Hello, You have some wrong torrc options.They used to work because we didn't had a clear logic, there has been a lot of improvements made since IPv6 Address auto discovery was implemented.
Please see my corrections in line as well as explanations. Hope they make sense.
r1610091651 wrote:
Hi FYISo I've upgraded tor package from 0.4.4.6 to 0.4.5.7-1~xenial+1. No other changes.Yet on startup tor is complaining about mis-configuration:Mar 23 20:55:02.928 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".Mar 23 20:55:02.929 [notice] Read configuration file "/etc/tor/torrc".Mar 23 20:55:02.932 [warn] Configuration port ORPort 9443 superseded by ORPort <local-ip>:9443 Mar 23 20:55:02.932 [warn] We are listening on an ORPort, but not advertising any ORPorts. This will keep us from building a router descriptor, and make us impossible to use. Mar 23 20:55:02.932 [warn] Failed to parse/validate config: Misconfigured server portsMar 23 20:55:02.932 [err] Reading config failed--see warnings above. config: ORPort <local-ip>:9443 NoAdvertise
This is ok, you configured and explicit IP address.
ORPort 9443 NoListen IPv4Only
This is not ok, the NoAdvertise ORPort is explicit <local-ip> but this is wildcard to all interfaces.
IPv4Only either you use it for both NoListen and NoAdvertise ORPort either you don't use it at all since you use AddressDisableIPv6.
This line should be: ORPort <public-ip>:9443 NoListen
AddressDisableIPv6 1
This is OK. Or you can use IPv4Only for both ORPort entries and it will have the same effect.
OutboundBindAddress <local-ip>
This is also OK.
This config is according to spec and worked with 4.4.6.Seems to be related to thes issues, except for me it's blocking: tor fails to start. https://gitlab.torproject.org/tpo/core/tor/-/issues/40300 <https://gitlab.torproject.org/tpo/core/tor/-/issues/40300> https://gitlab.torproject.org/tpo/core/tor/-/issues/40302 <https://gitlab.torproject.org/tpo/core/tor/-/issues/40302>I had to add 0.0.0.0 as ip to make tor start, although that's not documented...ORPort <local-ip>:9443 NoAdvertise ORPort 0.0.0.0:9443 <http://0.0.0.0:9443> NoListen IPv4Only
Please try with my example and remove 0.0.0.0 as it's not our scope, we are trying to configure explicit binding IP addresses. Let me know if this works for you -- it should be a correct configuration.
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays