BIND down, weird IPs pop up on tor.log
Hi, something really weird has happened to my tor node. I was restarting BIND, wich serves as dns in my LAN, on another machine. Around the same time I found these two lines in /var/log/tor/tor.log: Mar 22 10:29:18.806 [notice] Your IP address seems to have changed to 182.219.88.104. Updating. Mar 22 10:29:18.832 [notice] Your IP address seems to have changed to 182.219.55.216. Updating. I wonder where these IPs came from, and how this could be related to BIND being down at the very moment. $whois says that those are IPs from Down Under, but I'm almost exactly at the other side of the world. Moreover, I can't see any line later on saying that I went back to my real IP. Everything seems to be working normally. Thanks a lot. -- http://www.predicatori.it/marco/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
RE: BIND down, weird IPs pop up on tor.log
Date: Tue, 23 Mar 2010 12:48:08 +0100 From: ma...@predicatori.it To: or-talk@freehaven.net Subject: BIND down, weird IPs pop up on tor.log Hi, something really weird has happened to my tor node. I was restarting BIND, wich serves as dns in my LAN, on another machine. Around the same time I found these two lines in /var/log/tor/tor.log: Mar 22 10:29:18.806 [notice] Your IP address seems to have changed to 182.219.88.104. Updating. Mar 22 10:29:18.832 [notice] Your IP address seems to have changed to 182.219.55.216. Updating. I wonder where these IPs came from, and how this could be related to BIND being down at the very moment. $whois says that those are IPs from Down Under, but I'm almost exactly at the other side of the world. Moreover, I can't see any line later on saying that I went back to my real IP. Everything seems to be working normally. Thanks a lot. I assume you have a fixed IP and an Address line in your torrc? Would restarting BIND make Tor try to guess its IP? In that case you could have triggered the bug in 0.2.1.23/24 which gave some of us with dynamic IPs severe problems - the IP guessed was random contents of memory changing every few seconds. It's fixed in 0.2.1.25 (an 0.2.2.10 alpha I'm told). Just a thought - others know the workings better. GD _ Hotmail is redefining busy with tools for the New Busy. Get more from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID27925::T:WLMTAGL:ON:WL:en-US:WM_HMP:032010_2
PrivacyNow
Hi, would the owner of exit PrivacyNow (reportedly in Denmark) please turn off blacklisting of sites in their OpenDNS account? Thanks, GD _ The New Busy is not the old busy. Search, chat and e-mail from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID27925::T:WLMTAGL:ON:WL:en-US:WM_HMP:032010_3
Re: PrivacyNow
downie - wrote, On 2010-03-23 20:27: Hi, would the owner of exit PrivacyNow (reportedly in Denmark) please turn off blacklisting of sites in their OpenDNS account? Or even better, use the resolvers from: http://censurfridns.dk/ -- Regards Georg Sluyterman *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
New GETINFO option, bytes
Hi. I added a new option for GETINFO, that will return the total number of bytes that's gone through Tor since process startup. Just exporting the internal stats_n_bytes_read/written. This is very useful for retrieving statistics like bandwidth over time, for use with tools like arm, vidalia, munin, and other monitoring applications. The current method that use events is difficult to use, since you have to listen all the time. With the new method you can for example poll every minute to see how many bytes was transferred in total since last you checked. I wrote a plugin for munin that use this new feature, and it works great. The patch is trivial, and you probably want to change the name of the command if you want to use it. There might also be reasons that you don't want to export and print uint64_t variables. I didn't take time to check any tor internals guidelines. // pipe From d557fc9bc2ec749d4743e3e918289e55c4b9e459 Mon Sep 17 00:00:00 2001 From: Anders Andersson pipat...@gmail.com Date: Tue, 23 Mar 2010 02:07:37 +0100 Subject: [PATCH] Added a new GETINFO item 'bytes' --- src/or/control.c |7 +++ src/or/main.c|4 ++-- src/or/or.h |2 ++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/or/control.c b/src/or/control.c index 771beae..d591065 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -1328,6 +1328,11 @@ getinfo_helper_misc(control_connection_t *conn, const char *question, *answer = tor_malloc(HEX_DIGEST_LEN+1); base16_encode(*answer, HEX_DIGEST_LEN+1, me-cache_info.identity_digest, DIGEST_LEN); + } else if (!strcmp(question, bytes)) { +*answer = tor_malloc(42); +tor_snprintf(*answer, 42, U64_FORMAT U64_FORMAT, + U64_PRINTF_ARG(stats_n_bytes_read), + U64_PRINTF_ARG(stats_n_bytes_written)); } return 0; } @@ -1810,6 +1815,8 @@ static const getinfo_item_t getinfo_items[] = { Time when the accounting period ends.), ITEM(accounting/interval-wake, accounting, Time to wake up in this accounting period.), + ITEM(bytes, misc, + Number of bytes read/written so far since Tor started.), ITEM(helper-nodes, entry_guards, NULL), /* deprecated */ ITEM(entry-guards, entry_guards, Which nodes are we using as entry guards?), diff --git a/src/or/main.c b/src/or/main.c index 74075b6..0e2b755 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -56,9 +56,9 @@ static int stats_prev_global_read_bucket; static int stats_prev_global_write_bucket; /* XXX we might want to keep stats about global_relayed_*_bucket too. Or not.*/ /** How many bytes have we read since we started the process? */ -static uint64_t stats_n_bytes_read = 0; +uint64_t stats_n_bytes_read = 0; /** How many bytes have we written since we started the process? */ -static uint64_t stats_n_bytes_written = 0; +uint64_t stats_n_bytes_written = 0; /** What time did this process start up? */ time_t time_of_process_start = 0; /** How many seconds have we been running? */ diff --git a/src/or/or.h b/src/or/or.h index 737c197..75c43f9 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4192,6 +4192,8 @@ void accounting_set_bandwidth_usage_from_state(or_state_t *state); /* main.c ***/ extern int has_completed_circuit; +extern uint64_t stats_n_bytes_read; +extern uint64_t stats_n_bytes_written; int connection_add(connection_t *conn); int connection_remove(connection_t *conn); -- 1.5.6.5 From 94b4451ff20ac8951ba7fa43edba1d4faa053505 Mon Sep 17 00:00:00 2001 From: Anders Andersson pipat...@gmail.com Date: Tue, 23 Mar 2010 22:21:04 +0100 Subject: [PATCH] Documented the bytes option for GETINFO --- doc/spec/control-spec.txt |5 + 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/doc/spec/control-spec.txt b/doc/spec/control-spec.txt index b60baba..17c59f6 100644 --- a/doc/spec/control-spec.txt +++ b/doc/spec/control-spec.txt @@ -498,6 +498,11 @@ with a $. This is an implementation error. It would be nice to add the $ back in if we can do so without breaking compatibility.] +bytes + Total number of bytes passed through the Tor node since startup, in the + form: +read-bytes SP write-bytes CRLF + accounting/enabled accounting/hibernating accounting/bytes -- 1.5.6.5
Re: New GETINFO option, bytes
Thanks Anders! You're right - this is a highly requested piece of information (dozens of times at least this year). If this makes it into the control spec it might be nice to include an option for the total bytes downloaded/uploaded verses since the last reset (sighup). Regardless, keeping my fingers cross that something like this makes it in. Cheers! -Damian PS. This option was included in a proposal that's currently in limbo, which might give a possible option name: http://archives.seul.org/or/dev/Mar-2010/msg9.html On Tue, Mar 23, 2010 at 4:20 PM, Anders Andersson pipat...@gmail.comwrote: Hi. I added a new option for GETINFO, that will return the total number of bytes that's gone through Tor since process startup. Just exporting the internal stats_n_bytes_read/written. This is very useful for retrieving statistics like bandwidth over time, for use with tools like arm, vidalia, munin, and other monitoring applications. The current method that use events is difficult to use, since you have to listen all the time. With the new method you can for example poll every minute to see how many bytes was transferred in total since last you checked. I wrote a plugin for munin that use this new feature, and it works great. The patch is trivial, and you probably want to change the name of the command if you want to use it. There might also be reasons that you don't want to export and print uint64_t variables. I didn't take time to check any tor internals guidelines. // pipe
a problem about run tor bridge
Hi, everyone! My computer is behind a NAT and I can connect to the Tor network directly ( not using Tor bridges although I am in China). Now I want to configure my tor as a bridge to let my friend connect to the Tor network. His IP is 172.18.12.xxx. My configuration file looks like: BridgeRelay 1 ContactInfo hegaofeng at seu dot edu dot cn ControlPort 9051 ExitPolicy reject *:* Log notice stdout Nickname ORhgf ORPort 443 PublishServerDescriptor 0 RelayBandwidthBurst 10485760 RelayBandwidthRate 5242880 And my bridge information is: 172.18.12.161:443 But this dosen't work. The Vidalia is always stopping at Loading relay information I use Wireshark and find the TLS handshake is normal. Can anyone tell me why? Thanks a lot! 2010-03-24 Gaofeng He
Re: a problem about run tor bridge
于 2010-3-24 10:19, torsecurity 写道: Hi, everyone! My computer is behind a NAT and I can connect to the Tor network directly ( not using Tor bridges although I am in China). Now I want to configure my tor as a bridge to let my friend connect to the Tor network. His IP is 172.18.12.xxx. My configuration file looks like: BridgeRelay 1 ContactInfo hegaofeng at seu dot edu dot cn ControlPort 9051 ExitPolicy reject *:* Log notice stdout Nickname ORhgf ORPort 443 PublishServerDescriptor 0 RelayBandwidthBurst 10485760 RelayBandwidthRate 5242880 And my bridge information is: 172.18.12.161:443 But this dosen't work. The Vidalia is always stopping at Loading relay information I use Wireshark and find the TLS handshake is normal. Can anyone tell me why? Thanks a lot! 2010-03-24 Gaofeng He first, you can't run any tor service behind NAT unless you can configure your firewall/NAT in order to enable port forwarding. By the way, what the hell is 172.18.12.161? Who can connect to that thing? second, I do not think Loding relay information... has anything to do with your recent bridge configuration.
Re: Re: a problem about run tor bridge
The 172.18.12.161 is my private network address and the bridge is only intended to be used in the internal network. 2010-03-24 Gaofeng He 发件人: wang.wang.test 发送时间: 2010-03-24 10:35:33 收件人: or-talk 抄送: 主题: Re: a problem about run tor bridge 于 2010-3-24 10:19, torsecurity 写道: Hi, everyone! My computer is behind a NAT and I can connect to the Tor network directly ( not using Tor bridges although I am in China). Now I want to configure my tor as a bridge to let my friend connect to the Tor network. His IP is 172.18.12.xxx. My configuration file looks like: BridgeRelay 1 ContactInfo hegaofeng at seu dot edu dot cn ControlPort 9051 ExitPolicy reject *:* Log notice stdout Nickname ORhgf ORPort 443 PublishServerDescriptor 0 RelayBandwidthBurst 10485760 RelayBandwidthRate 5242880 And my bridge information is: 172.18.12.161:443 But this dosen't work. The Vidalia is always stopping at Loading relay information I use Wireshark and find the TLS handshake is normal. Can anyone tell me why? Thanks a lot! 2010-03-24 Gaofeng He first, you can't run any tor service behind NAT unless you can configure your firewall/NAT in order to enable port forwarding. By the way, what the hell is 172.18.12.161? Who can connect to that thing? second, I do not think Loding relay information... has anything to do with your recent bridge configuration.
Re: a problem about run tor bridge
于 2010-3-24 10:44, torsecurity 写道: The 172.18.12.161 is my private network address and the bridge is only intended to be used in the internal network. 2010-03-24 Gaofeng He *发件人:* wang.wang.test *发送时间:* 2010-03-24 10:35:33 *收件人:* or-talk *抄送:* *主题:* Re: a problem about run tor bridge 于 2010-3-24 10:19, torsecurity 写道: Hi, everyone! My computer is behind a NAT and I can connect to the Tor network directly ( not using Tor bridges although I am in China). Now I want to configure my tor as a bridge to let my friend connect to the Tor network. His IP is 172.18.12.xxx. My configuration file looks like: BridgeRelay 1 ContactInfo hegaofeng at seu dot edu dot cn ControlPort 9051 ExitPolicy reject *:* Log notice stdout Nickname ORhgf ORPort 443 PublishServerDescriptor 0 RelayBandwidthBurst 10485760 RelayBandwidthRate 5242880 And my bridge information is: 172.18.12.161:443 But this dosen't work. The Vidalia is always stopping at Loading relay information I use Wireshark and find the TLS handshake is normal. Can anyone tell me why? Thanks a lot! 2010-03-24 Gaofeng He first, you can't run any tor service behind NAT unless you can configure your firewall/NAT in order to enable port forwarding. By the way, what the hell is 172.18.12.161? Who can connect to that thing? second, I do not think Loding relay information... has anything to do with your recent bridge configuration. sorry to misunderstand you. http://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=doc/spec/dir-spec.txt take a look at 5.1: If a client is missing a live network-status document, it tries to fetch it from a directory cache (or from an authority if it knows no caches). On failure, the client waits briefly, then tries that network-status document again from another cache. The client does not build circuits until it has a live network-status consensus document, and it has descriptors for more than 1/4 of the routers that it believes are running. maybe that's your problem -- no enough descriptors.