Re: [tor-relays] Tor Relay in Kubernetes cluster

2023-08-18 Thread Felix 
> Daniel Nikoloski
Hi Daniel

Not sure if that already has been answered. I don't use Kubernetes cluster but 
I find this one interesting:

> > Address 38.242.233.101
> > ORPort 9001 NoAdvertise IPv4Only
> > ORPort 32150 NoListen IPv4Only

I believe the Tor server service will publish port 32150 but it listens
to port 9001. It will not listen to where foreign Tor clients speak.
Simply "ORPort 9001" could be enough if you bind Tor to the published
address 38.242.233.101.

Unrelated:

If you will bind the Tor server service to an internal address
(10.x.x.x) ie for use in a container, NoAdvertise and NoListen can
be used to explain it to Tor:

Address 38.242.233.101
ORPort 10.x.x.x:9001 NoAdvertise IPv4Only
ORPort 38.242.233.101:32150 NoListen IPv4Only

The firewall needs to forward the traffic from the external to
the internal addresses. In pf world:
rdr on $IFEXT inet proto tcp from any to 38.242.233.101 port 32150
-> 10.x.x.x port 9001

Finally (in my setup) the outbound traffic needs nat. In pf world:
nat on $IFEXT inet from 10.x.x.x to any -> 38.242.233.101



pgpiJnautVozd.pgp
Description: Digitale Signatur von OpenPGP
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] EFF's university Tor relay campaign

2023-08-18 Thread Roger Dingledine 
On Thu, Aug 10, 2023 at 11:18:46AM -0600, Gunnar Wolf wrote:
> Yes, I do!
> 
> Please add to the list:
> 
> Universidad Nacional Autónoma de México
> 
> We have been running two relays since 2017/2018, and enabled two additional
> relays (in the same VM / IP address) recently.

Awesome! I will pass your contact info to Cooper, who will add you to
the internal lists he is tracking.

I missed some relays-running-at-educational-institutions on the first
pass, because we don't have an easy way to look up "which relays are at
universities?" If anybody wants to help work on that, it's
https://gitlab.torproject.org/tpo/network-health/metrics/relay-search/-/issues/40022

We also have a handful of known great relay operators, such as the ones
run by ibiblio at UNC and a few in Germany, who didn't answer my mails
yet and I expect that eventually we will add them.

Cooper showed me the beautiful shiny challenge coins that he made to
send to university relay operators. They are a work of art. I believe his
plan is to send them to people once their relay has been up for a year,
i.e. some people qualify already but the people who newly start a relay
in response to this EFF campaign will have to keep it going for a while
to earn the shiny object. :)

--Roger

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays