Hi Keifer, You can't use the same port. Here is a simple example: BridgeRelay 1 ORPort 56331 ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy ServerTransportListenAddr obfs4 0.0.0.0:53333 ExtORPort auto ContactInfo keiferdodderblyyatgmaildoddercom Log notice file /var/log/tor/notices.log BridgeDistribution email Nickname gbridge AccountingStart day 12:00 AccountingMax 50 GB Example: Let's say you want to allow 50 GB of traffic every day in each direction and the accounting should reset at noon each day: For more details about AccountinMax, see this Support doc: https://support.torproject.org/relay-operators/limit-total-bandwidth/ Did you also install obfs4proxy package? Because on Metrics it says that your bridge don't have any 'transport protocol'. cheers, Gus On Tue, Feb 21, 2023 at 08:23:44AM -0800, Keifer Bly wrote: > Ok, changed to port 8080 and upped my allowed traffic a bit: > > GNU nano 3.2 > /etc/tor/torrc > > > Nickname gbridge > ORPort 8080 > SocksPort 0 > BridgeRelay 1 > PublishServerDescriptor bridge > BridgeDistribution email > ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy > ServerTransportListenAddr obfs4 0.0.0.0:8080 > ExtOrPort auto > Log notice file /var/log/tor/notices.log > ExitPolicy reject *:* > AccountingMax 50 GB > ContactInfo keiferdodderblyyatgmaildoddercom > > Yes, I have limited bandwidth I can give so as to avoid being > massively charged for traffic. Perhaps there is a way to set tor to only > allow traffic with a small connection? Thanks. > > > > > > > > > > > --Keifer > > > On Tue, Feb 21, 2023 at 1:29 AM trinity pointard <trinity.pointard@xxxxxxxxx> > wrote: > > > > And the reason why it's on port 443 is so as to be on a port that's not > > likely blocked by network administrators. > > > > That might be useful for the ORPort of a relay, and for the obfs4 port > > of a bridge, but not for the ORPort of a bridge. Clients are not > > supposed to connect to it. > > The only reason it's exposed is because the bridge authority still > > requires it to verify the bridge is reachable. See > > https://gitlab.torproject.org/tpo/core/tor/-/issues/7349. > > You are better of using 443 for the ServerTransportListenAddr, and > > some high port for ORPort. > > > > On Tue, 21 Feb 2023 at 03:05, Keifer Bly <keifer.bly@xxxxxxxxx> wrote: > > > > > > Well, > > > > > > So I just changed my torrc to this: > > > > > > Nickname gbridge > > > ORPort 443 > > > SocksPort 0 > > > BridgeRelay 1 > > > PublishServerDescriptor bridge > > > BridgeDistribution email > > > ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy > > > ServerTransportListenAddr obfs4 0.0.0.0:8080 > > > ExtOrPort auto > > > Log notice file /var/log/tor/notices.log > > > ExitPolicy reject *:* > > > AccountingMax 50 GB > > > ContactInfo keiferdodderblyyatgmaildoddercom > > > > > > Trying to avoid being charged a huge amount for traffic as these VPS > > providers can be ridiculous when it comes to that, which is why it was set > > to so little. Ran killall -HUP tor to reload it and see that happens in the > > next day or so. And the reason why it's on port 443 is so as to be on a > > port that's not likely blocked by network administrators. Thank you. > > > --Keifer > > > > > > > > > On Mon, Feb 20, 2023 at 2:23 PM trinity pointard < > > trinity.pointard@xxxxxxxxx> wrote: > > >> > > >> Hi, > > >> > > >> Your torrc is correct wrt to distribution mechanism (your bridge is > > >> indicating "bridge-distribution-request any" in the descriptor it > > >> sends), but for the record, the line would have been > > >> "BridgeDistribution any". > > >> A bridge uses less bandwidth than a relay, but it's still a proxy. At > > >> 5GB per month, you'd be providing a steady 16kbps over the month, or a > > >> single mbps for little over 11 hours. That's very little, if you can't > > >> have more bandwidth (by using a provider with no bandwidth accounting, > > >> or one that gives better pricing per bandwidth), I fear your bridge > > >> won't be very useful at all. Mine consumes between a few hundred GB > > >> and a few TB depending on the distribution mechanism. > > >> > > >> Are you sure your bridge is reachable? Bridgestrap reports suggest it > > isn't. > > >> As the bridge operator, you should know its bridge line. Can you test > > >> it with Tor Browser to make sure? > > >> Given your accounting limits, it could be unreachable because > > >> currently hibernating. Or you could have a firewall issue, or > > >> something else. > > >> I believe not passing bridgestrap can explain not being assigned a > > >> distribution mechanism. > > >> > > >> It might also explain why it would be considered blocked in Russia: if > > >> it's not reachable from anywhere, it's not reachable from Russia. An > > >> other possibility, given you use 443 for your ORPort, is that your > > >> bridge was indeed detected by just scanning the whole internet. The > > >> ORPort is very recognizable (enough that some of my former bridges > > >> ended up tagged "tor" on Shodan) so it should be put on a port that's > > >> less likely to be scanned. > > >> > > >> Regards, > > >> trinity-1686a > > >> > > >> On Mon, 20 Feb 2023 at 21:29, Keifer Bly <keifer.bly@xxxxxxxxx> wrote: > > >> > > > >> > Where in the torrc file would I set it to any? I am looking for a way > > to run a bridge without being charged a huge amount of money for it, and I > > was curious how it would have been detected by Russia if noone had used the > > bridge there? Thanks. > > >> > --Keifer > > >> > > > >> > > > >> > On Mon, Feb 20, 2023 at 8:45 AM <lists@xxxxxxxxxxxxxxx> wrote: > > >> >> > > >> >> On Samstag, 18. Februar 2023 18:56:00 CET Keifer Bly wrote: > > >> >> > Ok. Here is the torrc file: > > >> >> > > > >> >> > GNU nano 3.2 /etc/tor/torrc > > >> >> > > > >> >> > > > >> >> > Nickname gbridge > > >> >> > ORPort 443 > > >> >> > SocksPort 0 > > >> >> > BridgeRelay 1 > > >> >> > PublishServerDescriptor bridge > > >> >> > ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy > > >> >> > ServerTransportListenAddr obfs4 0.0.0.0:8080 > > >> >> > ExtOrPort auto > > >> >> > Log notice file /var/log/tor/notices.log > > >> >> > ExitPolicy reject *:* > > >> >> > AccountingMax 5 GB > > >> >> > ContactInfo keiferdodderblyyatgmaildoddercom > > >> >> > > > >> >> > > > >> >> > Where in this torrc file is that configured? > > >> >> Then set it to 'any' and wait 24-48 hours to see what happens. Maybe > > there was > > >> >> an error in the db. > > >> >> > > >> >> If your bridge is still not distributed, it could be due to the > > outdated > > >> >> obfs4proxy or because of 'AccountingMax 5 GB'. > > >> >> Sorry but, 5 GB is a 'fart in the wind' the accounting period would > > only be a > > >> >> few hours a month. It's not even worth distributing them because it > > would only > > >> >> frustrate the users. > > >> >> > > >> >> > And how would it be blocked in > > >> >> > Russia already if it hasn't even been used? > > >> >> Why should this new feature of the bridgedb, more precisely the > > rdsys backend, > > >> >> have anything to do with whether someone uses a bridge? This is a > > bridgedb > > >> >> distribution method introduced by meskio. > > >> >> > > >> >> > > >> >> -- > > >> >> ╰_╯ Ciao Marco! > > >> >> > > >> >> Debian GNU/Linux > > >> >> > > >> >> It's free software and it gives you > > freedom!_______________________________________________ > > >> >> tor-relays mailing list > > >> >> tor-relays@xxxxxxxxxxxxxxxxxxxx > > >> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > >> > > > >> > _______________________________________________ > > >> > tor-relays mailing list > > >> > tor-relays@xxxxxxxxxxxxxxxxxxxx > > >> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > >> _______________________________________________ > > >> tor-relays mailing list > > >> tor-relays@xxxxxxxxxxxxxxxxxxxx > > >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > > > _______________________________________________ > > > tor-relays mailing list > > > tor-relays@xxxxxxxxxxxxxxxxxxxx > > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > _______________________________________________ > > tor-relays mailing list > > tor-relays@xxxxxxxxxxxxxxxxxxxx > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > _______________________________________________ > tor-relays mailing list > tor-relays@xxxxxxxxxxxxxxxxxxxx > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- The Tor Project Community Team Lead
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays