[tor-relays] Relays alongside firewall

[Jan Nielsen]

Hello.

I recently enabled UFW on my relays. I have allowed in all necessary ports
that my relay uses. I was looking at the logs and there are plenty of
blocked incoming TCP connections. These connections are being blocked
because they are attempting connection on ports that I have not opened e.g.
9001.

However, the traffic appears to be relay traffic. Is ufw interfering with
my relay? Are there additional steps to take when running a relay alongside
a firewall?

Here is a redacted snippet from my ufw log:

Oct 26 15:10:29 [UFW BLOCK] IN=eth0 OUT=
MAC=04:01:26:15:5a:01:xx:8a:xx:64:xx:f0:xx:xx SRC=202.108.xxx.xx
DST=178.62.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=46331 DF PROTO=TCP
SPT=49892 DPT=34449 WINDOW=5840 RES=0x00 SYN URGP=0

Oct 26 15:10:32  [UFW BLOCK] IN=eth0 OUT=
MAC=04:01:26:15:5a:01:28:8a:1c:64:cb:xx:xx:xx SRC=202.108.xxx.xx
DST=178.62.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=46332 DF PROTO=TCP
SPT=49892 DPT=34449 WINDOW=5840 RES=0x00 SYN URGP=0

Oct 26 15:15:12 [UFW BLOCK] IN=eth0 OUT=
MAC=04:01:26:15:5a:01:28:8a:1c:64:cf:xx:xx:xx SRC=60.186.xx1.xx
DST=178.62.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=19751 DF PROTO=TCP
SPT=52502 DPT=34449 WINDOW=5840 RES=0x00 SYN URGP=0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20141026/e6569327/attachment.html>