Tor server on NSLU2: ORPort unreachable

Eugen eugenrn at gmail.com
Sat Jun 7 11:00:05 UTC 2008 

Hi,

I want to run a Tor middle node on a NSLU2 device (266Mhz, 32 MB RAM).
I installed Debian etch version on it for ARM platform, and it works great..

I installed TOR package 0.1.2.19-3~bpo40+1, from backports.org 
(etch-backports distribution).
I configured ORport=9001, nickname=mrffgdeukg, bandwidth limits (70KB), 
Exit policy reject=*.*. I configured also my router to port-forward 9001 
to NSLU2.

Tor starts without problems... It confirms that client functionality 
works(but I don't use that: SocksPort=0) :
"Jun 07 13:32:37.767 [notice] Tor has successfully opened a circuit. 
Looks like client functionality is working."

But reachability of the ORPort fails...

In the following log lines, 86.122.58.89 is *currently* my router's IP, 
and it is *dynamic* IP.
> Jun 07 13:35:29.813 [info] circuit_expire_building(): Abandoning circ 
> 85.214.104.197:9001:22643 (state 0:doing handshakes, purpose 17)
> Jun 07 13:35:29.814 [info] internal circ (length 3, exit mrffgdeukg): 
> smafio(open) 8351D7E4E5601(open) 
> $3256F7E633EC2D395CF9CB382ADFA08032D47C0C(waiting for keys)
> Jun 07 13:35:29.814 [info] circuit_testing_failed(): Our testing 
> circuit (to see if your ORPort is reachable) has failed. I'll try 
> again later.
> Jun 07 13:35:30.823 [info] consider_testing_reachability(): Testing 
> reachability of my ORPort: 86.122.58.89:9001.
> Jun 07 13:35:30.825 [info] onion_pick_cpath_exit(): Using requested 
> exit node 'mrffgdeukg'
> Jun 07 13:35:30.898 [info] compute_preferred_testing_list(): Looking 
> for middle server that doesn't have the reachability bug, and chose 
> 'smafio'. Great.
> Jun 07 13:35:31.071 [info] circuit_send_next_onion_skin(): First hop: 
> finished sending CREATE cell to 'sabotage'
> Jun 07 13:35:33.986 [info] circuit_finish_handshake(): Finished 
> building circuit hop:
> Jun 07 13:35:33.987 [info] internal circ (length 3, exit mrffgdeukg): 
> sabotage(open) smafio(closed) 
> $3256F7E633EC2D395CF9CB382ADFA08032D47C0C(closed)
> Jun 07 13:35:38.504 [info] circuit_finish_handshake(): Finished 
> building circuit hop:
> Jun 07 13:35:38.505 [info] internal circ (length 3, exit mrffgdeukg): 
> sabotage(open) smafio(open) 
> $3256F7E633EC2D395CF9CB382ADFA08032D47C0C(closed)
> Jun 07 13:36:30.843 [info] circuit_expire_building(): Abandoning circ 
> 195.85.225.145:9001:14116 (state 0:doing handshakes, purpose 17)
> Jun 07 13:36:30.844 [info] internal circ (length 3, exit mrffgdeukg): 
> sabotage(open) smafio(open) 
> $3256F7E633EC2D395CF9CB382ADFA08032D47C0C(waiting for keys)
> Jun 07 13:36:30.844 [info] circuit_testing_failed(): Our testing 
> circuit (to see if your ORPort is reachable) has failed. I'll try 
> again later.
> Jun 07 13:36:31.853 [info] consider_testing_reachability(): Testing 
> reachability of my ORPort: 86.122.58.89:9001.
> Jun 07 13:36:31.855 [info] onion_pick_cpath_exit(): Using requested 
> exit node 'mrffgdeukg'
> Jun 07 13:36:31.928 [info] compute_preferred_testing_list(): Looking 
> for middle server that doesn't have the reachability bug, and chose 
> 'Matmischer'. Great.
> Jun 07 13:36:32.100 [info] circuit_send_next_onion_skin(): First hop: 
> finished sending CREATE cell to 'sabotage'
> Jun 07 13:36:33.761 [info] circuit_finish_handshake(): Finished 
> building circuit hop:
> Jun 07 13:36:33.762 [info] internal circ (length 3, exit mrffgdeukg): 
> sabotage(open) Matmischer(closed) 
> $3256F7E633EC2D395CF9CB382ADFA08032D47C0C(closed)
> Jun 07 13:37:31.469 [info] circuit_expire_building(): Abandoning circ 
> 195.85.225.145:9001:14117 (state 0:doing handshakes, purpose 17)
> Jun 07 13:37:31.470 [info] internal circ (length 3, exit mrffgdeukg): 
> sabotage(open) Matmischer(waiting for keys) 
> $3256F7E633EC2D395CF9CB382ADFA08032D47C0C(closed)
> Jun 07 13:37:31.470 [info] circuit_testing_failed(): Our testing 
> circuit (to see if your ORPort is reachable) has failed. I'll try 
> again later.
netstat confirms that the port 9001 is reachable from outside (LKG99615B 
is the NSLU2's hostname). For example:
tcp        0      0 LKG99615B:9001          cpc3-cmbg8-0-0-cus:2184 
TIME_WAIT
tcp        0      0 LKG99615B:3461          tor.sabotage.org:9001   
ESTABLISHED
tcp        0      0 LKG99615B:9001          squirrel.theremai:58480 
ESTABLISHED
tcp        0      0 LKG99615B:9001          2.9.354a.static.t:46954 
ESTABLISHED
tcp        0      0 LKG99615B:4882          ks36244.kimsufi.c:https 
ESTABLISHED
tcp        0      0 LKG99615B:3694          85.214.104.197:9001     
ESTABLISHED
tcp        0      0 LKG99615B:9001          cm249.epsilon56.m:56728 
ESTABLISHED
tcp        0      0 LKG99615B:9001          tor-exit.miserico:39519 
ESTABLISHED

Thanks for reading all this. I really want this to work, and I'll 
appreciate any  reply. 
If you want more interesting infos, just ask..

Eugen

More information about the tor-talk mailing list