-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/09/2015 03:35 PM, s7r wrote:
If you are using the free nginx, community project, that will only allow you to deploy a http(s) proxy. Only the commercial (paid) nginx allows you to deploy a TCP proxy (handles all TCP traffic), which is what you need for a Tor relay.
nice to know!
If you want to use a proxy, you should look into a TCP proxy which will handle any type of TCP traffic, regardless of protocol. (Tor uses http for directory requests [DirPort] but not for ORPort). Make sure your relay can reach the other relays in the consensus and it doesn't have any kind of restrictions or limitations such as being able only to talk on certain ports or reach a limited number of IP addresses, etc. Your relay needs to be able to connect to all the other relays, so the clients can build circuits through it.
A free open source solution might be haproxy ( http://www.haproxy.org/ ) Maybe this will help you with your setup.
Took a look at it and is quite cool.
Make sure you properly bind DirPort and ORPort to the correct interface and use NoAdvertise and NoListen accordingly. Provide more information about your setup and the relevant configs, if you are not able to do it.
i just setup: ORPort 3128 Address oni-on.cf
and some other stuff like nicks and contact info.
my haproxy config is somehting like this:
frontend oni-on bind *:3128
acl host_onion hdr(host) oni-on.cf
use_backend onion if host_onion
it seems that when it checks for reachability at the end of 20 mins it does not manage to reach it.
Thanks for running a relay!
still trying to set it up but a pleasure.
On 3/9/2015 1:46 PM, efkin wrote:
hello tor ^.^
i'm trying to setup a tor relay behind a nginx reverse proxy... i would like to know if it's correctly setup.
i have this warn in the logs:
[warn] Received http status code 404 ("Not found") from server '85.14.240.188:443' while fetching "/tor/keys/fp/27B6B5996C426270A5C95488AA5BCEB6BCC86956".
but then in the same log little bit after:
[notice] Tor has successfully opened a circuit. Looks like client functionality is working.
last message is : Now checking whether ORPort X.X.X.X:9001 is reachable... (this may take up to 20 minutes -- look for log messages indicating success)
thx for support.
it's a great community!
efkin _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays