- tor-relays - lists.torproject.org

Fwd: Tor family graphs
by Virgil Griffith 23 Jul '15

23 Jul '15

Hello tor-relays@ We are still working on your nice relay incentive as and part of that we've been looking at how to partition relays into different families with it's not 100% obvious what that groupings should be. For those that are interested in the family connections, I have some pretty PDFs for you. I present three graphs of all Tor relays (nodes) with at least one family connection (edge). (1) only symmetric edges shown (black) -- http://dl.dropbox.com/u/3308162/sym.pdf (2) only asymmetric edges shown (red) -- http://dl.dropbox.com/u/3308162/asym.pdf (3) both symmetric (black) and asymmetric (red) shown -- http://dl.dropbox.com/u/3308162/both.pdf Notes: * A node is colored red if and only if it is the origin of an asymmetric connection. Ergo, every red node has at least one red edge, and vice-versa. * Blue edges are self-connections. I presume the Tor directory authorities should be excluding should these edges from the consensus---unless you all like being cute? Unfortunately you cannot click to see where you are in the graph. Hopefully in a future version you'll be able to click-around using D3.js or some such. -V

4 8

OpenBSD: tor rc script: don't kill unrelated tor instances (patch)
by nusenu 22 Jul '15

22 Jul '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Pascal, what do you think of changing OpenBSD's tor rc script to require perfect process matches when sending signals to them instead of the current "kill everything that starts with..." approach? I've put tor-relays on CC so people can speak up if this change is not desired or breaks anyone's environment - I believe it fixes them. Problem: /etc/rc.d/tor stop might kill all (including unrelated) tor instances instead of the intended daemon only. /etc/rc.d/tor start might never start the intended daemon if another tor instance is already running (rc_check believes tor is already running). /etc/rc.d/tor restart might kill all tor instances and starts only one. references: http://article.gmane.org/gmane.os.openbsd.misc/222896 One line "patch" for /etc/rc.d/tor to address this issue: (tested with and without custom daemon_flags) 8a9,10 > pexp="${daemon}${daemon_flags:+ ${daemon_flags}}$" > (this line is a complete copy from rc.subr with the addition of one char: $ ) thanks, nusenu https://github.com/nusenu/ansible-relayor/issues/40 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJViSx3AAoJEFv7XvVCELh0y8UQAJgb6JVbKde/xf79YJJr8LW1 t+Rji8A5zZ9VsjcW4Pguf/OZsQEN3MEIkjzTM3kw0q9S8CPnDbF3IYOaZj4ewYkX 8OoNmHfFbcQCC0YCJBlbUJMBtNJqi8pg7qRY4o+qY9KKa9ekUhPer7kzUt4N1A+T an4z44lh3ytAcehyFxo6hpDGZHHGGsACEIql9Rav6v+DPCBSJnCZsmlT0OeTeV5k 5WEy9nTVzdkX4mKs1xXv8YJFggCrb1uur3q91/5ZGhpKADfRj6T+1i/9622Bcki9 17ADc4ZI73dP3ZelKvpZ+FXhaiZLn6tugdj2dcqnXU8Zras6jKToupFi2nB8xfTV f70qSdkMP6WOJReCP+KTAGHiCkapyoc9V+8569iZIjUXuD7GbbSpP6I1rOoqSLYH rao6WpqHVfSMQ5jCaECHBbZY62qBhHH83B/um3nG+WXvvWDPpzjkbEx56RxH3UUo yZ4naGenbxQzCXsGXhEOAmUkJjSmW+Hw75EyObBLAp00+Q8zAXkHnFOqRGbRuxdl IKqAYsfGNLr7kPBvz9pxfnOJMfyIBDQ2P2WNyKXvYLME3wKbYMazVxd7cXzmAV5g QthMuFJ/JhWYI9Lb1U+IQq7LOX+pEWU6u/L2xqjTDj7VMn4UF1WZ6UHhnaLMAotZ lfiTKPnopA62t+X05ztR =ysgm -----END PGP SIGNATURE-----

3 5

Re: [tor-relays] Running a relay in the Netherlands
by Jan Hendrik den Besten 22 Jul '15

22 Jul '15

> Date: Tue, 21 Jul 2015 00:13:19 +0200 > From: t0reo(a)t0reo.eu > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Running a relay in the Netherlands > > Hello All ! > > About running a relay in the NL, what host company would you guys > recommend ? > > I also have that idea of running first a relay then an exit node, and > would like some basic information or recommendation about host > providers, like price /month, bandwidth included, satisfaction or > quality, level of tor friendliness, whatever... > > Thx for any help you can provide, > tOreo I have my node running here in The Netherlands at UPC, now merged with Ziggo. I contacted them once: back then they did not have a problem running even an exit node. BR, JH

4 3

[Relay] Hibernation Reset
by Tor Operator 22 Jul '15

22 Jul '15

Hi gents, I rencetly had one of my relay fall into hibernation. It seems that simply restarting the service doesn't change the hibernation status since Tor is still thinking that the BW limits have been overrun. Is the proper method to reset the status of the node is simply to delete the "state" file in "/var/lib/tor/". For now, I just set back to 0 the "AccountingBytesReadInInterval" and "AccountingBytesWrittenInInterval" counters and the node was able to wake up but that doesn't seem like a very elegant way to do it. Thanks,

2 3

BWauth's / TorFlow seem better
by starlight.2015q2＠binnacle.cx 21 Jul '15

21 Jul '15

Over the last week it seems to me that some improvement has gone into TorFlow and the BWauths are performing better. In particular the weightings calculated by each BWauth have stabilized and become less erratic. Several relays in the same region of a large network as my relay are now showing a roughly matching pattern of ascending measures, from smallest to largest: longclaw, gabelmoo, maatuska, moria1. One would expect this but it was not true in the past. One fast relay I watch, 'pixelminer' had a tendency to be yanked from one extreme to another (e.g. 10k to 120k and back) and now has a placid consensus running in the middle of the range (still apparent in the {presumably stabilized} component values).

1 1

Boosting throughput with own DNS resolvers
by Tim Semeijn 21 Jul '15

21 Jul '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Recently I noticed my Tor Exit nodes were showing nameserver errors in the tor log and I decided to set up two private DNS resolvers (pdns-recursor). Since I use those I have seen an increase of traffic throughput on my Exit nodes to approx. 150%. I feel I am finally utilizing the resources available. All bigger Tor relay operators will probably already do it this way, but as I myself have long been using Google DNS or other privacy-aware DNS resolvers on my nodes I just wanted to throw this out in the open. How many of you are already using private DNS resolvers for your nodes? Any feedback/ideas about this? - -- Tim Semeijn Babylon Network pgp 0x5B8A4DDF -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJVrAzLAAoJEIZioqpbik3fmkcP/R5DXaKoVHUY6SjiSJi0n8ug 6NMF2KTXNP3f7vFbuzjWdqdo4Hfj2Zj6SyKc+i99/pJFiISQiGsMfeWjwdGGqaxR hlCNxYAsnV2kFd8UK435kOv2LclPFDMPjFk9OLr+DDQ8ZFmkpF80+95fqwzKaPr0 XtltMNBDxO8uCC4zsNYpT2BlO4EwhMTB5/79lNJ44MlWaSaPd6BAqoDfExyBjZfV v7bvQxqSNxF5jZvoNBRw1/t1jc8AXZF7UxkkR62ff7cBiQsDo16QK4sRcDTNRziM y5fm8Tt9W+19gsf0CNPo7lj7j/T7yHj3gClBi7TmhSxsIO7ylpeuX6L9hsAkzOJm o9TMgkO11T6h0e5EiCJh6P0ov21pqUJ61ScN/D0qiHVJC42UM/diGqVFgev3AT3u NImaA7IPUXvDC+Z+EQulnBP4XdIuukozU/4DJFF4x5tDhyTTXhCInrVsaMB4rOIU lLfQLZiCCC39uxIBs+xvS+rN1+wAVq4VH4Wbd5w4tH7e2Ic0BLBaI71z00RoTiF/ i8TK5IDP+gfykBemXtAcZeyyTkuzf6fFZg3NKfCPGbOqvpLEGEk26Mp8ANv+csTb HQXbmFtPX/SUhxm2zdMzA2uq8gzHOllxmEKriYyon499ZfCImbmBU+1kTKo+v2p7 lOMSGXcjkCVgAwtnZNKw =YekJ -----END PGP SIGNATURE-----

5 6

Re: [tor-relays] Simplifying ExoneraTor
by Joshua Lee Tucker 20 Jul '15

20 Jul '15

Hi guys, I've made some simple (improvements?) changes to the ExoneraTor page - I've basically made the "about" section a sticky footer (no JS) and spaced the content a little better. I've tested it across Firefox/Chrome/Safari/iOS and it looks good on all of them. Maybe we could also add some information about the expected IP and date formats in the whitespace, too. The updated version can be found at: http://tucker.wales/tor/exonerator/ Please let me know what you think. Kind Regards, Joshua Lee Tucker @tuckerwales

2 9

Simplifying ExoneraTor
by Karsten Loesing 20 Jul '15

20 Jul '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello relay operators, Julius and I have been working on a design mockup for the ExoneraTor service for the past few months and would want to hear what you think about this: https://people.torproject.org/~karsten/volatile/exonerator-mockup/ The main idea behind this redesign was to simplify the existing ExoneraTor service by omitting technical details (e.g., Tor descriptor contents) and removing mostly unused features (e.g., parsing detailed exit policies). Please take a look at the design mockup, maybe compare it to the existing ExoneraTor service, and let us know your thoughts. Thanks! All the best, Karsten -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJVlOrvAAoJEJD5dJfVqbCr3LoH/RbAW7FdSG53/rAm/FSE1AI+ mJP/c+Uost5iaymfg1n5nAYVMYSNgg3BanItVbRHBd4rdtdcTz0ZhmUDvol5+jHA eUbWwL5M1SmOZdpNGDxx5fGkm7DEcnSFnVMPqN9gFKtm+zSBtNeJ9bcNiktwL7WW VrpElBu3P9N+YLBemN5W9/TYEjEx6q1Mx4t22qij7xBdRfVJKS1XqwwntRSapbLo Y2TCt/rVG2fD7rMIO3vNidCg8eaA4ax7qXJcABAx1+lsPFHoKwCG0nmNZ6FP+Ips XSbk+FHApAK+txzS16NVwdtOpm/YyCQIVaIQ8EjIyKBSlSJDGWRXwgHOBhglliE= =4/zE -----END PGP SIGNATURE-----

11 48

Exit Policy Information != ExitPolicy reject
by fatal 19 Jul '15

19 Jul '15

Hello, I got an abuse report from Webiron requesting me to block a /24 subnet. Accordingly I added "ExitPolicy reject xxx.xxx.xxx.0/24:*" to my torrc file. Looking at the Exit Policy Information at atlas and torstatus xxx.xxx.xxx.0/24 doesn't get listed. This worries me a bit. Am I missing something? Thanks!

3 4

Catch 22 pay, set-up and be banned
by I 19 Jul '15

19 Jul '15

3 2