[tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org

Michael Armbruster tor at armbrust.me
Sat Aug 6 12:06:04 UTC 2016 

Hi Paul,

You have applied a wrong ExitPolicy entry somewhere in your torrc for
the default instance.

You wrote

"ExitPolicy reject x.x.x.x/80"

though most probably you wanted to block the port 80 on a specific
address, so you have to provide

"ExitPolicy reject x.x.x.x:80"

instead, with a colon, not a slash. The slash is there to block a
specific address *range*. You can read more about subnets and the
calculation for a bitmask here: https://en.wikipedia.org/wiki/Subnetwork

Best,
Michael

On 2016-08-06 at 13:30, pa011 wrote:
> I am inexperienced an have probably the same problem after upgrading to 0.2.8.6.
> 
> Even after reboot my second instance Tor-tor2 is running while the default service is exiting - syslog looks like this:
> 
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.744 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.745 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/downl$
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file "/etc/tor/torrc".
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.747 [notice] Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMem$
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.751 [warn] Bad number of mask bits (80) on address range; rejecting.
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.751 [warn] Couldn't parse line "x.x.x.x/80". Dropping
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.751 [warn] Malformed policy 'reject x.x.x.x/80'. Discarding entire policy list.
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.752 [warn] Failed to parse/validate config: Error in ExitPolicy entry.
> Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.752 [err] Reading config failed--see warnings above.
> Aug  6 12:11:33  systemd[1]: tor at default.service: control process exited, code=exited status=1
> Aug  6 12:11:33  systemd[1]: Failed to start Anonymizing overlay network for TCP.
> Aug  6 12:11:33  systemd[1]: Unit tor at default.service entered failed state.
> Aug  6 12:11:33  systemd[1]: tor at default.service start request repeated too quickly, refusing to start.
> Aug  6 12:11:33  systemd[1]: Failed to start Anonymizing overlay network for TCP.
> Aug  6 12:11:33  systemd[1]: Unit tor at default.service entered failed state.
> Aug  6 12:11:38  Tor-tor2[492]: Bootstrapped 80%: Connecting to the Tor network
> Aug  6 12:11:38  Tor-tor2[492]: Signaled readiness to systemd
> Aug  6 12:11:38  Tor-tor2[492]: Opening Control listener on /var/run/tor-instances/tor2/control
> Aug  6 12:11:38  Tor-tor2[492]: Self-testing indicates your ORPort is reachable from the outside. Excellent.
> Aug  6 12:11:39  Tor-tor2[492]: Bootstrapped 85%: Finishing handshake with first hop
> Aug  6 12:11:39  Tor-tor2[492]: Bootstrapped 90%: Establishing a Tor circuit
> Aug  6 12:11:40  Tor-tor2[492]: Tor has successfully opened a circuit. Looks like client functionality is working.
> Aug  6 12:11:40  Tor-tor2[492]: Bootstrapped 100%: Done
> 
> 
> Could somebody please give me a detailed hint what to do please?
> 
> Thanks
> Paul
> 
> 
> Am 05.08.2016 um 20:27 schrieb tor relay:
>>> So there is no way to disable the default instance using systemctl after all?
>>
>> To answer my own question:
>> systemctl mask tor at default
>> disables the default instance for real.
>>
>> ..but I'm still curious why tor at default is a static unit (without [Install] section)
>> https://bbs.archlinux.org/viewtopic.php?id=147964
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160806/269306d3/attachment.sig>

More information about the tor-relays mailing list