Hey all,
I just wanted to thank the list members for giving me some great advice on working with my ISP to deal with the DMCA nastygrams. I restricted my exit policy to allow most legitimate TCP services and block the rest, which should hopefully disincentivize those damn P2P users from picking my relay as an exit in most cases.
Does the Tor project run a database to track abuse complaints? Could be useful in terms of uncovering who the largest pains in the ass are (mine was from Irdeto on behalf on NBC Universal), as well as organizing targeted campaigns to put pressure on companies like Irdeto to at least perform some due diligence and not send out DMCA originating from exit relays. If not, maybe I’ll start working on a project to do so if there isn’t something else like it elsewhere.
On another note, I discovered I prefer running Tor on FreeBSD over Linux. Ran CentOS for a bit, but somehow encrypting /tmp blew it up and the NOC had to re-install the OS. I went with FreeBSD instead and dig it immensely. Pf is much less of a headache than IPTables — I actually got port forwarding from 80 to 9091 and 43 to 9090 working. Administration is more straightforward. I like the clear separation of the base system from additional software added from ports. Compiling ports, while more time consuming, is a delight compared to some of the binary package management issues I’ve had in the past with Linux. FreeBSD also appears to manage memory more efficiently. I run Linux as a desktop OS, but for a server OS, FreeBSD has won me over with its simplicity, less convoluted security (no SELinux — yes I know you can turn it off, but I’m the masochist who leaves it on), better support for chroot jails. Just my opinion.
One more question and I’ll probably feel stupid after reading the answers, but does “RelayBandwidthRate” apply separately to rx and tx rates or the combined throughput of them both? The server I run has an unmetered 100Mb/s connection. I’ve got RelayBandwidthRate set to 5MB and RelayBandwidthBurst set to 10MB. 12.5MB/s being the theoretical max, if I bumped up my bandwidth rate to, say, 8, would my relay overload the NIC or would it continue to behave?
My server specs are as follows:
FreeBSD 9.2 Dual Core Atom D2500 4GB RAM 2TB SATA drive (encrypted swap and /tmp) 100Mbit unmetered traffic 5 usable IPv4 addresses
At last check, I had 1140 TCP connections according to lsof and vnstat is showing throughputs of 13-18Mbit/s rx and 14-19Mbit/s tx. Tor CPU usage is about 22-27% according to top.
Does this look reasonable or should I tweak some things like max connections?
Thanks, Chris