[tor-bugs] #4164 [Tor Cloud]: Advertise port 443, but listen on 9001
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Oct 3 13:03:45 UTC 2011
#4164: Advertise port 443, but listen on 9001
-----------------------+----------------------------------------------------
Reporter: runa | Owner: runa
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Cloud | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
The Tor configuration used in the EC2 images includes "ORPort 443" and
AccountingMax. This combination can make Tor stop working when it tries to
re-attach the port after a period of hibernation.
Sebastian explained the problem on IRC; When Tor starts, it will open 443
as root and then drop its privileges. When Tor goes into hibernation, it
closes the port. When Tor comes out of hibernation, it tries to reopen the
port, and fails (non-root users aren't allowed to open ports lower than
1025).
The solution here is to advertise 443, but listen on 9001 (or another high
port). This means that we need to have a firewall rule (e.g. using
iptables) that can redirect the traffic.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4164>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list