Monitoring exit node traffic by port?
Greetings fellow relay operators, Do you monitor outbound traffic from your relays by port? I run an exit node relay from my house allowing only "safe ports" that are not likely to generate complaints and I would like to keep an eye on how much traffic is coming from the Tor network through those ports to the Internet. Anyone? Do you use a tool like vnstat on the interface? Make your day great, Isaac Grover, Senior I.T. Consultant Aileron I.T. - "Practical & Proactive I.T. Solutions" Office: 715-377-0440, Fax:715-690-1029, Web: www.aileronit.com
Have a look at the list archives, there have been similar discussions on this topic... cliffs notes: Logging exit node traffic: Breach of trust from tor users. Highly frowned upon. IMHO, I would say the granularity of per port comes more under the ‘logging’ umbrella rather than monitoring. Monitoring: Monitoring should only be done to ensure availability of service, and should only be done in the most broad way possible to minimize risk of deanonymization, especially if court orders are involved at any point. It’s a slippery slope. I use vnstat for gross weekly/monthly TBs as a measure of improvement (ie how can I make the figure bigger to help the network out?). Daily TBs are too granular for my liking. (I’m interested in what the big boys like Quintex etc are doing here!) More importantly: Running an exit from your house is risky! Check the wiki on the risks and why you should consider a hosting service instead. Regardless, thank you for running a relay! On Mon, Oct 29, 2018 at 12:32 PM, Isaac Grover, Aileron I.T. <igrover@aileronit.com> wrote:
Greetings fellow relay operators,
Do you monitor outbound traffic from your relays by port? I run an exit node relay from my house allowing only "safe ports" that are not likely to generate complaints and I would like to keep an eye on how much traffic is coming from the Tor network through those ports to the Internet. Anyone? Do you use a tool like vnstat on the interface?
Make your day great, Isaac Grover, Senior I.T. Consultant Aileron I.T. - "Practical & Proactive I.T. Solutions"
Office: 715-377-0440, Fax:715-690-1029, Web: www.aileronit.com
Hi Isaac, The tool “ifconfig” shows the amount of traffic since last reboot. The tool vnstat is nice but you should check what data it stores. Any data collection however small is a fine line with US Federal Wiretapping laws. Be careful. Running a Tor Exit at your home is dangerous, it might be better to run a middle relay. As always thanks for running Tor Exits. Cordially, Nathaniel On Mon, Oct 29, 2018 at 7:32 AM Isaac Grover, Aileron I.T. < igrover@aileronit.com> wrote:
Greetings fellow relay operators,
Do you monitor outbound traffic from your relays by port? I run an exit node relay from my house allowing only "safe ports" that are not likely to generate complaints and I would like to keep an eye on how much traffic is coming from the Tor network through those ports to the Internet. Anyone? Do you use a tool like vnstat on the interface?
Make your day great, Isaac Grover, Senior I.T. Consultant Aileron I.T. - "Practical & Proactive I.T. Solutions"
Office: 715-377-0440, Fax:715-690-1029, Web: www.aileronit.com _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor ships with an integrated feature to do collect (and publish) exit port statistics. https://www.torproject.org/docs/tor-manual.html.en#ExitPortStatistics It is not stated in the manual entry but it does not include all ports, just the top 10 (including 'other'). Some exits have this enabled and publish their stats via extra-info descriptors which can be downloaded via CollecTor https://metrics.torproject.org/collector.html I'm not sure but I assume this level of granularity might disappear in a future version of tor or they will stop publishing it via extra-info descriptors (with privcount repacing many of the parts in tor that collect stats) -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
Hi, On 29/10/18 11:32, Isaac Grover, Aileron I.T. wrote:
Do you monitor outbound traffic from your relays by port? I run an exit node relay from my house allowing only "safe ports" that are not likely to generate complaints and I would like to keep an eye on how much traffic is coming from the Tor network through those ports to the Internet. Anyone? Do you use a tool like vnstat on the interface?
Please don't collect any data that you don't need. Bandwidth reporting and statistics reporting in general from tor is aggregated across hours or days. vnstat is producing very fine-grained detail statistics, and you probably don't need that level of information. Thanks, Iain.
participants (5)
-
Iain Learmonth -
Isaac Grover, Aileron I.T. -
Nathaniel Suchy -
nusenu -
Swiss Privacy Lab