[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Need help to set up Tor + Router: ORPort and DirPort unreachable



Besides, did you know that your relay was last listed in the consensus database on the 10th of January with an older version of Tor (0.2.3.25)? Did you happen to change something on that day? Are you also possible running a firewall of which you could post the configuration?

Regards,
Viktor


2014/1/20 Viktor Haaksman <viktorhaaksman@xxxxxxxxx>
Hi Chris,

First of all, this mailing list is public and posting a Tor log with your IP in there is not advisable, so I would suggest to remove sensitive data prior to attaching the log next time ;). Some remarks on the log file you posted:
- Your OpenSSL version was not compiled with options that are supported by 64-bit operating systems, so you could enhance the performance a lot by compiling it with the right flags.
- The IP address in the log file differs from the one from the last entry in the consensus database for genodeftest and your fingerprint is also different. This is an indication that your WAN IP assigned by your ISP is not static. The Tor process can handle this, but a static IP is advisable since this increases the reliability of your relay a lot.
- There are to warnings in your log file, one concerning the microdescriptor cache. I don't know what causes this error, can someone else elaborate on this? It is not the cause of the problem though, i think.
- You mention having forwarded  control and socks/ORport ports in your router, but your logs tell that the DirPort is 9030, the ORport is 9001. It is okay now, but I would strongly advise not to forward the control port in your router, since it severely lowers the security of your relay if the control port is reachable from the internet.

According to your description, Tor seems to be configured correctly
for basic (exit-)relay operation and the usage as a client. I
therefore assume that the configuration of your router gives rise to
the error. Have you assigned a static IP address to the node in you
network on which Tor is running on? Otherwise, the port mapping in the
router will fail the moment that this node gets a new DHCP lease from your router. Can you check that?


Kind regards,
Viktor

2014/1/20 Christian Stadelmann <chris.privat@xxxxxxxxxxxxxx>:

> Hi
>
> I am running tor 0.2.4.20 from official RPM repositories on my local
> machine (Fedora 20). I can use it to surf the web and
> https://check.torproject.org/ (besides others) tells me that tor is
> running. I had the same problem with 0.2.3.25 from fedora's own
> repository.
>
> According to `netstat -tulpen` tor listens on 0.0.0.0:9001,
> 0.0.0.0:9030, and Control port + Socks port.
> I configured my Router to port-forward 9001 and 9030 for both TCP+UDP
> and IPv4+IPv6. How can I test that this worked?
>
> I am running a local firewall but it does not seem to matter whether it
> is enabled or disabled.
>
> Is there anything else I could be missing?
>
> Regards
> Chris
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays