[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

UpDate:,,, Success getting Server Up behind NAT,,



Hello Ringo, Csaba and everybody,,
  I did solve the Linksys NAT/RHEL/Tor server puzzle, I think. Server is up and normally I see about 100mbs/sec through it on Vidalia bandwidth graph. Yea! I had to learn a little about routers and network, Tor and RHEL, finally, to whomever is interested, I configured RHEL eth0 to a static IP of my choosing, corresponding to possible assignable IP's from Firewall/Router. Linksys support was good, they advised me of that range. I also had to interpolate other settings from Linksys windows config instructions. Finally, got it right! :),,
  So, server is up and working, thanks to all who tried to help!
 I still have two nagging concerns though. One is that Tor gives me "nameserver failure" notices intermittently, then system seems to go to back up DNS at comcast, as per settings for RHEL static IP. I am not sure what that is about, but it does seem to get resolved and seems to work fine most of the time. Also, I will have to check all info I can to "harden" my server computer. I have seen how many scans go over comcast owned net blocks, running a Tor server without doing *everything* & monitoring system for intrusion attempts just would be asking for failure. Anyhow, I hope for the best, anyone with comments very welcome!
                Algenon
Ringo Kamens <2600denver@xxxxxxxxx> wrote:
Can you try pining the DNS backup to see if you can reach it?
Comrade Ringo Kamens

On 10/29/07, algenon flower wrote:
> Hello TOR people, Yay! I did finally get server up, but all is not
> completely good: Anyone interested please note log entries.Thanks for advice
> and support.
> I hope to have it working perfectly soon. Am not sure exactly what to think
> of entries below:
> *****************************************
> Oct 29 03:31:32.969 [Notice] Tor v0.2.0.7-alpha (r11572). This is
> experimental software. Do not rely on it for strong anonymity. (Running on
> Linux i686)
> Oct 29 03:31:32.975 [Notice] Initialized libevent version 1.1a using method
> epoll. Good.
> Oct 29 03:31:32.979 [Notice] Opening OR listener on 0.0.0.0:9001
> Oct 29 03:31:33.131 [Notice] Opening Directory listener on 0.0.0.0:9030
> Oct 29 03:31:33.138 [Notice] Opening Socks listener on 127.0.0.1:9050
> Oct 29 03:31:33.142 [Notice] Opening Control listener on 127.0.0.1:9051
> Oct 29 03:31:46.978 [Notice] Tor has successfully opened a circuit. Looks
> like client functionality is working.
> Oct 29 03:32:19.088 [Notice] Self-testing indicates your DirPort is
> reachable from the outside. Excellent.
> Oct 29 03:32:45.443 [Notice] Performing bandwidth self-test...done.
> Oct 29 03:33:41.789 [Warning] eventdns: All nameservers have failed
> Oct 29 03:33:41.872 [Notice] eventdns: Nameserver 68.87.69.146 is back up
> Oct 29 03:33:46.790 [Warning] eventdns: All nameservers have failed
> Oct 29 03:33:46.856 [Notice] eventdns: Nameserver 68.87.69.146 is back up
> ************************************************
>
> I can see from the Bandwith Graph that some traffic does flow through,
> though not a lot. Is this normal? Is it OK that I get a "nameserver" error
> and how can that problem be solved?? The listed back up is my normal DNS at
> comcast.
>
> Algenon
>
> algenon flower wrote:
> Hello Pei Hanru, experienced TOR users
> I have checked Linksys doc's and I think they were helpful. At present, I
> think I need to assign a static IP to my RHEL system behind NAT firewall.
> That seems to include two extra assigned IP numbers, like 196.168.1.20, Then
> I can use port forwarding set-up on NAT router. I bet this is elementary
> school for many of you, it took a little while for me :),, All I need now
> is the procedure to assign a static IP on RHEL. I am checking that now,,
> And, Hope it all Works! In any case, thanks to people interested, and
> additional comments welcome.
>
> peace, Algenon
>
> Pei Hanru wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2007-10-27 06:23 CST, algenon flower wrote:
> > Hello Michael Holstein and other interested people
> > I thought I had accomplished port forwarding (see attached file) but
> > did not succeed. After checking with Linksys support site I am going to
> > try a new apporach. Will study the doc's from Linksys, if anyone has
> > experience with this please let me know.
> > Algenon
>
> Unfortunately, you are doing worse...
>
> What you should do is first figuring out the *actual* private IP address
> of your Linux box, then forwarding port 9001 and port 9030 (or port
> range 9001-9030 if you like) to *that* address, rather than forwarding
> the same port range to three distinct addresses.
>
> It's a good idea to reread port forwarding part of Linksys manual carefully.
>
> Hanru
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (Cygwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHJDrrtHG285r2MGoRAvAJAKDLRHZYc/5ZRXeNgaIXnZHUr/2zXgCeOqji
> h67261xOLOYdjvEyADPndks=
> =EmPN
> -----END PGP SIGNATURE-----
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com