On Thursday, November 21, 2019 at 7:29 PM, Mario Costa mario.costa@icloud.com wrote:
Il giorno 21 nov 2019, alle ore 15:49, Matt Traudt pastly@torproject.org ha scritto:
Thanks for running a bridge.
Check Tor's logs to make sure it is actually running and doesn't report issues. Search its hashed fingerprint on https://metrics.torproject.org/rs.html and make sure it is listed as up. Verify you did *not* set 'PublishServerDescriptor 0'. Verify you can use your bridge from outside your home. I once had a residential ISP that blocked inbound port 80 but not 443.
This actually made me realize that my home router would not properly forward ports 80 and 443 from outside. I could connect to my bridge from the LAN (even using my external IP) but not from outside. I had to change to a non-standard port, unfortunately, because apparently 80 and 443 are used by the router’s web GUI even if I disabled external access to it. That’s a shame because I understand that ports 80 and 443 are less likely to be blocked by censors.
However, it’s still not clear to me how I can confirm anyone is using the bridge.
In the nyx log you see messages like 'In the last X hours we have seen X unique clients' (I don't remember the exact wording) Those are the clients that did use your bridge.
When I connect to it, all I see in nyx are OUTBOUND connections and not even one inbound connection (maybe that’s by design in order to protect connecting users' privacy, I don’t know).
You are probably right. In the past you could see connecting users in nyx as inbound connections without visible IP-address. Now they are not displayed as inbound connections any more. The outbound connections that are needed for these users are still displayed.
Hi,
Thank for your advices.
Device: Raspberry pi 3B+ OS: Linux kali-pi 4.19.66-Re4son-v7+ Bandwith (tested on the raspberry with speedtest-cli): - Download: 308.94 Mbit/s - Upload: 267.11 Mbit/s
torrc file:
RunAsDaemon 1 BridgeRelay 1
Log notice file /var/log/tor/notices.log #Log debug file /var/log/tor/debug.log #Log notice syslog #Log debug stderr
# Replace "TODO1" with a Tor port of your choice. This port must be externally # reachable. Avoid port 9001 because it's commonly associated with Tor and # censors may be scanning the Internet for this port. ORPort 4433
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
# Replace "TODO2" with an obfs4 port of your choice. This port must be # externally reachable and must be different from the one specified for ORPort. # Avoid port 9001 because it's commonly associated with # Tor and censors may be scanning the Internet for this port. ServerTransportListenAddr obfs4 0.0.0.0:1234
# Local communication port between Tor and obfs4. Always set this to "auto". # "Ext" means "extended", not "external". Don't try to set a specific port numb er, nor listen on 0.0.0.0. ExtORPort auto
# Replace "address@email.com" with your email address so we can contact you if there are problems with your bridge. # This is optional but encouraged. ContactInfo ######################
# Pick a nickname that you like for your bridge. This is optional. Nickname citizenfour
RelayBandwidthRate 3 MB RelayBandwidthBurst 6 MB
ExitPolicy reject *:*
I don't have "PublishServerDescriptor" in my conf. Should i?
Tor logs (notices.log) look ok:
Nov 23 15:41:35.000 [notice] New control connection opened. Nov 23 17:45:38.000 [notice] New control connection opened. Nov 23 20:31:41.000 [notice] Heartbeat: Tor's uptime is 11 days 0:00 hours, with 5 circuits open. I've sent 134.74 MB and received 1.01 GB. Nov 23 20:31:41.000 [notice] Heartbeat: In the last 6 hours, I have seen 1 unique clients. Nov 24 02:31:41.000 [notice] Heartbeat: Tor's uptime is 11 days 6:00 hours, with 0 circuits open. I've sent 136.02 MB and received 1.01 GB. Nov 24 02:31:41.000 [notice] Heartbeat: In the last 6 hours, I have seen 0 unique clients. Nov 24 08:31:41.000 [notice] Heartbeat: Tor's uptime is 11 days 12:00 hours, with 0 circuits open. I've sent 137.11 MB and received 1.02 GB. Nov 24 08:31:41.000 [notice] Heartbeat: In the last 6 hours, I have seen 0 unique clients. Nov 24 14:31:41.000 [notice] Heartbeat: Tor's uptime is 11 days 18:00 hours, with 14 circuits open. I've sent 138.59 MB and received 1.02 GB. Nov 24 14:31:41.000 [notice] Heartbeat: In the last 6 hours, I have seen 0 unique clients.
Bridge is listed as up on tor relay search:
https://metrics.torproject.org/rs.html#details/9D1CCBE7EEF99FCCA6F767838FA08...
Nyx says:
14:49:17 [NOTICE] New control connection opened. [1 duplicate hidden] x 14:31:41 [NOTICE] Heartbeat: In the last 6 hours, I have seen 0 unique clients. [2 x duplicates hidden] x 14:31:41 [NOTICE] Heartbeat: Tor's uptime is 11 days 18:00 hours, with 14 circuits x open. I've sent 138.59 MB and received 1.02 GB. [2 duplicates hidden] xlq November 23, 2019 qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk xx20:31:41 [NOTICE] Heartbeat: In the last 6 hours, I have seen 1 unique clients. x xx20:31:41 [NOTICE] Heartbeat: Tor's uptime is 11 days 0:00 hours, with 5 circuits x xx open. I've sent 134.74 MB and received 1.01 GB. [3 duplicates hidden]
etc.....
Sometime i see many circuits and "connectons" but right now everything is blank or at 0 (bandwith use). i just shared the connexion from my smartphone to connect to tor with my laptop (that the only thing i can do right now). i'm connected to my bridge and can browse. If i download a file ( 1GB) i can see some connections (10 outbound) in nyx and the bandwith use increases.
I don't know..despite the fact that everthing looks fine to me, i lost the fast and stable flag, sometime tor relay search says the bridge is down and in 11 days nobody connected to my bridge (ecepted me).
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ Le dimanche 24 novembre 2019 12:17, entensaison@use.startmail.com a écrit :
On Thursday, November 21, 2019 at 7:29 PM, Mario Costa mario.costa@icloud.com wrote:
Il giorno 21 nov 2019, alle ore 15:49, Matt Traudt pastly@torproject.org ha scritto:
Thanks for running a bridge.
Check Tor's logs to make sure it is actually running and doesn't report issues. Search its hashed fingerprint on https://metrics.torproject.org/rs.html and make sure it is listed as up. Verify you did *not* set 'PublishServerDescriptor 0'. Verify you can use your bridge from outside your home. I once had a residential ISP that blocked inbound port 80 but not 443.
This actually made me realize that my home router would not properly forward ports 80 and 443 from outside. I could connect to my bridge from the LAN (even using my external IP) but not from outside. I had to change to a non-standard port, unfortunately, because apparently 80 and 443 are used by the router’s web GUI even if I disabled external access to it. That’s a shame because I understand that ports 80 and 443 are less likely to be blocked by censors.
However, it’s still not clear to me how I can confirm anyone is using the bridge.
In the nyx log you see messages like 'In the last X hours we have seen X unique clients' (I don't remember the exact wording) Those are the clients that did use your bridge.
When I connect to it, all I see in nyx are OUTBOUND connections and not even one inbound connection (maybe that’s by design in order to protect connecting users' privacy, I don’t know).
You are probably right. In the past you could see connecting users in nyx as inbound connections without visible IP-address. Now they are not displayed as inbound connections any more. The outbound connections that are needed for these users are still displayed.
Hi,
On 25 Nov 2019, at 00:02, David Strappazon david.strappazon@protonmail.com wrote:
I don't know..despite the fact that everthing looks fine to me, i lost the fast and stable flag, sometime tor relay search says the bridge is down and in 11 days nobody connected to my bridge (ecepted me).
That's normal, some bridges are kept in the reserve pool. And others are assigned to pools that aren't used as much.
If you want more traffic, start another bridge on another port/IP?
T
tor-relays@lists.torproject.org
-
David Strappazon -
entensaison@use.startmail.com -
teor