Re: [tor-relays] Hide TOR exit on my external IP?

[jensm1]

Hi Volker,

it's generally advised to not run an exit from your home, since this
leads to the problems you described as well as it can cause (uninformed)
law enforcement to seize all computer equipment in your home, if your
exit is involved in some crime. Therefore it's better to run an exit on
a server in a datacenter and downgrade your home connection to a
non-exit relay.

As to your subject: No, it's not possible to hide the fact that a Tor
exit is on that specific IP, since at least the Tor-facing IP must be
made public in the consensus, so clients can actually connect to your exit.

You could probably use different IPs for connecting with relays and
exiting traffic to the internet, but then you'd need a machine with two
network interfaces that have different public IPs, and you will also not
be able to "prove" that an exit is/was running on the IP that generates
abuse complaints and similar trouble.


Am 29.09.2016 um 15:09 schrieb Volker Mink:

Hi Folks.
Due to my TOR exit on my Internet-Connection i got hasseled by a lot
of proxy-warnings and -problems.
A lot of newsboards are showing up stuff like "cloudflare protection",
netflix wont work due to "proxy detection", some apps on my
mobilephone (on WIFI) require some reconfiguration...

Any idea how to solve this?
My exitnode is running on a small raspberry. Its local IP-adress is
configured in the DMZ of my router to communicate with the internet
without any restrictions.
Best,
volker


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays




---
Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft.
https://www.avast.com/antivirus
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Reasons to avoid being a guard? (was: Middle relay)

[jensm1]

I am curious about possible reasons, why one wouldn't want to become 
guard. Are there any risks or disadvantages that come with the guard flag?



Am 16.09.2016 um 16:32 schrieb Ivan Markin:

Marcel Krzystek:

Add the following to your .torrc file:

ExitPolicy reject *:*

It's non-exit, not a "middle-only" relay. Jim probably doesn't want to
become a Guard. I'm not aware of such option.

btw, we've recently discussed in #19625 [1] possibility of setting
"peering policy". If this would be implemented one can restrict
connections only to relays in consensus (but not bridges?).

[1] https://trac.torproject.org/projects/tor/ticket/19625
--
Ivan Markin
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relay lost most of its consensus weight

[jensm1]

That's exactly what baffles me. I didn't make any changes to the relay
configuration since updating to 0.2.8.7. I've always had some
fluctuations in the Advertised Bandwidth as reported by Atlas, but I
assume these are from the BWAuth measurements?

The only thing on my end, that I could imagine, is that the VPS provider
changed something in his configuration. But since I don't see any
interruption of the servers uptime (neither in Tor, nor in Debian, nor
in the VPS control panel), I assume this couldn't be anything drastic
like moving the VM to a different host machine.



Am 14.09.2016 um 02:10 schrieb teor:
>> On 13 Sep 2016, at 23:30, jensm1 <jen...@bbjh.de> wrote:
>>
>> I last restarted the relay five days ago (update to 0.2.8.7). Can a restart 
>> really cause the consensus weight to drop several days later? If it drops 
>> within a few hours, I'd get that, but what would delay that response that 
>> much?
>> (Not complaining, just genuinely curious.)
> I'm really not sure - any flag changes should have an impact within an hour.
> Several days later is more likely to be bandwidth authority measurement - is 
> your relay up and capable of transmitting as much traffic as it was before it 
> was restarted?
> Are its ports open to all other relays?
> Can it open connections to other relays, regardless of their ports?
> Did you make any other config changes at the same time?
>
> Tim
>
>> Am 13.09.2016 um 10:37 schrieb teor:
>>>> On 13 Sep 2016, at 18:05, jensm1 <jen...@bbjh.de>
>>>>  wrote:
>>>>
>>>> Hi,
>>>>
>>>> I just realised that my relay 'itwasntme' lost most of its consensus
>>>> weight yesterday morning. The relay is only three weeks old, but it was
>>>> finally picking up some traffic, which now is gone again.
>>>> What could be the cause for this? Is there a problem with my relay or
>>>> configuration?
>>>>
>>> It looks like you just recently gained some consensus weight, then 
>>> temporarily lost it after you restarted your relay.
>>> We're working on improving the stability algorithm so these temporary 
>>> downtimes don't affect relays as much.
>>> But in any case, wait a week or two, and it will be back.
>>> (If not, please let us know.)
>>>
>>> Tim
>>>
>>>
>>>> Thanks for your help!
>>>>
>>>>
>>>>
>>>> https://atlas.torproject.org/#details/F46C312E279185364F46EA06C58F7925280911E2
>>>>
>>>>
>>>>
>>>> ___
>>>> tor-relays mailing list
>>>>
>>>> tor-relays@lists.torproject.org
>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>> Tim Wilson-Brown (teor)
>>>
>>> teor2345 at gmail dot com
>>> PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
>>> ricochet:ekmygaiu4rzgsk6n
>>> xmpp: teor at torproject dot org
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ___
>>> tor-relays mailing list
>>>
>>> tor-relays@lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
>>
>>
>> Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft.
>> www.avast.com
>>
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> Tim Wilson-Brown (teor)
>
> teor2345 at gmail dot com
> PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
> ricochet:ekmygaiu4rzgsk6n
> xmpp: teor at torproject dot org
>
>
>
>
>
>
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DigitalOcean pricing (Re: tomhek - the (new) biggest guard relay operator)

[jensm1]

SeFlow does not allow Tor nodes, though, if the good/bad isp wiki-page 
is any indication.



Am 13.09.2016 um 16:14 schrieb Markus Koch:
Seflow is only 1,99 € ... So compared to $5 DigitalOcean is expensive 
 :)


Sent from my iPad

On 13 Sep 2016, at 15:01, Tristan > wrote:



Well, if $5 a month is high for you, I don't know what to say.


On Sep 13, 2016 4:01 AM, "Admin Kode-IT" > wrote:


Is there something special about D.O.? The server prices are
quite high in my opinion.

___
tor-relays mailing list
tor-relays@lists.torproject.org

https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org 
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays




---
Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft.
https://www.avast.com/antivirus
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relay lost most of its consensus weight

[jensm1]

I last restarted the relay five days ago (update to 0.2.8.7). Can a
restart really cause the consensus weight to drop several days later? If
it drops within a few hours, I'd get that, but what would delay that
response that much?
(Not complaining, just genuinely curious.)


Am 13.09.2016 um 10:37 schrieb teor:

On 13 Sep 2016, at 18:05, jensm1 <jen...@bbjh.de> wrote:

Hi,

I just realised that my relay 'itwasntme' lost most of its consensus
weight yesterday morning. The relay is only three weeks old, but it was
finally picking up some traffic, which now is gone again.
What could be the cause for this? Is there a problem with my relay or
configuration?

It looks like you just recently gained some consensus weight, then temporarily 
lost it after you restarted your relay.
We're working on improving the stability algorithm so these temporary downtimes 
don't affect relays as much.
But in any case, wait a week or two, and it will be back.
(If not, please let us know.)

Tim


Thanks for your help!


https://atlas.torproject.org/#details/F46C312E279185364F46EA06C58F7925280911E2


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org








___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays




---
Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft.
https://www.avast.com/antivirus
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] relay lost most of its consensus weight

[jensm1]

Hi,

I just realised that my relay 'itwasntme' lost most of its consensus
weight yesterday morning. The relay is only three weeks old, but it was
finally picking up some traffic, which now is gone again.
What could be the cause for this? Is there a problem with my relay or
configuration?

Thanks for your help!


https://atlas.torproject.org/#details/F46C312E279185364F46EA06C58F7925280911E2


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 68, Issue 22

[jensm1]

I don't understand what you're saying. Of course the top 10 relays are
also showing their IP address, country and provider (or rather AS name).


Am 07.09.2016 um 14:01 schrieb daniel boone:
>  
> tks John. I am not interested in sticking my neck out like that so I
> hope the project moves forward. I just don't understank why the top 10
> relays  never show anything like that.
>  
> Best Regards, Daniel

> [snip digest]
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 68, Issue 21

[jensm1]

This.

Also, I'm not sure, why this info would even concern you (especially
since you're from the US, if I remember correctly). It's not like you're
giving away your home adress or something. If you keep your real name
out of the various configuration fields like relay-nickname and
contact-email, nobody will even know it's you, who is running this
relay, except for your internet provider (who will know anyway).


But as John said, nobody will fault you if you don't want to run a
relay! We're all volunteers here, after all.

Jens


Am 07.09.2016 um 06:10 schrieb John Ricketts:
> Daniel,
>
> No.  Part of being a Tor Relay is sticking your neck out a bit for
> those who can't.  No one will fault you if you decide to not run a relay.
>
> John
>
> On Sep 6, 2016, at 23:08, daniel boone  > wrote:
>
>> Relay Issue: I had a relay up and runnng Saturday. I found my relay
>> Atlas but I did not like what I saw on there. It showed my isp number
>> and my dsl provider so I shut down the relay. Is there some
>> adjustment in the "torrc" file to have that not show. And I do not
>> have any access to a Proxy Sever.
>> tks
>> -DB-
>>  
>> [snip digest]
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org 
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Which OS gives usually the best performance for a relay?

[jensm1]

Hi!


All modern Operating Systems should be up to the task of running a Tor
relay, if configured right. The question about which one will work best
has probably no general answer, but will depend on the hardware (and
software) configuration used, the quality of the drivers for your
specific hardware, etc. and you'll have to try for yourself which one
will give you the best performance.


But please keep in mind that diversity is also very important, since an
overwhelming majority of relays runs on Linux. So even if(!) Debian
would be a bit faster, it could very well be worth it to sacrifice a few
percent performance to increase the OS diversity.


Am 06.09.2016 um 22:14 schrieb Farid Joubbi:
>
> Hello,
>
>
> I am thinking of setting up a new relay.
>
> I know that the hardware in the server is going to be the bottleneck,
> not my Internet connection.
>
> I have a problem deciding on which OS to use for the relay.
>
> A few years ago when I had a similar relay going, I had it running on
> OpenBSD first.
>
> Then I changed the OS to FreeBSD and the performance got about 20% better.
>
> I have no idea if this would be the case today too.
>
> So I think that maybe it's either FreeBSD or Debian that would be
> "best", but I have nothing concrete to base that decision on unless I
> try them both.
>
>
> I am going to use a Via C7 board in this specific case. So I suspect
> that it's the maturity of the VIA drivers in the OS that is going to
> make the difference. Still I would like to know how to think in
> similar situations in the future even for other hardware.
>
>
> Has anyone any concrete experience of the tor relay speeds on
> different operating systems?
>
> I don't want to start a flame war of religious beliefs, but I suspect
> that OSes differ in how optimized they are for different tasks.
>
>
> Thankful for any constructive input on this.
>
>
> Regards,
>
> Farid
>
>
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 68, Issue 14

[jensm1]

To change your mailing-list preferences, you can simply visit
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays. On the
other hand, you can also stay with the digest, if you don't plan on
posting here regularly.

Setting up a relay can be a lot of work, especially if you've never done
it before. If you really want to do it, don't give up! You're probably
almost there, since your relay is running and shown on Atlas. If you
tell me the name of your relay and/or send me your full torrc, I might
be able to help you with the remaining problems. Don't feel bad for
asking questions and help, we all had to start at some point.


> On the Atlas page I did see when I did a search it had found me but I
> did not linke what I saw meaning location, ip address and provider.
>
I'm not sure what you mean by that. Is the info wrong? Or is the fact,
that this info is publically available a problem for you?

> As for the info on the proxy that is greek to me too. I usually use a
> vpn service for everything else but tor does not let that happen for me.
>  
 I'm also not sure I understand what your problem is, and what a VPN has
to do with that. Are you using a VPN to access the internet? If so, what
is the reason for that?

>  Im not going to have the us law officles beating on my door.
>  
If you don't run an exit, they will most certainly not come to you.


I think it's best to take this conversation off the list for now, since
this doesn't concern most relay-operators anymore, but feel free to
message me directly, I'm happy to help you with your questions and problems!

Jens



Am 04.09.2016 um 17:30 schrieb daniel boone:
> I appricate your help on this but this is all getting over my head. I
> did create a folder for tor-relays in my inbox. As for changing from
> "digest" to "actual mails" i dont see where to do that unless I
> reregister with a new name and email. I wanted to run a relay and not
> get into any BS over here but I think I may considring what you posted
> back to me.
>  
> On the Atlas page I did see when I did a search it had found me but I
> did not linke what I saw meaning location, ip address and provider. I
> have it set up wrong and not going to be a pain in the yazoo on all of
> this.  I think i may scrap my idea of a relay Jensm.
>  
> As for the info on the proxy that is greek to me too. I usually use a
> vpn service for everything else but tor does not let that happen for
> me. I thank you for what you and matt have tried to get me going, I
> did and its not correct and Im not going to have the us law officles
> beating on my door.
>  
> Regards
> Daniel
> [snip digest]
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 68, Issue 12

[jensm1]

You're right, of course. The technically correct way would be to filter
by the List-Id field and thunderbird supports this. I actually didn't
know about this header field till now, thanks for pointing it out! But
as you said, most webmails are crap (gmail apparently supports it, but
not directly).

The problem is, that this functionality is usually so well hidden, that
even experienced users won't find it if they don't know exactly what
they want to do, so filtering by subject/from/to - although technically
"wrong" - is the only "visible" way to do it.


Am 04.09.2016 um 15:28 schrieb grarpamp:
> On Sun, Sep 4, 2016 at 8:17 AM, jensm1 <jen...@bbjh.de> wrote:
>> you can then configure your inbox to
>> put everything containing [tor-relays] into its own folder
> This is non ideal as it continues the poor notion that bloating everyone's
> subject lines with, currently 13, characters of non content junk is a good 
> idea,
> and it will cause mismatches on nonlist material.
> The proper way to segregate a list is to match on envelope headers such as
> the included X-BeenThere:, List-Id:, Sender:, not meta material in the body.
> Unix users can easily use fetchmail and maildrop to do this.
> Thunderbird and other clients should be able to.
> Webmails are typically junk so no guarantees there.
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] BeagleBoard-X15

[jensm1]

Hi,

the BeagleBoard-X15 seems to be in the last phase of
development/certification. We'll probably have to wait a bit until it
finally gets released.
As to alternatives: I'd be interested in these, too.

Jens


Am 04.09.2016 um 11:05 schrieb jchase:
> Hello,
> At least a year ago someone recommended the BeagleBoard-X15 as a Tor
> relay, partly due to its speed. The X15 does not seem to be available in
> the Netherlands (according to Mouser electronics). Are there any other
> comparable boards available in the Netherlands?
> Thanks,
> James Chase
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 68, Issue 12

[jensm1]

Hi Daniel

One thing first: If you want to actively participate on this mailing
list on a regular basis, it would be best if you switched your
mailing-list-setting from digest to the actual mails (you can then
either configure your inbox to put everything containing [tor-relays]
into its own folder, or use a seperate email-address). This way, the
Subject-lines are preserved when you answer, so it's easier to group the
right messages together, automatically.


Regarding relay vs. exit:

Yes, there's a difference. I assume you're familiar with the basic
workings of Tor (otherwise, read
https://www.torproject.org/docs/faq.html.en#Torisdifferent and check out
https://www.eff.org/pages/tor-and-https).
An exit is a special kind of relay, as it is the one where your traffic
leaves the Tor network and gets sent to the actual destination. This
means that the destination sees the exit as the source of this traffic.
So when somebody sends bad or illegal traffic, e.g. a hacker or someone
downloading a movie, it looks like your exit is doing these things.
Depending on the competence of your local law enforcement agencies, this
could mean your computer (or all your computers in your home) might get
seized, and you'll be a suspect.
Therefore, it is not advisable to run an exit from home (since then
you'll get all your computers taken away), or put anything else on the
same server.
Also, lawyers will file abuse complaints against your exit, which you'll
have to deal with.

It's perfectly fine to simply run a "normal" relay (you'll then be the
middle hop), especially if you're running Tor on a system that's not
online 24/7.

Nice to see your relay is running now! Though I must admit that I have
no idea what these "connection speed" notices mean. Probably nothing
important, or they'd be warnings.



Am 04.09.2016 um 06:52 schrieb daniel boone:
> Ok, 1st on to MATT  
> "I missed your SOCKS question."
> Well that doesnt matter because I took you advice on the first reply
> you sent explaing things so I commented all again as suggested. So all
> is well now on that part of the torrc file.
> What I did do was kept the ORPort at 9001. I tried 443 but in the
> terminal it showed me it could not bind so it would not work.
> As for the question on "hope this helps" you bet and well appricated.
> Thank you.
> *What I did on the exit on lines 186-190 here is what it is set at*
> *"#ExitPolicy accept *:6660-6667,reject *:* # allow irc ports on IPv4
> and IPv6 but no more
> #ExitPolicy accept *:119 # accept nntp ports on IPv4 and IPv6 as well
> as default exit policy
> #ExitPolicy accept *4:119 # accept nntp ports on IPv4 only as well as
> default exit policy
> #ExitPolicy accept6 *6:119 # accept nntp ports on IPv6 only as well as
> default exit policy
> ExitPolicy reject *:0  #no exits allowed: Minus the quotes natrually.
> this line is line 190*
> The links you sent me to look thru was interesting. Per what it says I
> believe port 443 for the ORPort would be best but until I get the bind
> issue I need to learn to do I best leave it set at 9001 for now.
> As for the reading on the relay
> ORPort 443
> Exitpolicy reject *:*   
> Nickname ididnotconfig
> ContactInfo human@...
>  
> *{ORPort 9001
> Exitpolicy reject *:* 
> Nickname danielboon
> ContactInfo human@...}*
> *back to line 190 I do have it UNCOMMENTED as you can see.*
> *{ExitPolicy reject *:0  #no exits allowed}*
> *Maybe i can comment line 190, I am not sure but u or Jen will get me
> right.*
> 
> This part is Addressed to Jen
>  
> Regarding the exit settings:
> Is this relay running on a computer at your home, Daniel? * yes, my tower with a 64bit linux system duel core>*
>  
> Is there other important stuff stored/running on that computer?
> * the partitons when I need. Think I'm safe on that>*
>  
> If the answer to AT LEAST ONE of those two questions is yes, you
> should definitely set
> "ExitRelay 0" and "ExitPolicy reject *:*".
> Actually, you should set this, regardless of the answers, unless you
> know exactly, what it means to run an exit-relay and are willing and
> prepared to do this.
>  
> * relay and exit different?>*
> *and to the both of you I too will enjoying working with the group.
> I'm interested in many things at my age. I am self taught on all with
> books and just working with various OS's. Windows has been out for my
> many years once I got to now linux.*
> *As for both if you 2 are good enough to give me your names I can to
> that too. It is David so we can use that.*
>  
> I do have a setback here in the terminal I will post it>
>  
> *{Sep 03 23:57:39.000 [notice] Bootstrapped 0%: Starting
> Sep 03 23:57:47.000 [notice] Bootstrapped 80%: Connecting to the Tor
> network
> Sep 03 23:57:48.000 [notice] Bootstrapped 85%: Finishing handshake
> with first hop
> Sep 03 23:57:49.000 [notice] Guessed our IP address as 108.79.14.224
> (source: 

Re: [tor-relays] tor-relays-strike-snowden

[jensm1]

First, let me welcome you to the world of relay operators! It's always
nice to see new faces here, because it means I'm not the only "new guy"
(just started running a relay not that long ago). Of course you won't be
kicked out just for that one mail! I've seen a lot of worse FUD on here,
which is probably why I reacted like I did, your mail just happened to
be the last straw.

If you still have problems with your relay, you could try to ask your
(specific!) questions here or on the tor stackexchange. I'll also be
happy to help you, if I can.

Jens

Am 03.09.2016 um 16:59 schrieb daniel boone:
>  
> Jesm1, sorry about my rant. I am new to working with a relay and also
> to Tor. Please bear with me on all of this. Give me a Chance. I just
> wanted to help the project and not sit on my ass like some are afraid
> to do. I will admitt i need to learn a few things on here. My mouth
> for the first one. As for Snowden, he worked for a SubContractor and
> was brought into the CIA or the NSA that way. I think it is wonderful
> what the man did. He brought it all out in the OPEN for the world to
> see. To see just how corrupt the security agency's are over in the
> States. Look how they treated him. A man that told the whole truth and
> if he would go back they would Kill Him.
> I've said enough on that Jesm. I need some work and that is why I came
> to the mailing list and Hope I can get some of my understanding of the
> whole project and  only Hope I am not cut from here cause of this. I
> did get my relay running and it was what I was doing wrong on the
> torcc file. Please Lets shake hands and start over. That is all i can
> ask. Hope you take me up on it. The #tor chat room was of no help for
> they just dont seem to want to help some with new questions.
> -db-
>
[snip lengthy quote of digest]
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, 3 questions on torcc file

[jensm1]

I agree to everything Matt said.

A good rule of thumb for tor configuration is "leave everything at
default, unless you've got a reason to change it".

Also keep in mind that configuration files (and especially their
comments) are mostly about what you CAN do, not what you SHOULD do.

Regarding the control port: I think you don't need it at all, unless
you're doing something unusual or don't have ssh access to the computer
tor is running on. If both run on the same machine, arm is doing fine
with just the (unix) control socket.

Regarding the exit settings:
Is this relay running on a computer at your home, Daniel? Is there other
important stuff stored/running on that computer? If the answer to AT
LEAST ONE of those two questions is yes, you should definitely set
"ExitRelay 0" and "ExitPolicy reject *:*".
Actually, you should set this, regardless of the answers, unless you
know exactly, what it means to run an exit-relay and are willing and
prepared to do this.


Jens


Am 03.09.2016 um 22:18 schrieb Matt Traudt:
> Daniel Boone
>
> I missed your SOCKS question.
>
> If you do not intend to directly use this Tor instance to access the Tor
> network, you should leave the SocksPort as it was. By default Tor only
> listens on localhost:9050 (as the documentation indicates). Therefore,
> even if you *do* intend to use this Tor instance to access the Tor
> network, by default you can already point your applications towards
> localhost:9050.
>
> So in most cases, this option can be left alone so the default
> configuration can do its thing. Either you won't use the SOCKS proxy and
> it is harmlessly listening on localhost anyway, or you are like most
> people and don't need it to listen on non-localhost non-9050. For either
> case, the default behavior is fine.
>
> Hope this helps.
>
> Matt
>
> On 09/03/2016 03:55 PM, daniel boone wrote:
>>  
>> I got a couple of question to ask on the torrc file and I hope one of
>> you will direct me.
>>  
>> Ok here we go. I got it working as a relay which i can see in the
>> terminal. I just started so it is still testing bandwidth. but this is
>> not my questions
>>  
>> 1. on line 18 of mine it is about Socks. I was reading in the man pages
>> on this. It was #Socksport 9050. Per the man pages I took out the
>> comment and placed as "+" per the page. So now it is *+SOCKSPort 9050 #
>> Default: Bind to localhost:9050 for local connections.*
>>  
>>  
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 68, Issue 6

[jensm1]

This is just plain FUD, what you're doing now.

The 3 letter agencies have known about tor, and have been complaining
that they can't break it, for a long time now. In fact (iirc), they even
supported its development at some point, because they use it themselves.
The fact that they're using it is no reason for concern, rather the
opposite, since that means, they trust its security enough, that they
think other states can't break it.

That this guy is an ex-cia, also isn't a problem in and of itself. It's
just like hiring an ex-criminal for your security company. He could fuck
you over big time, or he could be a great asset due to insider
knowledge. Snowden is also ex-cia, ffs.

Also, what should he have "put in place"? A backdoor in the sourcecode?
It's open source, so we can see what he added. Compromised the DirAuths?
They're run by people not directly associated with the board, who
(hopefully) wouldn't simply give out their private keys. Installed
wiretapping? He doesn't need to be member of the board to do that.

So maybe you should heed your own advice and think!


(sorry for the rant, guys...)


Am 03.09.2016 um 12:34 schrieb daniel boone:
> This is upsetting on what  I hear and see not. I worked my ass off to
> get my relay, now i hear of a strike  and tor hireing a ex-cia
> offical. Even though i read the resigned, that still does not make the
> difference does it. They have already got in and probably long enough
> to put in place what the corrupt US Govt  wants to do. They have even
> admitted they know about tor, some military usess it, but they cant
> penetrate it. Maybe we should all think
>  
> *Sent:* Friday, September 02, 2016 at 7:56 PM
> *From:* tor-relays-requ...@lists.torproject.org
> *To:* tor-relays@lists.torproject.org
> *Subject:* tor-relays Digest, Vol 68, Issue 6
> Send tor-relays mailing list submissions to
> tor-relays@lists.torproject.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> or, via email, send a message with subject or body 'help' to
> tor-relays-requ...@lists.torproject.org
>
> You can reach the person managing the list at
> tor-relays-ow...@lists.torproject.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of tor-relays digest..."
>
>
> Today's Topics:
>
> 1. Re: #torstrike (D.S. Ljungmark)
> 2. Re: #torstrike (Volker Mink)
> 3. Guard vs Exit Bandwidth (Tristan)
> 4. Re: Guard vs Exit Bandwidth (Green Dream)
> 5. Re: Guard vs Exit Bandwidth (Tristan)
> 6. Re: total relay bandwidth (grarpamp)
>
>
> --
>
> Message: 1
> Date: Fri, 2 Sep 2016 17:26:35 +0200
> From: "D.S. Ljungmark" 
> To: tor-relays@lists.torproject.org
> Subject: Re: [tor-relays] #torstrike
> Message-ID: 
> Content-Type: text/plain; charset="utf-8"
>
> I just multiplied my BandwidthRate with a bit for my exit.
>
> //Spid
>
>
> On 02/09/16 02:28, Tristan wrote:
> > Is the Tor strike today? Because I just set up a second instance on my
> > relay to get the most out of its bandwidth.
> >
> > Oops 
> >
> >
> >
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
>
> -- next part --
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 843 bytes
> Desc: OpenPGP digital signature
> URL:
> 
>
> --
>
> Message: 2
> Date: Fri, 2 Sep 2016 17:33:54 +0200
> From: Volker Mink 
> To: tor-relays@lists.torproject.org
> Subject: Re: [tor-relays] #torstrike
> Message-ID: <5ad00fac-7313-4ee3-a0dc-aa404db25...@gmx.de>
> Content-Type: text/plain; charset="utf-8"
>
> Good job, thank you!
>
> > Am 02.09.2016 um 17:26 schrieb D.S. Ljungmark :
> >
> > I just multiplied my BandwidthRate with a bit for my exit.
> >
> > //Spid
> >
> >
> >> On 02/09/16 02:28, Tristan wrote:
> >> Is the Tor strike today? Because I just set up a second instance on my
> >> relay to get the most out of its bandwidth.
> >>
> >> Oops 
> >>
> >>
> >>
> >> ___
> >> tor-relays mailing list
> >> tor-relays@lists.torproject.org
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> -- next part --
> A non-text attachment was scrubbed...
> Name: smime.p7s
> Type: application/pkcs7-signature
> Size: 2368 bytes
> Desc: not available
> URL:
> 

[tor-relays] total relay bandwidth

[jensm1]

Hi,


(rather new relay operator here, so excuse me, if this is a dumb question)

I just saw this (https://metrics.torproject.org/bandwidth.html) graph,
which shows that the advertised relay bandwidth in the whole network is
more than double the actually used bandwidth. While it's certainly nice
to have a bit of breathing space to absorb load spikes, I'm wondering,
if new relays (i.e. non-exits) are actually helpful at this point, or if
they simply don't make a difference.

Am I missing something obvious? 


Thanks,

Jens


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relay on a vps not exclusively used for tor?

[jensm1]

Thanks for all the replies!

It's actually a good advice, not to run backup and tor on the same 
server, in case it gets seized or the ISP kills it.
Also, the small monetary savings aren't really worth the increased 
attack surface for both, the tor relay and the other services.


I therefore won't be running a relay on that VPS, but I will check if my 
funds will allow me (student, so money is always a bit tight) to spin up 
a second VPS just for tor.


Thanks again for all your advice and help!

---
Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft.
https://www.avast.com/antivirus

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] relay on a vps not exclusively used for tor?

[jensm1]

Hi,

I'm planning to get myself a small VPS for simple things like
calendar-synching and backup of important data. Since these things are
very light on resource-usage, I thought about putting a tor relay
(non-exit) on the server, so it does something useful instead of idling
most of the time.

Is this advisable, or are there reasons why I shouldn't put a relay on a
server that is used simultaneously by other things?

Thanks for your advice!


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] excessive bandwidth assigned bandwidth-limited exit relay

[jensm1]

You're saying that you're on a 1Gbit/s link, but you are only allowed to
use 100Mbit/s. Is this averaged over some timescale? If so, you could
try and play around with the 'RelayBandwidthBurst' setting. Increasing
the Burst might help reduce the queue delay when you're near saturation,
assuming the traffic is not constant and you're not over-saturated most
of the time.

I don't know the measuring system, but I doubt that random packet
dropping with iptables will have a noticeable effect on the measured
bandwidth, as long as you don't drop enough packets to horribly degrade
user experience.


Am 02.10.2015 um 10:16 schrieb Dhalgren Tor:
> "So" indeed.  For the time that was under discussion:
>
> cell-stats-end 2015-10-02 00:28:54 (86400 s)
> cell-processed-cells 20220,420,72,18,8,4,1,1,1,1
> cell-queued-cells 2.00,0.25,0.01,0.00,0.09,0.10,0.02,0.00,0.00,0.00
> cell-time-in-queue 203,131,17,7,2832,6198,3014,802,21,26
> cell-circuits-per-decile 126717
>
> . . .horrible
>
>
>
> On 10/1/15, Yawning Angel  wrote:
>> On Thu, 1 Oct 2015 19:05:38 +
>> Dhalgren Tor  wrote:
>>> 3) observing that statistics show elevated cell-queuing delays when
>>> the relay has been in the saturated state, e.g.
>>>
>>> cell-queued-cells 2.59,0.11,0.01,0.00,0.00,0.00,0.00,0.00,0.00,0.00
>>> cell-time-in-queue 107,25,3,3,4,3,7,4,1,7
>> So?
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] how reliable is the advertised vs consumed bandwidth on tor metrics

[jensm1]

I just stumbled over this
(https://metrics.torproject.org/bandwidth-flags.html) graph at tor
metrics, which shows advertised exit bandwidth to be around 40Gbit/s and
consumed exit bandwidth around 20Gbit/s. This would mean that we have
about twice as much exit bandwidth than we need, which I strongly doubt.
So now I'm curious about what causes this disparity.

Thanks!

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] missing tor-0.2.5.11 package for armhf wheezy

[jensm1]

Hi there,

I'm running a relay on my NAS at home and just realised that it's still
running on 0.2.5.10.
So I went and checked the deb.torproject.org repository for wheezy and
found that the tor package hasn't been updated for the
armhf-architecture (for the other archs it's fine).

Funny enough, the tor-geoipdb package has been updated to 0.2.5.11 which
broke it for me, since it depends on tor 0.2.5.11.

I hope that's the right place for this, otherwise please point me to
where it belongs, thanks!

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays