[tor-relays] Any security tips on running a TOR relay?

Tristan supersluether at gmail.com
Fri Aug 5 01:20:45 UTC 2016


I didn't look at all of them, but I've been tracing some of the IPs that
have been blocked. Each one I've traced goes back to *.in-addr.arp. Even
more interesting is that some of these connections get blocked, even though
they're incoming on port 443, which allows traffic from anywhere!

Any ideas what in-addr.arp is, and why the firewall would block it even on
allowed ports? I remember seeing this somewhere in the Unbound config, but
the IP isn't the same, and I didn't set up any of the "local zones" in
there.

On Thu, Aug 4, 2016 at 6:00 PM, Green Dream <greendream848 at gmail.com> wrote:

> That's my setup as well. My UFW looks like:
>
> To                         Action      From
> --                         ------      ----
> 80/tcp                     ALLOW       Anywhere
> 443/tcp                    ALLOW       Anywhere
> xxx/tcp                   ALLOW       Anywhere
>
> I have my DirPort set to 80 and ORPort on 443. The last line is my ssh
> port (I didn't want to broadcast it).
>
> I also see the same type of blocked incoming packets. It's never been a
> problem. I think it's just the nature of the stateful firewall. Once
> connections are closed and no longer in the state table, additional packets
> are getting denied. That's my lazy/gut explanation, I don't have more time
> to think about it at the moment, but I don't think it's anything to worry
> about.
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>


-- 
Finding information, passing it along. ~SuperSluether
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160804/fa5721c7/attachment.html>


More information about the tor-relays mailing list