[tor-relays] tor-relays Digest, 3 questions on torcc file

Matt Traudt sirmatt at ksu.edu
Sat Sep 3 20:12:44 UTC 2016 

Daniel Boone

The answers to your questions depend on what you want to do.

> Log options

If you leave them all commented, by default you'll get 'Log notice file
/var/log/tor/log'. This is probably what you want unless you're
debugging some issue.

> ControlPort 9051

I'm **pretty sure** this is just for tools like arm. This should
probably not be forwarded at your router, as you'll probably just run
arm on the same machine as Tor.

Other people, please correct me if I'm wrong about ControlPort's purpose.

> RelayBandwidthRate, RelayBandwidthBurst

Only set this if you want to limit the bandwidth you advertise. Leave
them commented if you want Tor to use as much bandwidth as possible.

> Accounting

Only set these options if you can only transfer so much data in a given
time period. For example, some VPS providers may only give you 1 TB of
total upload/download bandwidth in a month. You would then use the
accounting options to make sure you do not go above that.

> Exit policy

Do you want to be an exit realy, or don't you? If you want to be an
exit, then set ExitRelay to 1 like it suggests, then use the ExitPolicy
options to set the rules you would like. This[1] is a good place to
start if you would like to be an exit but avoid as many abuse complaints
as possible.

If you do not want to be an exit relay, set ExitRelay to 0. For good
measure, also make the only ExitPolicy option equal to "reject *:*"

[1]: https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy

I hope this is helpful to you.

Matt

On 09/03/2016 03:55 PM, daniel boone wrote:
>  
> I got a couple of question to ask on the torrc file and I hope one of
> you will direct me.
>  
> Ok here we go. I got it working as a relay which i can see in the
> terminal. I just started so it is still testing bandwidth. but this is
> not my questions
>  
> 1. on line 18 of mine it is about Socks. I was reading in the man pages
> on this. It was #Socksport 9050. Per the man pages I took out the
> comment and placed as "+" per the page. So now it is *+SOCKSPort 9050 #
> Default: Bind to localhost:9050 for local connections.*
>  
>  
> Ok, lines 37-44
>  
> *## Send all messages of level 'notice' or higher to
> /var/log/tor/notices.log
> #Log notice file /var/log/tor/notices.log
> ## Send every possible message to /var/log/tor/debug.log
> #Log debug file /var/log/tor/debug.log
> ## Use the system log instead of Tor's logfiles
> #Log notice syslog
> ## To send all messages to stderr:
> #Log debug stderr*
>  
> at one time I had the 2nd one uncommented and I did get a log file in
> the /var/tor/log file. I'm not running the tor-browser pkg I am just
> running tor thru the terminal to be straight.
> If I would run the say tor-browser pkg from synaptic and I do have
> installed, but I just cant tell for sure if the relay is working that
> way. This way in terminal I can but also can not use the browser.
> Should I  have the 2nd one uncommented?
>  
> Lines 55-61 I do have the ControlPort uncommented and it does show it
> connects to all ports. Took me a bit to get the partitions active thru
> the modem/router. Never had to do that before. I just used the standard
> ports that it had on it till the other day.
> line 57 like i said I have uncommented and also line 61 for the hash
> control.
>  
> *ControlPort 9051
> ## If you enable the controlport, be sure to enable one of these
> ## authentication methods, to prevent attackers from accessing it.
> HashedControlPassword*
>  
> OrPort is uncommented and set to the port line 84.
>  
> on line 109 it is speaking of the bandwidth I have it uncommented
>  
> *RelayBandwidthRate 100 KBytes   #Throttle traffic to 100KB/s (800Kbps)
> #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb)*
>  
> This one here blows my mind. Lines 103-122 what throws me in the
> terminal it shows its in hibernation
>  
> Here this from the torrc file not to throw anyone off.
>  
> *## Define these to limit how much relayed traffic you will allow. Your
> ## own traffic is still unthrottled. Note that RelayBandwidthRate must
> ## be at least 20 kilobytes per second.
> ## Note that units for these config options are bytes (per second), not
> ## bits (per second), and that prefixes are binary prefixes, i.e. 2^10,
> ## 2^20, etc.
> RelayBandwidthRate 100 KBytes   #Throttle traffic to 100KB/s (800Kbps)
> #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb)*
> *## Use these to restrict the maximum traffic per day, week, or month.
> ## Note that this threshold applies separately to sent and received bytes,
> ## not to their sum: setting "40 GB" may allow up to 80 GB total before
> ## hibernating.
> ##
> ## Set a maximum of 40 gigabytes each way per period.*
> line 118*  AccountingMax 20 GBytes
> ## Each period starts daily at midnight (AccountingMax is per day)*
> line 120*AccountingStart day 00:00
> ## Each period starts on the 3rd of the month at 15:00 (AccountingMax
> ## is per month)
> #AccountingStart month 3 15:00*
>  
> line 118  You see i have mine set at 20G. but it was at 40GB "is that a
> good setting?
>  
> line 120 what do you do with that one? 
>  
> DirPort i do not have uncommented for a caution from the man page.
>  
> lines 186-190 
>  
> #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports on IPv4 and
> IPv6 but no more
> #ExitPolicy accept *:119 # accept nntp ports on IPv4 and IPv6 as well as
> default exit policy
> #ExitPolicy accept *4:119 # accept nntp ports on IPv4 only as well as
> default exit policy
> #ExitPolicy accept6 *6:119 # accept nntp ports on IPv6 only as well as
> default exit policy
> line 190 *ExitPolicy reject *:25  #no exits allowed*
>  
> *The man pages suggested that number*
>  
> This is from my Terminal
> *If you do want to run an exit Relay, please set the ExitRelay option to
> 1 to disable this warning, and for forward compatibility.*
>  
> *I am a little foggy on that one. Can someone please set me straight  on
> my questions?*
> *tks*
> *-db-*
>  
>  
>  

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160903/de802681/attachment-0001.sig>

More information about the tor-relays mailing list