[tor-relays] Need help to set up Tor + Router: ORPort and DirPort unreachable
Viktor Haaksman
viktorhaaksman at gmail.com
Mon Jan 20 21:08:31 UTC 2014
Hi Chris,
First of all, this mailing list is public and posting a Tor log with your
IP in there is not advisable, so I would suggest to remove sensitive data
prior to attaching the log next time ;). Some remarks on the log file you
posted:
- Your OpenSSL version was not compiled with options that are supported by
64-bit operating systems, so you could enhance the performance a lot by
compiling it with the right flags.
- The IP address in the log file differs from the one from the last entry
in the consensus database for genodeftest and your fingerprint is also
different. This is an indication that your WAN IP assigned by your ISP is
not static. The Tor process can handle this, but a static IP is advisable
since this increases the reliability of your relay a lot.
- There are to warnings in your log file, one concerning the
microdescriptor cache. I don't know what causes this error, can someone
else elaborate on this? It is not the cause of the problem though, i think.
- You mention having forwarded control and socks/ORport ports in your
router, but your logs tell that the DirPort is 9030, the ORport is 9001. It
is okay now, but I would strongly advise not to forward the control port in
your router, since it severely lowers the security of your relay if the
control port is reachable from the internet.
According to your description, Tor seems to be configured correctly
for basic (exit-)relay operation and the usage as a client. I
therefore assume that the configuration of your router gives rise to
the error.
*Have you assigned a static IP address to the node in younetwork on which
Tor is running on? Otherwise, the port mapping in therouter will fail the
moment that this node gets a new DHCP lease from your router. Can you check
that?*
Kind regards,
Viktor
2014/1/20 Christian Stadelmann <chris.privat at genodeftest.de>:
> Hi
>
> I am running tor 0.2.4.20 from official RPM repositories on my local
> machine (Fedora 20). I can use it to surf the web and
> https://check.torproject.org/ (besides others) tells me that tor is
> running. I had the same problem with 0.2.3.25 from fedora's own
> repository.
>
> According to `netstat -tulpen` tor listens on 0.0.0.0:9001,
> 0.0.0.0:9030, and Control port + Socks port.
> I configured my Router to port-forward 9001 and 9030 for both TCP+UDP
> and IPv4+IPv6. How can I test that this worked?
>
> I am running a local firewall but it does not seem to matter whether it
> is enabled or disabled.
>
> Is there anything else I could be missing?
>
> Regards
> Chris
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140120/2b632d16/attachment.html>
More information about the tor-relays
mailing list