-bin/mailman/listinfo/tor-relays
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ri
?! Another eye is always cool to be sure
> !
>
> Many thx for your lights :)
>
> --
> Petrusko
> PubKey EBE23AE5
> C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
ng similar for "involuntary" FTP servers before. Bonnet?
Or a honeypot. Or a series of cloned servers. It's hard to tell.
But there do seem to be a large number of them, 55 in a recent consensus.
And no contact info, either.
We might want to remove these relays from the n
er code that assumes 1 key = 1 IPv4.)
Tim
>
> Simon
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor)
teor2345 at gmail dot c
can help tor clients use the Tor
>> network. Please opt-in!
>>
>>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ric
c>___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
s
" (entry node) by the directory
authorities if it has enough stability and bandwidth over time. For more
information, please read:
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
Your relay is already a directory mirror, because you have configured a DirPort.
Tim
Tim
irectory if you want, just change the tor
startup script and torrc.
Tim
>
> Sebastian
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilso
des port 53. So port
53 is only useful for clients that want to run their own DNS over TCP, or use
port 53 for something else.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
or-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf
> Of Tim Wilson-Brown - teor
> Sent: 20 May 2016 16:49
> To: tor-relays@lists.torproject.org
> Subject: Re: [tor-relays] What's this Abuse
>
>
>> On 20 May 2016, at 11:12, Dr Gerard Bulger <ger...@bul
don't want our mailing list messages to go against this goal.
(Even if the Internet users involved are not using Tor or another IP
anonymisation method.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description:
> On 2 May 2016, at 09:51, eliaz <el...@riseup.net> wrote:
>
>> On 5/1/2016 4:52:12 AM, Tim Wilson-Brown - teor (teor2...@gmail.com) wrote:
>>>> On 1 May 2016, at 16:52, eliaz <el...@riseup.net> wrote:
>>> =20
>>> =20
>>>> O
.org and email the tor-dev list
about the bug number.
It's the best way to collect details about crashes.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
ngth (default 30 seconds) for clients to choose a new guard.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays
or
permission issues on the source or destination.
Does tor start as a client?
If so, it's likely that you failed to copy the torrc file.
Does tor fail to start?
If so, it helps to let us know the warning messages it prints out.
Perhaps the files were corrupted on the way, or something else happened.
Ti
of the proxy settings on
your bridge.
It's normal for tor to change exits occasionally.
Do you know which exit your tor client was actually using during that time?
If so, report it to bad-rel...@lists.torproject.org
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricoch
onsidered as a fallback when we next rebuild the list.
Thanks
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing
://www.onion-router.net/Publications/tor-design.pdf
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing li
has more specific requirements for security reasons, this protects the
keys from other users on the system.
It's hard to give more advice without more specific details.
If this advice doesn't help, please copy and paste the configuration options
you used, and the errors you got, and then tell us
did emails sent to you bounce?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-relays@lists.torpr
That said, the list of relays in "Relays with broken DirPorts" consistently
failed over repeated attempts.
(The relays in "Relays with very slow DirPorts" might have been slow on my end,
and might just have been slow once.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot
Dear Relay Operators,
Please see below for an updated list of slow relay DirPorts.
> On 31 Mar 2016, at 11:13, Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>
> While I was checking fallback directory mirrors for #17158, I encountered
> some relays that took more than
(teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-relays@lists.torproject.org
https
> On 22 Mar 2016, at 08:14, Toralf Förster <toralf.foers...@gmx.de> wrote:
>
> Signed PGP part
> Tim Wilson-Brown - teor:
> > * if the AccountingRule is not "in".
> Ah,
> AccountingRule in
> was meant. I did not set that config option in the past
> On 22 Mar 2016, at 04:22, Toralf Förster <toralf.foers...@gmx.de> wrote:
>
> Signed PGP part
> Tim Wilson-Brown - teor:
> > In 0.2.8, every relay is potentially a hidden service directory and
> > a directory mirror.
> But with this configuration :
>
>
e the DirPort directly, but they typically use the authorities for
directory documents. (Some obscure relay configurations will use the fallback
directory mirrors.)
Tim
>
>
>
> Am Sonntag, 20. März 2016 02:54 schrieb Tim Wilson-Brown - teor
> <teor2...@gmail.com>:
>
ps://support.cloudflare.com/hc/en-us/articles/203306930-Does-CloudFlare-block-Tor->
(URL likely unavailable from some Tor Exits.)
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: M
ry
(regardless of whether it has a DirPort or not).
This used be controlled by the HidServDirV2 option, but that's now obsolete.
See ticket 16543 and commit 2f8cf524b.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3
umbers of connections /
CPU / network use, even in supposedly "unlimited" environments.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP
me to the Exit.
Then DNS resolution is performed by the Exit.
So technically, there are no DNS packets until the Exit queries its DNS servers
for the server name provided by the client.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06
.
(We plan on unifying the code that picks authorities / fallback directories and
the code that picks directory mirrors. If we'd managed that in 0.2.8, then
these checks would be correct, because they're being performed for directory
mirrors.)
> Once some devs, especially teor, recover from
or won't let me.
Networks need extra capacity - it increases average speeds, and absorbs sudden
usage spikes.
Consider starting a second tor instance on other ports to use the extra
capacity on your server.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OT
emory and connections to stay under about 3/4 of the memory
you have.
Try 1GB.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
_
y guards they have previously chosen, and try new guards if all
previously chosen guards are down.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with Ope
llocated 2TB
> of bandwidth per month from my VPS
What processor is on your VPS?
How fast is it?
Does it have AES-NI?
Is your OpenSSL compiled optimised for your processor and for the encryption
that Tor uses?
How much RAM does your VPS have?
Have you read the torservers.net Tor tuning ad
already have a new one.
But how do users find that new address?
(For some users, the bridge authority might tell them when provided with the
bridge's fingerprint, but only if their other bridges work.)
> (Of course they could
> still simply block the whole /16 or whatever your ISP has)
Typically
f a circuit, and for rendezvous points for short-lived hidden
service circuits. So it's not disruptive or useless. (It might slow down a few
clients who try your relay for the few hours each day it takes to find its new
IP address.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail do
ough authorities should believe your relay is stable.
Perhaps you could consider upgrading it from 0.2.4?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signat
> On 18 Feb 2016, at 22:16, Mirimir <miri...@riseup.net> wrote:
>
> On 02/18/2016 03:47 AM, Tim Wilson-Brown - teor wrote:
>>
>>> On 18 Feb 2016, at 14:40, Ricardo Malagon Jerez <rjmala...@gmail.com> wrote:
>>>
>>> I don't know how an
orks for clients.
Relays need to be able to post their descriptors to the authorities. So they
have to be able to reach at least one authority - they can't use only fallback
directory mirrors.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 97558
he ORPort
> in the torrc-file enabled.
> Port 9001 is forwarded at my router and the Pi is also in the DMZ.
Can you please send us the Tor log messages?
They usually say why Tor won't start.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR
ing.
>
> -V
>
> On Friday, 5 February 2016, Karsten Loesing <kars...@torproject.org
> <mailto:kars...@torproject.org>> wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> [Removing metrics-team@ to avoid cross posting.]
>>
d I add/configure DNS servers?
Typically, by editing /etc/resolv.conf.
But some platforms automatically generate it using the files in
/etc/resolvconf/resolv.conf.d/
It should be fairly straightforward, if not, search the Internet for a HOWTO
for your platform.
Tim
Tim Wilson-Brown (teor)
teor
their IP
addresses as well?
Tim
> On Jan 31, 2016 3:27 PM, "Tim Wilson-Brown - teor" <teor2...@gmail.com
> <mailto:teor2...@gmail.com>> wrote:
>
>> On 1 Feb 2016, at 08:19, SuperSluether <supersluet...@gmail.com
>> <mailto:supersluet...@gmail.co
your DNS
requests.
A drawback is that your VPS company then sees your DNS requests and your
traffic, but they could do this anyway.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B
question is:
> https://atlas.torproject.org/#details/FE67A1BA4EF1D13A617AEFB416CB9E44331B223A
>
> <https://atlas.torproject.org/#details/FE67A1BA4EF1D13A617AEFB416CB9E44331B223A>
Thanks for the fingerprint, Atlas confirms your relay is an Exit.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ther OnionOO should reflect this is another matter.
Perhaps it could imitate Tor, and have a separate field called "network family"?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
> On 29 Jan 2016, at 07:20, Roman Mamedov <r...@romanrm.net> wrote:
>
> On Fri, 29 Jan 2016 06:33:51 +1100
> Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>
>> Tor already considers relays in the same IPv4 /16 to be in the same family.
>
e kind of attack or simply an error that happened over the weekend?
> I have never seen it before.
This error is logged when Tor sends a DNS query to an address, but gets a reply
back from a different address.
This could be an attack, or a misconfigured DNS server, or simply a multihomed
DNS ser
f Tor's warnings.
Search the mailing lists, source code or Internet?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
> On 13 Jan 2016, at 11:21, Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>> On 13 Jan 2016, at 10:33, Tim Wilson-Brown - teor <teor2...@gmail.com
>> <mailto:teor2...@gmail.com>> wrote:
>>> At 19:20 1/12/2016 +0100, Aeris wrote:
>>&
> On 18 Jan 2016, at 11:07, Roman Mamedov <r...@romanrm.net> wrote:
>
> On Mon, 18 Jan 2016 10:16:40 +1100
> Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>
>> I think if a client is just using it for bootstrap, any extra latency
>> shouldn't be
ac.torproject.org/projects/tor/ticket/4483>
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
_
bootstrap yet.
(I'm working on IPv6 client bootstrap in Trac Ticket #17840, hopefully it will
make it into 0.2.8.)
https://trac.torproject.org/projects/tor/ticket/17840
<https://trac.torproject.org/projects/tor/ticket/17840>
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968
47A05BFBCF91,$5BFDECCE9B4A23AE14EC767C5A2C1E10558B00B9
Hi,
Thanks for the opt-in, but these relays have no DirPort configured.
Relays need a DirPort to act as fallback directory mirrors.
If you are able to configure a DirPort on these relays, please let me know, and
I'll add them to the list.
Tim
Tim Wilson-Brown (teor)
teor2345
We're working on it in
https://trac.torproject.org/projects/tor/ticket/17840
<https://trac.torproject.org/projects/tor/ticket/17840>
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Desc
er relays in that family.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing
o avoid in future.
I noticed there are some other relays in that family, should they be opt-in or
opt-out?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.a
> On 18 Dec 2015, at 09:23, Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>> On 18 Dec 2015, at 06:31, ]V[ <mart...@beekhuis.org
>> <mailto:mart...@beekhuis.org>> wrote:
>> Able!
>>
>
> ...
> Thanks, can you let me/us know the names
> On 19 Dec 2015, at 05:53, Felix <zwie...@quantentunnel.de> wrote:
> ...
> I'm happy to bring in the relay Doedel22
> '8FA37B93397015B2BC5A525C908485260BE9F422'.
Hi Felix,
There are some other relays in that family, did you want to opt-in or opt-out
for them?
Tim
Tim
east 2 years, please consider opting-in
>> for this trial.
>
> I realise it's been a while since the last post in this thread, but
> I'd like to opt-in.
That's OK, we're still taking opt-ins.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot
https://github.com/teor2345/tor.git>https://github.com/teor2345/tor.git
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor)
teor2345
shed ~62 seconds after the ORPort
self-test?
(Or, strictly, after the first descriptor was submitted?)
That would explain the behaviour we're seeing here.
(And it shouldn't be grounds for exclusion as a fallback directory, let me see
what I can do.)
Logged in trac as #18050.
https://trac.tor
> On 13 Jan 2016, at 10:33, Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>
>
>> At 19:20 1/12/2016 +0100, Aeris wrote:
>>>> Are you *absoultely* certain that the config
>>>> was not fiddled with at the time of this event?
>>>
rors
<https://trac.torproject.org/projects/tor/wiki/doc/FallbackDirectoryMirrors>
[2]: https://github.com/teor2345/tor.git <https://github.com/teor2345/tor.git>
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
s
> On 12 Jan 2016, at 12:11, Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>
>
>> On 12 Jan 2016, at 10:14, starlight.201...@binnacle.cx
>> <mailto:starlight.201...@binnacle.cx> wrote:
>>
>> Found a serious bug in the
>>
>&g
tory of each relay rather than the
> 120 days requested.
>
> This results in 145 relays left
> off the list as too-old history is
> averaged into the percentages.
Thanks, logged as #18035
https://trac.torproject.org/projects/tor/ticket/18035
<https://trac.torproject.org/project
e:
* The exact Address, ORPort and DirPort lines (or the entire torrc, if you're
able)
* The debug-level log output for the first and second calls to
resolve_my_address()
* there will be a lot of output here, and it can reveal sensitive info -
don't leave debug logging on all the time!
Tim
Tim
eason it's trying to check the wrong IP
>> address?
>
> Did you try setting OutboundBindAddress?
This will help other relays identify connections from your relay as canonical,
but it won't affect the address your relay uses for itself.
Tim
Tim Wilson-Brown (teor)
teor2345 at
> On 8 Jan 2016, at 21:17, Markus Hitter <m...@jump-ing.de> wrote:
>
> Am 08.01.2016 um 07:33 schrieb Tim Wilson-Brown - teor:
>> What matters is the bandwidth it can contribute to censored users.
>> The advertised bandwidth is 100KB/s, which is somewhat low for a br
conflict?)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-
at matters is the bandwidth it can contribute to censored users.
The advertised bandwidth is 100KB/s, which is somewhat low for a bridge.
As far as I recall, 250KB/s is considered a good minimum for a bridge.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR
; flag imposes a minimum bandwidth requirement.
The "Stable" flag imposes an uptime requirement.
Each authority does its own relay reachability testing, and so their views of
the network may differ, as may their values for some of the other parameters
used to vote for HSDirs.
Tim
Tim
works fine - tor is doing
exactly what it's supposed to, it's just noisy about it.
It's fixed in master (and the fix will be released in 0.2.8), but we decided
not to do a backport to 0.2.7 just to fix an extra warning.
https://trac.torproject.org/projects/tor/ticket/17762
<https://trac.torpr
> On 30 Dec 2015, at 08:19, Toralf Förster <toralf.foers...@gmx.de> wrote:
>
> Signed PGP part
> On 12/29/2015 12:53 PM, Tim Wilson-Brown - teor wrote:
> >
> > I don't know of any other attack or request that amplifies outbound
> > traffic via tor or otherwis
ut more
information.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-rel
ersa
* Tor cells are 512 bytes, if a small request or small response is embedded in
a cell, the overhead can be quite large
This could happen because someone is uploading or downloading a large file.
But 30MB/s would probably require more than one client at the same time.
Tim
Tim Wilson-Brown (teor)
> On 21 Dec 2015, at 03:36, Toralf Förster <toralf.foers...@gmx.de> wrote:
>
> Signed PGP part
> On 12/15/2015 07:25 PM, Tim Wilson-Brown - teor wrote:
> >
> > This is wise. Tor will block your own IPv6 address, but it doesn't
> > know about your subnet:
&
to opt-in other under-utilised exit relays.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
//metrics.torproject.org/dirbytes.html>
[2]:
https://gitweb.torproject.org/torspec.git/tree/proposals/210-faster-headless-consensus-bootstrap.txt
<https://gitweb.torproject.org/torspec.git/tree/proposals/210-faster-headless-consensus-bootstrap.txt>
>
>
> On 12/20/2015 01:3
y
fallbacks are down. We can fine-tune it before release if we need to.)
Tim
>
>
>
> On 12/20/2015 3:37 PM, Tim Wilson-Brown - teor wrote:
> >
> > With 100 fallback directory mirrors, up to an extra 50 GB per
> > fallback per month. (This is my estimate of
> On 18 Dec 2015, at 06:31, ]V[ <mart...@beekhuis.org> wrote:
>
> Able!
>
(Hi, I'm teor, I'll be pulling together the opt-ins and opt-outs for Nick.)
Thanks, can you let me/us know the names your relay(s)?
(I need to know the names to add them to the opt-in list.)
Tim
Tim
-outs?
> I have a relay quite high in the list (chopin,
> 953DB709F2A2DECC8D7560661F934E64411444F7) but it is running at home and I am
> likely to move in less than 2 years so it should be opted out when things
> will no longer be option.
(Hi, I'm teor, I'll be pulling together the opt-ins and opt-
cause Tor
blocks private addresses by default:
> ExitPolicy reject private:*# Block private IPv4
This actually blocks IPv4 and IPv6:
> ExitPolicy reject *:* # Block all IPv4
>
> ## If set, and we are an exit node, allow client to use us for IPv6 tr
se errors.
Are there delays reading from network sockets, or packet loss, or something
similar?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Messa
d IPv6 addresses, port ranges and address masks too:
ExitPolicy reject 1.2.3.4/24:443-445
ExitPolicy reject [2002::abcd]:8080
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Des
features would be better there, rather than cluttering
up the consensus.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
_
some fancy unresolved abuse ranking[1].
> ...
> I think that having a tiny bit less than 1/4 of all abuse reports originating
> from Tor is a pretty great value and not "out of hand" at all.
You also have to scroll down their list for a long time before finding any
"onion wit
_
>> tor-relays mailing list
>> tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org>
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor
s along with A records for
all sites that have them?
(If it's only returning records for a few sites, or for IPv6-only sites,
that could be your problem.)
As far as I know, nothing changed in Tor Browser that could cause a dramatic
IPv6 traffic drop-off.
Tim
Tim Wilson-Brown (teor)
teor234
have to change the port-forwarding rule every time.
>
> This should get persisted in the state file.
It seems a few people are encountering this issue.
https://trac.torproject.org/projects/tor/ticket/3511
<https://trac.torproject.org/projects/tor/ticket/3511>
(We'd love a patch to fi
rate of 200KB/s could
> add to 4TB/mo in worst case, which will get a VPS account killed. What's
> a more realistic worst case if I keep 200KB throttle with no monthly
> accounting?
I think setting ports to known values is your best bet here.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail do
at relay is probably a good thing.
Two other possibilities:
* always run the relay at 250kbps
* run a bridge instead (I don't know if 250kbps is still considered enough for
a bridge)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D
:00 - Tor relay bandwith 10 000kb/s
>>
>>
>> How may I schedule this in tor relay ? Is it possible to limit traffic on
>> the client or I need to do it on my firewall ?
>>
>>
>> Thanks in advance for any feedback.
>
VPS.
(From your previous posts, it looks like the ports are not being blocked on the
VPS OS itself.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP
ask
> the admin to make some changes?
Possibly. Some VPSs let you modify the firewall settings yourself.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with Open
rvice with client
authentication.
Tim
> Am 25.11.2015 um 23:33 schrieb Tim Wilson-Brown - teor:
>>
>>> On 26 Nov 2015, at 05:36, Josef Stautner <
>>> <mailto:he...@veloc1ty.de>he...@veloc1ty.de <mailto:he...@veloc1ty.de>>
>>> wrote:
>>>
at least two of 80, 443,
6667, to at least a /8 IPv4 netblock.
So if you disable port 80, please consider checking you have port 6667 enabled.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.
res in a data file.
But I'm not sure if that's enough to avoid the attack I described above.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
(new).
Your fingerprint is generated from the RSA key.
Directory authorities ensure that each RSA key and ed25519 key pair only ever
appear together.
Did you have an ed25519 key, and then delete it? (or fail to restore it from a
backup?)
Or perhaps there is a bug in the authority's handling
801 - 900 of 995 matches
Mail list logo
