I didn't say I knew the type of traffic on my relay, that would be an entirely new set of problems; I said I can see the IP addresses coming in and going out, and the ports used. I would venture to ask this is not how Tor is intended to work? If this is a possible bug in Tor, i dunno, then one could perhaps surmise that an organization with enough capital can build a network flow chart of the majority of the traffic with middle and exit nodes at their disposal?
I was curious why my firewall isn't capable of detecting ip's to and from my relay, unless I am looking at the wrong traffic logs, but yet I can see the ip's in peerblock, and this is not what i expected when reading about Tor. If Tor middle nodes are exposing ip addresses that are coming in and out of a relay, and this is not supposed to work like this by design, then oops.
On Oct 27, 2013, at 14:23, Lukas Erlacher l.erlacher@gmail.com wrote:
Middle nodes don't know the type of traffic. If they have any way to find out, that is a bug that needs to be fixed. End-of.
2013/10/27 Nelson nelson@net2wireless.net:
Tor Exit Relay have the ability to filter traffic by allowing the operator make choices based on personal preferences for personal, legal (ex: country of origin) and for other reasons.
Non-exit Relays do not have the ability to set "Relay Policies" (torcc??), and why would they, considering that all this traffic is encrypted anyway, as I understand it, and one would not ever know what type of traffic it is, or its origin, based on the bandwidth graph. I checked my smoothwall firewall logs it does not seem to show the traffic flowing on my relay, I guess this would be obvious because it's Tor traffic; unless I'm not filtering the logs correctly.
Running a Tor relay seems straightforward and one could just fire-it-up and easily contribute to the network. But my curiosity gets the best of me.
I was looking to add additional URL Filter rules for my smoothwall as a more centralized way of controlling what gets to the LAN for my users. While checking for additional blocklists I came upon P2P rules and I started to compare the new blocklists with my old ones and then I stumbled upon PeerBlock which has been around for a while.
On Windows 7, PeerBlock seemed to provide two things I was looking to test on a TOR Relay:
- Real Time Traffic Logging (ip's and ports logged)
- The ability to filter traffic.
Apparently I am able to do both with PeerBlock, although I'm sure there are more suitable and capable tools available out there that do this, but I'm not aware of or have used any of these tools.
In peerblock I can create new custom lists and completely block specific ip ranges (ex: warez, torrents etc.), and I am able to see what traffic is allowed or blocked based on policies created.
- What problems, if any, arise from using peerblock and Tor together?
- Why do we not have the ability to at least set our own policy for the
type of traffic on a relay just like an Exit Relay?
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays