[tor-relays] firewall ports needed to run a middle relay

Roman Mamedov rm at romanrm.net
Thu Apr 25 21:56:50 UTC 2019

On Thu, 25 Apr 2019 21:43:33 +0000
torix at protonmail.com wrote:

> I need to move to a new router, which, unlike the old Verizon home router, doesn't have a quick DMZ host to which I attach the tor telay's local ip address.  So I think I need to do port forwarding, and for that what rules do I need? My torrc config has:
> ControlPort 9052
> ORPort 8443
> DirPort 8080
> So I forwarded 8443 and just in case, 8080.
> But the number of my connexions kept dropping, so I put it back in the DMZ and it started getting new ones again.  Trying to figure out if I screwed up the config gui, or if I need to add other ports.  Did I miss a port?

ORPort is enough, and DirPort is not needed anymore by the current versions of
Tor, you can remove it from the config and not forward it, which is great, one
less port to keep track of.

With respect,

More information about the tor-relays mailing list