[tor-relays] relay behind reverse proxy
s7r at sky-ip.org
Mon Mar 9 14:35:10 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
If you are using the free nginx, community project, that will only
allow you to deploy a http(s) proxy. Only the commercial (paid) nginx
allows you to deploy a TCP proxy (handles all TCP traffic), which is
what you need for a Tor relay.
If you want to use a proxy, you should look into a TCP proxy which
will handle any type of TCP traffic, regardless of protocol. (Tor uses
http for directory requests [DirPort] but not for ORPort). Make sure
your relay can reach the other relays in the consensus and it doesn't
have any kind of restrictions or limitations such as being able only
to talk on certain ports or reach a limited number of IP addresses,
etc. Your relay needs to be able to connect to all the other relays,
so the clients can build circuits through it.
A free open source solution might be haproxy ( http://www.haproxy.org/ )
Maybe this will help you with your setup.
Make sure you properly bind DirPort and ORPort to the correct
interface and use NoAdvertise and NoListen accordingly. Provide more
information about your setup and the relevant configs, if you are not
able to do it.
Read the manual: https://www.torproject.org/docs/tor-manual.html.en
Thanks for running a relay!
On 3/9/2015 1:46 PM, efkin wrote:
> hello tor ^.^
> i'm trying to setup a tor relay behind a nginx reverse proxy... i
> would like to know if it's correctly setup.
> i have this warn in the logs:
> [warn] Received http status code 404 ("Not found") from server
> '220.127.116.11:443' while fetching
> but then in the same log little bit after:
> [notice] Tor has successfully opened a circuit. Looks like client
> functionality is working.
> last message is : Now checking whether ORPort X.X.X.X:9001 is
> reachable... (this may take up to 20 minutes -- look for log
> messages indicating success)
> thx for support.
> it's a great community!
> efkin _______________________________________________ tor-relays
> mailing list tor-relays at lists.torproject.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
-----END PGP SIGNATURE-----
More information about the tor-relays