Re: [tor-relays] hardening a tor relay

23 May 2014


      On Fri, May 23, 2014 at 06:16:56PM -0300, Noilson Caio wrote:
...
Block all output like http and smtp in my netfilter (Gnu Linux);
-A OUTPUT -p tcp -m tcp --dport 80 -j DROP
-A OUTPUT -p tcp -m tcp --dport 110 -j DROP
etc ..
Relays need to allow connections to all outgoing ports.
If you do lines like the above, your Tor relay will be unable to reach
other Tor relays that chose port 80 or port 110 for their ORPort or
their DirPort. (People choose those ports because some users are behind
firewalls that only allow connections to those ports.)
https://www.torproject.org/docs/faq#OutboundPorts
--Roger

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Re: [tor-relays] hardening a tor relay