[tor-relays] Need help to set up Tor + Router: ORPort and DirPort unreachable
Viktor Haaksman
viktorhaaksman at gmail.com
Mon Jan 20 21:11:26 UTC 2014
Besides, did you know that your relay was last listed in the consensus
database on the 10th of January with an older version of Tor (0.2.3.25)?
Did you happen to change something on that day? Are you also possible
running a firewall of which you could post the configuration?
Regards,
Viktor
2014/1/20 Viktor Haaksman <viktorhaaksman at gmail.com>
> Hi Chris,
>
> First of all, this mailing list is public and posting a Tor log with your
> IP in there is not advisable, so I would suggest to remove sensitive data
> prior to attaching the log next time ;). Some remarks on the log file you
> posted:
> - Your OpenSSL version was not compiled with options that are supported by
> 64-bit operating systems, so you could enhance the performance a lot by
> compiling it with the right flags.
> - The IP address in the log file differs from the one from the last entry
> in the consensus database for genodeftest and your fingerprint is also
> different. This is an indication that your WAN IP assigned by your ISP is
> not static. The Tor process can handle this, but a static IP is advisable
> since this increases the reliability of your relay a lot.
> - There are to warnings in your log file, one concerning the
> microdescriptor cache. I don't know what causes this error, can someone
> else elaborate on this? It is not the cause of the problem though, i think.
> - You mention having forwarded control and socks/ORport ports in your
> router, but your logs tell that the DirPort is 9030, the ORport is 9001. It
> is okay now, but I would strongly advise not to forward the control port in
> your router, since it severely lowers the security of your relay if the
> control port is reachable from the internet.
>
> According to your description, Tor seems to be configured correctly
> for basic (exit-)relay operation and the usage as a client. I
> therefore assume that the configuration of your router gives rise to
> the error.
>
> *Have you assigned a static IP address to the node in younetwork on which
> Tor is running on? Otherwise, the port mapping in therouter will fail the
> moment that this node gets a new DHCP lease from your router. Can you check
> that?*
>
> Kind regards,
> Viktor
>
> 2014/1/20 Christian Stadelmann <chris.privat at genodeftest.de>:
>
> > Hi
> >
> > I am running tor 0.2.4.20 from official RPM repositories on my local
> > machine (Fedora 20). I can use it to surf the web and
> > https://check.torproject.org/ (besides others) tells me that tor is
> > running. I had the same problem with 0.2.3.25 from fedora's own
> > repository.
> >
> > According to `netstat -tulpen` tor listens on 0.0.0.0:9001,
> > 0.0.0.0:9030, and Control port + Socks port.
> > I configured my Router to port-forward 9001 and 9030 for both TCP+UDP
> > and IPv4+IPv6. How can I test that this worked?
> >
> > I am running a local firewall but it does not seem to matter whether it
> > is enabled or disabled.
> >
> > Is there anything else I could be missing?
> >
> > Regards
> > Chris
> >
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140120/222e0e2f/attachment.html>
More information about the tor-relays
mailing list