[tor-relays] Confusing bridge signs...

lists at for-privacy.net lists at for-privacy.net
Sun Mar 12 22:39:15 UTC 2023 

On Sonntag, 12. März 2023 04:45:21 CET Keifer Bly wrote:
> I do not use any scripts to start tor, I just type tor to start the process
> on debian.
That's where your problems begin. You start a 2nd tor process as root that 
doesn't take the default configs from:
/usr/share/tor/tor-service-defaults-torrc & /etc/tor/torrc

You have a systemd system & tor.service is activated by default. You don't 
have to do anything, tor runs automatically after a reboot|server start.

The systemd services are controlled with the following commands:
systemctl start tor.service
systemctl stop tor.service
systemctl restart tor.service
systemctl reload tor.service
systemctl status tor.service

> And yes the datacenter I run in has an external firewall which
> requires setting up port forwarding.
Ok, anything in the customer interface for the datacenter router.
 
> The result of running ls -A /var/log/tor
> 
> root at instance-1:/home/keifer_bly# ls -A /var/log/tor
> notices.log  notices.log.1  notices.log.2.gz  notices.log.3.gz
>  notices.log.4.gz  notices.log.5.gz
There are 6 log files of one of the tor processes. Both write to syslog.

> 
> So it's creating separate .gz files for some reason. I don't know why that
> is or what to do from here. Thanks.
I wrote, learn what _logrotate_ does. Hint: without that, the hd fills up.
man logrotate

> 
> 
> 
> --Keifer
> 
> On Fri, Mar 10, 2023 at 8:15 AM <lists at for-privacy.net> wrote:
> > On Mittwoch, 8. März 2023 18:13:01 CET Keifer Bly wrote:
> > > Strangely, nothing whatsoever is being written to the notices.log file,
> > > upon checking it it is completely empty, nothing there.
> > 
> > That can't be, please post:
> > ~# ls -A /var/log/tor
> > 
> > In general, everything is always written to /var/log/syslog &
> > systemd-journald
> > to /var/log/journal (binaries).
> > ~$ man journalctl
> > 
> > > I wonder why that
> > 
> > Read what _logrotate_ does. Every tor restart creates a new empty log
> > file.
> > 
> > > would happen and how else to tell what's going on? Tor is running as
> > > root
> > 
> > Why do you change security-related default settings? Default tor user is:
> > debian-tor. (On Debian and Ubuntu systems)
> > 
> > > so it's not a permission issue, and I also set up a port forwarding rule
> > 
> > Why? You have a server in the data center. You only need forwarding on a
> > router! Packet forwarding is also disabled in /etc/sysctl.conf per
> > default.
> > 
> > Your iptables must start like this.
> > *filter
> > 
> > :INPUT DROP [0:0]
> > :FORWARD DROP [0:0]
> > :OUTPUT ACCEPT [0:0]
> > 
> > ...
> > -A INPUT -p tcp --dport  <Your-Tor-ORPort> -j ACCEPT
> > ...
> > 
> > No FORWARD, no  OUTPUT rules.
> > 
> > --
> > ╰_╯ Ciao Marco!
> > 
> > Debian GNU/Linux
> > 
> > It's free software and it gives you
> > freedom!_______________________________________________
> > tor-relays mailing list
> > tor-relays at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


-- 
╰_╯ Ciao Marco!

Debian GNU/Linux

It's free software and it gives you freedom!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 3864 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20230312/161cc85a/attachment.sig>

More information about the tor-relays mailing list