I read somewhere that you can use ports 443 and 80 to help out
people stuck
behind really restrictive firewalls. I've been trying to manually
configure
Tor to do just that. I've configured the router for port
forwaring. I'm
pretty sure I did the same for my Linux firewall. I told the
firewall to
listen on ports 443/80 and redirect to 9090/9091. So the way I
understand it
is, Tor servers/clients should be trying to connect to ports 443/80
--> my
router listens on 443/80 and bounces to my firewall --> my firewall
listens
to 443/80 and bounces to 9090/9091 which the tor server is really
listening
in on. I'm running openSUSE 10.3. I used yast to set the
firewall. If I
understand what I'm doing I use the "Masquerading" section to do
firewall
port forwaring. Which I'm pretty sure I did correctly but for some
reason
servers/clients are still unable to connect to my tor server.
I could really use some help getting this working. I can get the
normal ports
working no problem and have my server join the tor network. It's
when I try
doing the port 443/80 trick that things get harry.
Here are screenshots of my configuration screens I did for the port
forwarding.
http://img246.imageshack.us/img246/303/443zb6.png
http://img265.imageshack.us/img265/1403/80xv7.png
http://img253.imageshack.us/img253/483/yastmasqsm4.png
http://img253.imageshack.us/img253/2820/yastrulesyl0.png
http://img338.imageshack.us/img338/5127/routerpn3.png
Here's portions of tor's config file. I Xed out stuff that might be
considered a security risk on my part.
SocksPort 9050
SocksListenAddress 127.0.0.1
DataDirectory /home/tor/.tor
ControlPort 9051
ORPort 443
ORListenAddress 0.0.0.0:9090
DirPort 80
DirListenAddress 0.0.0.0:9091
Also, here's the log when I run tor in Konsole as root. I know,
don't run Tor
as root. I'm just doing that to test it to make sure it's working
before I
set it to start on boot under the "tor" user.
May 16 23:09:16.449 [notice] Tor v0.1.2.19. This is experimental
software. Do
not rely on it for strong anonymity.
May 16 23:09:16.450 [notice] Initialized libevent version 1.3b using
method
epoll. Good.
May 16 23:09:16.450 [notice] Opening OR listener on 0.0.0.0:9090
May 16 23:09:16.450 [notice] Opening Directory listener on
0.0.0.0:9091
May 16 23:09:16.450 [notice] Opening Socks listener on 127.0.0.1:9050
May 16 23:09:16.450 [notice] Opening Control listener on
127.0.0.1:9051
May 16 23:09:16.451 [warn] You are running Tor as root. You don't
need to, and
you probably shouldn't.
May 16 23:09:16.642 [notice] Your Tor server's identity key
fingerprint
is 'XXXXXXXXXXXXXXXXXXX'
May 16 23:09:18.240 [notice] We now have enough directory
information to build
circuits.
May 16 23:09:18.438 [notice] Guessed our IP address as XXXXXXXXXXXXX.
May 16 23:09:21.856 [notice] Tor has successfully opened a circuit.
Looks like
client functionality is working.
May 16 23:09:21.856 [notice] Now checking whether ORPort XXXXXXX:443
and
DirPort XXXXXXXXXXXX:80 are reachable... (this may take up to 20
minutes --
look for log messages indicating success)
May 16 23:29:18.900 [warn] Your server (XXXXXXXXXXX:443) has not
managed to
confirm that its ORPort is reachable. Please check your firewalls,
ports,
address, /etc/hosts file, etc.
May 16 23:29:18.900 [warn] Your server (XXXXXXXXXX:80) has not
managed to
confirm that its DirPort is reachable. Please check your firewalls,
ports,
address, /etc/hosts file, etc.