things
work. So I am not so sure that the ExORPort is for local connections
only as mentioned by Rodger (please let me know if I am wrong here).
---
Thanks in advance (I am sorry for the flood of stupid question, but I
prefer to ask a stupid question that having things not work and not
understanding why...)
C
[1]:
https://lists.torproject.org/pipermail/tor-relays/2014-February/003909.html
[2]: https://tor.stackexchange.com/a/6735
[View Less]
Those of you running relays on low-RAM hosts, what do you do about DirCache?
When I first brought up my relay I noticed this message in the logs:
[warn] Being a directory cache (default) with less than DIRCACHE_MIN_MEM_MB MB of memory is not recommended and may consume most of the available resources, consider disabling this functionality by setting the DirCache option to 0.
When I DirCache to 0 I see another warning:
[warn] DirCache is disabled and we are configured as a relay. This may …
[View More]disqualify us from becoming a guard in the future.
As it turns out I can increase my VMs memory for free so that’s no big deal. Still, I’m curious. What do people do with relays without much memory? Skip DirCache? Are there ways to reduce the memory footprint and still cache directory info?
Thanks,
—mkb
[View Less]
Since 25.07.2018 I'm running Tor exit relay
BBF17F784433635FA28E7E585D05FE3B15A31A6B on FreeBSD VPS. Although
AS16276 is quite crowded, fact that IP address space is SWIPed to Conrad
Rockenhaus means that I, as relay operator, don't need to deal with a
torrent of abuse complaints because of usual exit activity. This allows
to run relay with default exit policy.
The VPS has OS FreeBSD 11.2 on KVM hypervisor (hypervisor maybe
different for newer VPS though), storage is ZFS on GPT.
The relay is …
[View More]too young to reach it's full potential, I may post
updates in the future.
[View Less]
I do run 2 exits at the same hardware [1] and do use systat [2] to monitor system data.
2 questions:
A)
Since a while (months) I do observe a periodic pattern in the network load. An example is the graph (SVG format, made with [3]) of the data from yesterday.
Is this typical? I did not observe such a pattern in the last few years.
B)
htop shows me, that the Tor exit relay listening on ORPort 443 consumes typically 30% more CPU time than the second Tor exit relay listing on ORport 9001. …
[View More]Boths however have nearly identical configs, bandwith weights and amount of connections (typical values are 4300 and 4500 respectively, 3700 and 3900 of them are connections to relays, the delta are exit connections).
Does this explains the delta in CPU time?
[1] https://metrics.torproject.org/rs.html#search/family:D11D11877769B9E617537B…
[2] http://sebastien.godard.pagesperso-orange.fr/
[3] svg=/tmp/graph.svg; sadf -g -T ~/tmp/sa/sa28 -O skipempty,oneday -- -n ALL > $svg && konqueror $svg
--
Toralf
PGP C4EACDDE 0076E94E
[View Less]
Hi i have found an issue on the freebsd startupscript.
The theonionbox.py is in the /bin dir not in the theonionbox dir
OLD:
# That's out script
command="${theonionbox_dir}/theonionbox.py --mode=service --config='${theonionbox_conf}'"
start_cmd="/usr/sbin/daemon -u ${theonionbox_user} -p ${pidfile} ${command}"
NEW:
# That's out script
command="${theonionbox_dir}/bin/theonionbox --mode=service --config='${theonionbox_conf}'"
start_cmd="/usr/sbin/daemon -u ${theonionbox_user} -p ${pidfile} ${…
[View More]command}"
Hope this help any Relayoperator :-)
TorGate
torgate(at)linux-hus.dk
[View Less]
I try to run Nyx on Linux 4.9.80-Re4son-v7+ #1 SMP Thu Apr 26 17:45:16 CDT 2018 armv7l getting following after start:
Traceback (most recent call last):
File "/usr/bin/nyx", line 11, in <module>
load_entry_point('nyx==2.0.4', 'console_scripts', 'nyx')()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 476, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", …
[View More]line 2700, in load_entry_point
return ep.load()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2318, in load
return self.resolve()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2324, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "/usr/lib/python3/dist-packages/nyx/__init__.py", line 46, in <module>
import distutils.spawn
ModuleNotFoundError: No module named 'distutils.spawn'
Could somebody show me a way to solve this and get Nyx running?
Thanks Paul
[View Less]