[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
tor servers communicating to wrong ports
- To: or-talk@xxxxxxxxxxxxx
- Subject: tor servers communicating to wrong ports
- From: "vikingserver@xxxxxxxxx" <vikingserver@xxxxxxxxx>
- Date: Sat, 04 Aug 2007 12:45:59 +0200
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sat, 04 Aug 2007 06:46:39 -0400
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=W8Fb4GyHcsttNFBY2MDrKDVD4k/9W1JMwfvN6WayNpqPod8fJcvGw6mvbIWdkbXsuGew1/mrmi1E7VlqMPIYUWargh6Oar/QqujhTo8MqHlXl7YtpsATW7lDqJgm2tm8uykUCZu0tZ7QV4d2erkd+Rmb7A7oHMB814R7hQJwWTA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=CYn18OCzOub4vZNlIUEJN4YUHOxv7uMkrnTosrjoQyrnaYjaY0aPaZ27BneK44xY1OQXXllat9eeM6MQSu1dGkT9ClEq3xvnOHbNHmxPC7zj3wcnu896SmULLyQ58O9+ro8hE3p+Lb9Zzfyjmzfw8kXedg0N15p8DtRLQd7Yfzw=
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 22.214.171.124 (Windows/20070728)
I went through my firewall's log today, and noticed a large number of
blocked packets coming from other tor servers.
I run a tor server myself on port 995.
About 1-10 packets per minute coming from other tor servers are blocked.
They all communicate to ports between 59000 and 65000, and my firewall
blocks their communication.
My most important question is, why do other servers communicate to my
server through any other port than 995? 995 is my advertised port.
And if other tor servers' communication to me are answers to requests
from my own tor server sent to them through ports 59000-65000 in my
firewall, why doesn't my firewall allow those answers? The firewall
doesn't block traffic that are answers to "normal" internet software for
example: internet explorer, firefox, email. And only rarely block
streaming video/audio by mistake. But it blocks a lot of tor traffic,
why? (By the way, it blocks tor server traffic to ports 59000-65000 even
when i disable SPI.)
And is the tor software intelligent enough to resend the packets to port
995 instead of ports 59000-65000 when they get blocked?
I'd be thankful for answers to these questions. Not that my life depends
on it, but I'm curious. :-)