[tor-relays] firewall ports needed to run a middle relay

nusenu nusenu-lists at riseup.net
Thu Apr 25 21:48:00 UTC 2019

torix at protonmail.com:
> I need to move to a new router, which, unlike the old Verizon home
> router, doesn't have a quick DMZ host to which I attach the tor
> telay's local ip address.  So I think I need to do port forwarding,
> and for that what rules do I need? My torrc config has: ControlPort
> 9052 ORPort 8443 DirPort 8080
> So I forwarded 8443 and just in case, 8080. But the number of my
> connexions kept dropping, so I put it back in the DMZ and it started
> getting new ones again.  Trying to figure out if I screwed up the
> config gui, or if I need to add other ports.  Did I miss a port?

Forwarding the ORPort and DirPort (if you set one) is all you need
but home broadband uplinks frequently are not made for the amount of
concurrent sessions a tor relay usually has to handle.
So failures might still happen even if you setup the port-forwarding 
part correctly.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20190425/db53ef9b/attachment.sig>

More information about the tor-relays mailing list