Hello,
The FreedomBox project [1] is planning to include Tor in the upcoming 0.2 release. FreedomBox is intended to be used as an always-on server, so its Tor node has been configured as a bridge relay.
There is also a need for FreedomBoxes to be able to find each other regardless of location or restrictive firewall. This feature is not yet completely implemented for FreedomBox, but it will likely involve each box running a Tor hidden service, and making the initial connection to other boxes over the Tor network.
Here is the configuration that we are currently using in /etc/tor/torrc:
ORPort 4431 BridgeRelay 1 Exitpolicy reject *:*
It is based on example configuration for bridge relays given in the Tor documentation [2] but modified to still allow SOCKS connections.
Do you see any vulnerabilities, attacks, or risks with the current configuration, and are there any changes that you would recommend?
[1] https://wiki.debian.org/FreedomBox [2] https://www.torproject.org/docs/bridges#RunningABridge
Thanks