tor@xxxxxxxxxxx wrote:
Hello,I have a hard time trying to correctly update my configuration following this change, with Tor 0.4.5.2 on Ubuntu focal. The machine has both an IPv4 and IPv6 connectivity, but my relay must only use IPv4 to listen for connections.The relevant parts of my configuration before moving to the 0.4.5 branch was:``` ORPort 192.168.2.1:9001 NoAdvertise ORPort <public-ipv4>:9001 NoListen Address <public-ipv4> OutboundBindAddress 192.168.2.1 ``` Since 0.4.5, the order of the ORPort lines seem to matter. * First case: torrc ORPort lines: ``` ORPort 192.168.2.1:9001 NoAdvertise ORPort <public-ipv4>:9001 NoListen ``` Log from `tor --verify-config -f torrc`: ```Nov 27 11:26:30.043 [warn] We are advertising an ORPort, but not actually listening on one. Nov 27 11:26:30.043 [warn] Failed to parse/validate config: Misconfigured server portsNov 27 11:26:30.043 [err] Reading config failed--see warnings above. ``` * Second case: torrc ORPort lines: ``` ORPort <public-ipv4>:9001 NoListen ORPort 192.168.2.1:9001 NoAdvertise ``` Log from `tor --verify-config -f torrc`: ```Nov 27 11:29:17.236 [warn] We are listening on an ORPort, but not advertising any ORPorts. This will keep us from building a router descriptor, and make us impossible to use. Nov 27 11:29:17.237 [warn] Failed to parse/validate config: Misconfigured server portsNov 27 11:29:17.237 [err] Reading config failed--see warnings above. ``` It looks like the second ORPort line always supersedes the first one? Finally, by changing the configuration to: ``` ORPort 192.168.2.1:9001 NoAdvertise OrPort 9001 NoListen IPv4Only ``` Log from `tor --verify-config -f torrc`: ``` Nov 27 11:34:12.699 [warn] Could not interpret ORPort address as IPv4Nov 27 11:34:12.699 [warn] Failed to parse/validate config: Invalid ORPort configurationNov 27 11:34:12.699 [err] Reading config failed--see warnings above. ```So I am unsure what is the correct approach with what I am trying to achieve. I am not sure if I am missing something or if it's a bug in the new feature?Thanks,
Hello, It won't work, maybe because it was broken in the latest alpha. I already filed a ticket about it: https://gitlab.torproject.org/tpo/core/tor/-/issues/40205 and https://gitlab.torproject.org/tpo/core/tor/-/issues/40208Feel free to comment there with your setup scenarios, or if you don't have a gitlab account I'll link this mail post there.
Try this: - first disable IPv6 from the box entirely, because of https://gitlab.torproject.org/tpo/core/tor/-/issues/40205 - Set just this in your torrc (and it will guess Address): ORPort 192.168.2.1:9001However, your examples look correct setups and are not directly related to those gitlab issues which represent different environments and setups -- can you please paste your entire torrc and make sure 192.168.2.1 or whatever LAN IP you have is the correct LAN IP assigned to this box and that port is free? Also do you set Address?
I would ask you to stay on alpha and not roll back to a previous version as we need to fix this, and the more people test it the better.
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays