Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, October 25, 2018 7:24 PM, dlugasny@protonmail.com wrote:
Dmitrii thanks for Your hints.
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, October 25, 2018 7:02 PM, Dmitrii Tcvetkov demfloro@demfloro.ru wrote:
On Thu, 25 Oct 2018 17:48:09 +0000 dlugasny@protonmail.com wrote:
In did, I have to read more carefully attached documentation. After small changes torrc looks like this: Does any one of You see any wrong parameters ? ########################## SocksPort 0 Log notice file /var/log/tor/notices.log ControlPort 9051 HashedControlPassword (for nyx) ORPort 9001 RelayBandwidthRate 400 KBytes # Throttle traffic to 100KB/s (800Kbps) RelayBandwidthBurst 600 KBytes # But allow bursts up to 200KB (1600Kb) ContactInfo Dlugas-ny <dlugasny AT protonmail dot com> DirPort 9030 # what port to advertise for directory connections ExitRelay 0 ExitPolicy reject : # no exits allowed PublishServerDescriptor 0 CellStatistics 1 ExtraInfoStatistics 1 ConnDirectionStatistics 1 EntryStatistics 1 LogMessageDomains 1 AvoidDiskWrites 1 WarnPlaintextPorts HeartbeatPeriod 1hours DisableDebuggerAttachment 0
These are enough to run a relay: SocksPort 0 ORPort 9001 RelayBandwidthRate 400 KBytes RelayBandwidthBurst 600 KBytes Log notice file /var/log/tor/notices.log ContactInfo Dlugas-ny <dlugasny AT protonmail dot com> DirPort 9030 MyFamily "fingerprints go here" ExitRelay 0 ExitPolicy reject : MyFamily should contain comma separated list of fingerprints of all your guard, middle, exit relays if you have any. Each fingerprint should be prefixed with '$' symbol. It shouldn't contain fingerprints of your bridges. If you want to use Nyx then you can enable: ControlPort 9051 HashedControlPassword
Nyx I`m using, because I can observe traffic. "socket -4l" doesnt provide informations about connections.
Option DisableDebuggerAttachment 0 is for debugging and should be set to 1 during normal operation. Yes, it allows to snoop on Tor circuits in Nyx, but is that really needed?
Its active because I would like to see if its really working.
BTW you can use bits in bandwidth settings, e.g. "RelayBandwidthRate 4 Mbits" Other options are optional and should be evaluated each separately. For example I don't know why you don't want to publish server descriptor, what is the point of unpublished middle relay?
I just commented out "PublishServerDescriptor"
Why avoid disk writes? Modern hardware won't be worn out just by Tor relay disc activity. Why WarnPlaintextPorts? It's a relay, not a client, as SocksPort is 0.
I just commented out AvoidDiskWriters and WarnPlaintextPorts.
In general it's better to start with software defaults and alter the settings only if you need them altered.
I know. I have simply blindly copied example torrc from one of the "best practise FreeBsd tor tutorials".
Thanks for Your hints.
I hope that in the next days my first BSD relay will start relaying :).
tor-relays@lists.torproject.org
-
dlugasny@protonmail.com