[tor-onions] no connection to tor hidden services on arduino yun/openwrt

Markus m at euse.de
Thu Feb 16 08:57:36 UTC 2017 

hi tim,

thanks for your quick reply.

first: looking around for more logs i discovered that storage was full
on yun's internal memory. tor couldn't completely write its caches.
so i changed tor data dir to the sd card.
now all tor data fits.

more logs commenting your requests:

Am 16.02.2017 um 03:49 schrieb teor:
> Hi Markus,
> 
>> On 16 Feb 2017, at 12:52, Markus <m at euse.de> wrote:
>> ...
>>
>> what i want to achive:
>>
>> i set up a sensor node running openwrt in an area in germany without wifi.
>> so i want to connect (to) it via gsm/gprs (german telekom/d1).
>>
>> connecting from the node to the internet is no problem.
>>
>> problem is: i cant reach any services on the node from the internet
>> because the gsm-carrier runs some intransparant internal ipv4-proxy or
>> switch or whatever to save ipv4-addresses so neither the ip nor dyndns
>> is working.
> 
> Ah, carrier-grade NAT.

ah, thats how you call it.

> 
>> my idea to workaround: run tor hidden services on the node. http [2] for
>> luci/graphical admin interface and ssl [3] for general administrative tasks.
>> for setup i followed one general howto [4] and one ssl specific [5]. i
>> tried to
>> debug via [1].
>> i enclosed my torrc further down.
> 
> This should work, onion services are useful for NAT-punching.
> 
>> i waited over one hour for tor to broadcast its new services. but not
>> even just the hello-world-page is
>> popping up in my clients tor browser. didnt even try to connect to ssl yet.
>>
>> checked server config, curl 127.0.0.1:8080 is returning hello-world,
>> checked tor config and files over and over.
>> the tor browser on the client is working.
>> no idea what else to try.
> 
> There are a few things that could be wrong:
> Something could be misconfigured.
> The carrier could block Tor.
> Some 4G carriers drop long-lived connections.
> 
> Is your hidden service able to connect to the tor network?

i think yes according to the hidden service log saying:
"Feb 16 09:14:44.128 [notice] Tor has successfully opened a circuit.
Looks like client functionality is working.
Feb 16 09:14:44.149 [notice] Bootstrapped 100%: Done."

> 
> What version of tor are you running?

root at dragino:~# /etc/init.d/tor restart
Feb 16 08:14:52.049 [notice] Tor v0.2.2.39 (git-bec76476efb71549). This
is experimental software. Do not rely on it for strong anonymity.
(Running on Linux mips)
Feb 16 08:14:52.076 [notice] Initialized libevent version 2.0.19-stable
using method epoll. Good.
Feb 16 08:14:52.076 [notice] Opening Socks listener on 127.0.0.1:9050

cannot find a newer package for openwrt/yun

got it here:
src/gz attitude_adjustment
http://www.dragino.com/downloads/downloads/motherboards/ms14/Firmware/Yun/Packages--v2.x
packages there are identical afai can see to here:
# src/gz attitude_adjustment
http://downloads.arduino.cc/openwrtyun/1/packages

> 
> It would be very helpful to have the hidden service logs

couldn't find any.
had to activate logs in torrc.
now here we go:
https://pad.riseup.net/p/oigEOGIBVKYXJFNGAORI

> It might help to have the client logs as well.
> Notice level could help, and is generally safe.

tor browser log on client:

16.02.2017 07:23:52.500 [NOTICE] Bootstrapped 85%: Finishing handshake
with first hop
16.02.2017 07:23:52.600 [NOTICE] Bootstrapped 90%: Establishing a Tor
circuit
16.02.2017 07:23:52.900 [NOTICE] Tor has successfully opened a circuit.
Looks like client functionality is working.
16.02.2017 07:23:52.900 [NOTICE] Bootstrapped 100%: Done
16.02.2017 07:23:53.700 [NOTICE] New control connection opened from
127.0.0.1.
16.02.2017 07:23:53.700 [NOTICE] New control connection opened from
127.0.0.1.
16.02.2017 07:24:35.400 [NOTICE] Closing stream for '[scrubbed].onion':
hidden service is unavailable (try again later).
16.02.2017 07:25:30.400 [NOTICE] Closing stream for '[scrubbed].onion':
hidden service is unavailable (try again later).
16.02.2017 07:25:48.500 [NOTICE] Closing stream for '[scrubbed].onion':
hidden service is unavailable (try again later).
16.02.2017 07:26:04.100 [WARN] Fetching v2 rendezvous descriptor failed.
Retrying at another directory.
16.02.2017 07:26:04.600 [NOTICE] Closing stream for '[scrubbed].onion':
hidden service is unavailable (try again later).
16.02.2017 07:26:14.500 [WARN] Fetching v2 rendezvous descriptor failed.
Retrying at another directory.
16.02.2017 07:26:14.700 [WARN] Fetching v2 rendezvous descriptor failed.
Retrying at another directory.
16.02.2017 07:26:15.000 [WARN] Fetching v2 rendezvous descriptor failed.
Retrying at another directory.
16.02.2017 07:26:15.500 [NOTICE] Closing stream for '[scrubbed].onion':
hidden service is unavailable (try again later).
16.02.2017 08:13:12.500 [NOTICE] Closing stream for '[scrubbed].onion':
hidden service is unavailable (try again later).
16.02.2017 08:13:20.300 [NOTICE] Closing stream for '[scrubbed].onion':
hidden service is unavailable (try again later).
16.02.2017 08:18:05.500 [NOTICE] Tried for 120 seconds to get a
connection to [scrubbed]:80. Giving up. (waiting for circuit)
16.02.2017 08:22:06.500 [NOTICE] Tried for 120 seconds to get a
connection to [scrubbed]:80. Giving up. (waiting for circuit)
16.02.2017 08:25:44.500 [NOTICE] Tried for 120 seconds to get a
connection to [scrubbed]:80. Giving up. (waiting for circuit)
16.02.2017 08:32:44.500 [NOTICE] Tried for 120 seconds to get a
connection to [scrubbed]:80. Giving up. (waiting for circuit)
16.02.2017 08:45:10.500 [NOTICE] Tried for 120 seconds to get a
connection to [scrubbed]:80. Giving up. (waiting for circuit)


> 
>> #### /etc/tor/torrc
>>
>> ## Basic configuration
>> Log notice syslog
>> RunAsDaemon 1
>> DataDirectory /etc/tor

changed to:
DataDirectory /mnt/sda1/arduino/tor

>> User tor
>>
>> ## Hidden service configuration
>> HiddenServiceDir /etc/tor/hidden_service
>> HiddenServicePort 80 127.0.0.1:8080
>> HiddenServiceDir /etc/tor/hidden_ssh
>> HiddenServicePort 2233 127.0.0.1:2233

added:
## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
Log notice file /var/log/tor/notices.log
## Send every possible message to /var/log/tor/debug.log
# Log debug file /var/log/tor/debug.log

let me know if debug.log might help!

>>
>> ##EOF
> 
> This torrc looks ok.
> 
>> [1] https://www.torproject.org/docs/tor-hidden-service.html.en
>> [2] xrscbcihug2ezrrb.onion
>> [3] ntk6i23e5fcxo3j3.onion
>> [4] https://gist.github.com/Informatic/65261ffd1aee8ddae861
>> [5] http://unethicalblogger.com/2012/06/13/ssh-as-a-hidden-service.html
> 

thanks again,
markus



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20170216/294ebb8e/attachment.sig>

More information about the tor-onions mailing list