[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Ports 443 & 80
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Ports 443 & 80
- From: morphium <morphium@xxxxxxxxxxxxx>
- Date: Sun, 18 May 2008 19:50:27 +0200
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 18 May 2008 13:50:33 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=y4TBhV23j6e13slo2DqvehCrWcxxT1ClgCQXObm0x8k=; b=f6saEonZinrceHOqvhT4RyjDkUUmijSyWpDK6xtpxluU2Qabdvse02sZ95OKrrHGUo+leifStj3h3zQd7P3gyBawPY1XqlQ3JrpiKOaipFdxXOQotpcwbdaY18TmWjiNeG106m64nzWbHCYSStX7rQyH+N6RYMZsH9qGpL4Ncv8=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=OoJ03or8vWhHZZnS7uDfppf3JNxMUkg0Vo6jZngB7xu44YLXDH6MQktD6GgkDtE1v6Jl4YB3YlKCAgzDSxHc6vALCtuDFw0awRyDv43Q4L1yIt/8QsdnT3f18nZAHEzFXY1HxiLq+JN/556M0s1MHFEvY7lALjFgq+Fap/cgLuI=
- In-reply-to: <200805171853.35244.njdube@xxxxxxxxx>
- References: <200805171853.35244.njdube@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
why don't you set ORListenAddress to 0.0.0.0:443 and don't do anything
with your firewall?
2008/5/18, Nathaniel Dube <njdube@xxxxxxxxx>:
> I read somewhere that you can use ports 443 and 80 to help out people stuck
> behind really restrictive firewalls. I've been trying to manually configure
> Tor to do just that. I've configured the router for port forwaring. I'm
> pretty sure I did the same for my Linux firewall. I told the firewall to
> listen on ports 443/80 and redirect to 9090/9091. So the way I understand it
> is, Tor servers/clients should be trying to connect to ports 443/80 --> my
> router listens on 443/80 and bounces to my firewall --> my firewall listens
> to 443/80 and bounces to 9090/9091 which the tor server is really listening
> in on. I'm running openSUSE 10.3. I used yast to set the firewall. If I
> understand what I'm doing I use the "Masquerading" section to do firewall
> port forwaring. Which I'm pretty sure I did correctly but for some reason
> servers/clients are still unable to connect to my tor server.
> I could really use some help getting this working. I can get the normal ports
> working no problem and have my server join the tor network. It's when I try
> doing the port 443/80 trick that things get harry.
> Here are screenshots of my configuration screens I did for the port
> Here's portions of tor's config file. I Xed out stuff that might be
> considered a security risk on my part.
> SocksPort 9050
> SocksListenAddress 127.0.0.1
> DataDirectory /home/tor/.tor
> ControlPort 9051
> ORPort 443
> ORListenAddress 0.0.0.0:9090
> DirPort 80
> DirListenAddress 0.0.0.0:9091
> Also, here's the log when I run tor in Konsole as root. I know, don't run Tor
> as root. I'm just doing that to test it to make sure it's working before I
> set it to start on boot under the "tor" user.
> May 16 23:09:16.449 [notice] Tor v0.1.2.19. This is experimental software. Do
> not rely on it for strong anonymity.
> May 16 23:09:16.450 [notice] Initialized libevent version 1.3b using method
> epoll. Good.
> May 16 23:09:16.450 [notice] Opening OR listener on 0.0.0.0:9090
> May 16 23:09:16.450 [notice] Opening Directory listener on 0.0.0.0:9091
> May 16 23:09:16.450 [notice] Opening Socks listener on 127.0.0.1:9050
> May 16 23:09:16.450 [notice] Opening Control listener on 127.0.0.1:9051
> May 16 23:09:16.451 [warn] You are running Tor as root. You don't need to, and
> you probably shouldn't.
> May 16 23:09:16.642 [notice] Your Tor server's identity key fingerprint
> is 'XXXXXXXXXXXXXXXXXXX'
> May 16 23:09:18.240 [notice] We now have enough directory information to build
> May 16 23:09:18.438 [notice] Guessed our IP address as XXXXXXXXXXXXX.
> May 16 23:09:21.856 [notice] Tor has successfully opened a circuit. Looks like
> client functionality is working.
> May 16 23:09:21.856 [notice] Now checking whether ORPort XXXXXXX:443 and
> DirPort XXXXXXXXXXXX:80 are reachable... (this may take up to 20 minutes --
> look for log messages indicating success)
> May 16 23:29:18.900 [warn] Your server (XXXXXXXXXXX:443) has not managed to
> confirm that its ORPort is reachable. Please check your firewalls, ports,
> address, /etc/hosts file, etc.
> May 16 23:29:18.900 [warn] Your server (XXXXXXXXXX:80) has not managed to
> confirm that its DirPort is reachable. Please check your firewalls, ports,
> address, /etc/hosts file, etc.