Re: [tor-relays] Nagios/Icinga plugin check_tor_bandwidth for gathering bandwidth data

Subject: Re: [tor-relays] Nagios/Icinga plugin check_tor_bandwidth for gathering bandwidth data

From: Tim Wilson-Brown - teor <teor2345@xxxxxxxxx>

Date: Thu, 26 Nov 2015 09:33:05 +1100

Delivery-date: Wed, 25 Nov 2015 17:33:25 -0500

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:message-id :references:to; bh=9uaDRQ1rCPkD0L/iCzvaX8aptJ+fw7NXhBFpyXbz81A=; b=CJqT4sKsilN5UAEs2/ifKRByKSnw/XTnTps7r+cAHz/ZdNsm2EO5OYsQH1vYRcZErh uIHS9ac1oPOYN5cku4yNDSXkdgHWCk9NFKKKXijgcSvDv+YD8EtYqmtt8rX+G6OHojsv sCZHcb/5j7MkFccHPKP0rkZ/ZEyRSns2bqlyuZRkH5pPvCyWbWzeXB3apzoI8SSZ36sB Kg8hVv0oL2WbXJjNDXHEuPpXAVD8qU+8/H1whNF7eBfRW6Zw4Gmwf2BmKP5azPsh+yQn UPODGWNoBCPOKYan8RUq52egs2Lt/JijMvlAab+a1MDldC+zyN0momiEaMum0aDP2RIc uTwQ==

In-reply-to: <5655FFA3.2040008@xxxxxxxxxxx>

List-archive: <http://lists.torproject.org/pipermail/tor-relays/>

List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>

List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>

List-post: <mailto:tor-relays@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>

References: <5655FFA3.2040008@xxxxxxxxxxx>

Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On 26 Nov 2015, at 05:36, Josef Stautner <hello@xxxxxxxxxxx> wrote:

Hello @all,

(I'm not sure if you guys are interested in a topic like this)
I wrote a perl script to gather bandwidth data from my Tor exit relay.
The script connects to the Tor control socket, fetches the running
config to extract the bandwidth limits and the reject rule count.
Afterwards the last 60 bw-cache entries are fetched and average values
are built for bandwidth in and out.
All this performance data is then forwarded to Nagios/Icinga where you
can do anything with that values.

Every 30 minutes a cronjob renders the graph showing the datapoints of
the last 6 houres and uploads the resulting image to my website. You can
find the image here (Hint: The values for in and out are stacked):
https://blog.veloc1ty.de/bandwidth-large.png

The source of the script can be found here on GitHub:
https://github.com/vlcty/check_tor_bandwidth
It's released under the GPLv3

Maybe somebody will find it usefull :-)

Hi Josef,

Thanks for creating this tool - it looks like a great way for operators to keep an eye on their relay.

But I wonder about the privacy implications of making a relay's high-resolution bandwidth figures public.

For example, attacker can correlate a traffic-based attack on a hidden service, with a traffic peak on its Guards.

(I am not sure if any similar attack applies to Exits, or any other role Exits may have.)

We previously moved to a bandwidth statistics interval of 6 hours for this reason.

(That's why the 3 days and 1 month bandwidth graphs are empty on Globe.)

You lose a certain amount of precision moving to a graph, rather than reporting exact figures in a data file.

But I'm not sure if that's enough to avoid the attack I described above.

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays