-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Holstein wrote: (snip) >> all behind a Linksys Firewall Router. > > This will be a problem. Cheap-o routers don't have enough memory to > manage huge state tables. You'd be better off getting a second NIC card > for the PC and just using the server to firewall/NAT your LAN, in > addition to running TOR. If that scares you, just re-use an old PC and > run Smoothwall on it (or any of the other many "appliance" distros that > do this). >
As long as the bandwidth you're passing through is relatively low, you might get by with a custom firmware which lets you increase the size of the conntrack state table. Mine's a Linksys WRT54G v4, running HyperWRT+Thibor; I upped it to the max allowed (8192 connections, 600 second timeout) without any problems (and there's three machines behind it, one of them running virtual machines). Two caveats: 1.) The Linksys WRT54G v4 was the revision of that model with the most CPU and RAM, others had less; 2.) If you're running a high-bandwidth node - and if you're not, it'd be a waste of that nice shiny box of yours (unless you have it do other things) - I doubt 8192 connections would do it, and you probably should take Mr. Holstein's suggestion. >> My service provider will most likely be Comcast cable broadband. >> > > YMMV, but Comcrap will axe you if they know you're running servers, and > they WILL know that if you decide to run an exit, because they'll get > lots of complaints about it. I lost count of the number of complaints > mine generated, but I still have copies of the various subpoenas I got (*). (snip) That sucks. What about if he runs a middleman node? - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHYy7wbgkxCAzYBCMRAnb/AJ4h3Gfk1+b1y/X9KvSwRqqlZ/xM4gCgjBtK XNrbOqd+RIo5VT0dCkcTf4U= =n3h6 -----END PGP SIGNATURE-----
