Re: [tor-relays] A new kind of attack?
On Donnerstag, 18. Januar 2024 19:37:22 CET eff_03675...@posteo.se wrote: > I just received a DDOS attack on a pretty settled exit relay. Surgeprotector is very helpful for exits https://github.com/artikel10/surgeprotector Tor-nightly 0.4.9.0-alpha-dev fixed https://gitlab.torproject.org/tpo/core/tor/-/issues/40676 by trinity https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/735 ReevaluateExitPolicy 1 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom! signature.asc Description: This is a digitally signed message part. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
On Donnerstag, 18. Januar 2024 23:52:00 CET Jag Talon wrote: > Bug has been filed here for anyone following the thread: > https://bugzilla.ipfire.org/show_bug.cgi?id=13541 It's best to ask the provider for their geofeed and mention it in the bug report. Then all subnets in this AS will be corrected. https://bugzilla.ipfire.org/show_bug.cgi?id=12774 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom! signature.asc Description: This is a digitally signed message part. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
Bug has been filed here for anyone following the thread: https://bugzilla.ipfire.org/show_bug.cgi?id=13541 Thank you all for the help! On 1/18/24 17:11, trinity pointard wrote: If tor's geoip db (which indeed is IPFire) has the wrong country for your IP, and you want it fixed, the correct place to fill an issue is on IPFire's bugzilla. -- Jag Talon Designer for the Tor Project OpenPGP_0x2F17E7825E755F08.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
Oh excellent thank you for pointing me to the right place! I'll make sure to create an issue there. On 1/18/24 17:11, trinity pointard wrote: Hi everyone, If tor's geoip db (which indeed is IPFire) has the wrong country for your IP, and you want it fixed, the correct place to fill an issue is on IPFire's bugzilla. You can see an instance of a previous report here https://bugzilla.ipfire.org/show_bug.cgi?id=13037 . It's not very important for the purpose of tor, but you'd be making one of the only embedable geoip database a little more accurate for everyone else Regards, trinity-1686a On Thu, 18 Jan 2024 at 22:08, Martin Gebhardt via tor-relays wrote: Hello, unfortunately this happens more often. you are not alone :-) Am 18.01.2024 um 20:50 schrieb NodNet : I think tor and Tor Project use IPFire's DB for GeoIP lookups, and 198.13.48.219 shows the following: Yes, libloc/location is used. I had the same problem with one or two relays years ago. This was then fixed by a manual override. This is currently also the case with 3 of my relays (37.252.255.135 / 37.252.254.33 / 217.146.2.41) However, I can't explain why. Because the hoster has a geofeed (https://opengeofeed.org/feed/as42473.html) and RIPE also has the correct country information. In any case, it is not so important to me that it is correct in the metrics. But it would be nice. Maybe I'll get round to mentioning it again on the location mailing list soon. Ahoy, Martin ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Jag Talon Designer for the Tor Project OpenPGP_0x2F17E7825E755F08.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
Hi everyone, If tor's geoip db (which indeed is IPFire) has the wrong country for your IP, and you want it fixed, the correct place to fill an issue is on IPFire's bugzilla. You can see an instance of a previous report here https://bugzilla.ipfire.org/show_bug.cgi?id=13037 . It's not very important for the purpose of tor, but you'd be making one of the only embedable geoip database a little more accurate for everyone else Regards, trinity-1686a On Thu, 18 Jan 2024 at 22:08, Martin Gebhardt via tor-relays wrote: > > Hello, > > unfortunately this happens more often. you are not alone :-) > > > Am 18.01.2024 um 20:50 schrieb NodNet : > > > > I think tor and Tor Project use IPFire's DB for GeoIP lookups, and > > 198.13.48.219 shows the following: > > Yes, libloc/location is used. I had the same problem with one or two relays > years ago. This was then fixed by a manual override. > > This is currently also the case with 3 of my relays (37.252.255.135 / > 37.252.254.33 / 217.146.2.41) > > However, I can't explain why. Because the hoster has a geofeed > (https://opengeofeed.org/feed/as42473.html) and RIPE also has the correct > country information. > > In any case, it is not so important to me that it is correct in the metrics. > But it would be nice. > > Maybe I'll get round to mentioning it again on the location mailing list soon. > > Ahoy, Martin > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
Hello, unfortunately this happens more often. you are not alone :-) > Am 18.01.2024 um 20:50 schrieb NodNet : > > I think tor and Tor Project use IPFire's DB for GeoIP lookups, and > 198.13.48.219 shows the following: Yes, libloc/location is used. I had the same problem with one or two relays years ago. This was then fixed by a manual override. This is currently also the case with 3 of my relays (37.252.255.135 / 37.252.254.33 / 217.146.2.41) However, I can't explain why. Because the hoster has a geofeed (https://opengeofeed.org/feed/as42473.html) and RIPE also has the correct country information. In any case, it is not so important to me that it is correct in the metrics. But it would be nice. Maybe I'll get round to mentioning it again on the location mailing list soon. Ahoy, Martin ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
https://www.infobyip.com/ip-198.13.48.219.html Shows Japan! Malcolm On Thu, Jan 18, 2024 at 4:00 PM NodNet < tor_at_nodnetwork.org_0tpcq...@duck.com> wrote: > I think tor and Tor Project use IPFire's DB for GeoIP lookups, and > 198.13.48.219 shows the following: > > NETWORK: 198.13.48.0/20 > AUTONOMOUS SYSTEM: AS20473 - AS-CHOOPA > COUNTRY: United States of America > > https://www.ipfire.org/projects/location/lookup/198.13.48.219 > > On 1/18/2024 11:22 AM, Jag Talon wrote: > > Hello, > > > > I have a relay in Japan with the IP of 198.13.48.219, but it's being > > marked as being in the US. I've tried using different websites like > > www.iplocation.net, iplocation.io, and www.wolframalpha.com and > > they're all telling me that the IP is in Japan. > > > > I'm wondering if perhaps there's an issue with the GeoIP lookup? Or > > perhaps an outdated database? > > > > Thanks! > > > > > > ___ > > tor-relays mailing list > > tor-relays@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
Ah I see it looks like it is up-to-date then if it's showing the same thing. Thanks for that info! On 1/18/24 13:50, NodNet wrote: I think tor and Tor Project use IPFire's DB for GeoIP lookups, and 198.13.48.219 shows the following: NETWORK: 198.13.48.0/20 AUTONOMOUS SYSTEM: AS20473 - AS-CHOOPA COUNTRY: United States of America https://www.ipfire.org/projects/location/lookup/198.13.48.219 On 1/18/2024 11:22 AM, Jag Talon wrote: Hello, I have a relay in Japan with the IP of 198.13.48.219, but it's being marked as being in the US. I've tried using different websites like www.iplocation.net, iplocation.io, and www.wolframalpha.com and they're all telling me that the IP is in Japan. I'm wondering if perhaps there's an issue with the GeoIP lookup? Or perhaps an outdated database? Thanks! ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Jag Talon Designer for the Tor Project OpenPGP_0x2F17E7825E755F08.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
I think tor and Tor Project use IPFire's DB for GeoIP lookups, and 198.13.48.219 shows the following: NETWORK: 198.13.48.0/20 AUTONOMOUS SYSTEM: AS20473 - AS-CHOOPA COUNTRY: United States of America https://www.ipfire.org/projects/location/lookup/198.13.48.219 On 1/18/2024 11:22 AM, Jag Talon wrote: Hello, I have a relay in Japan with the IP of 198.13.48.219, but it's being marked as being in the US. I've tried using different websites like www.iplocation.net, iplocation.io, and www.wolframalpha.com and they're all telling me that the IP is in Japan. I'm wondering if perhaps there's an issue with the GeoIP lookup? Or perhaps an outdated database? Thanks! ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] A new kind of attack?
Hi, I just received a DDOS attack on a pretty settled exit relay. Who DDOS a Exit relay but the state or victim of it potential abuses? Here the relay is in India. Thank you for sharing this observation. I firmly believe in the similar situation applying. On 16.01.2024 15:29, li...@for-privacy.net wrote: On Montag, 15. Januar 2024 23:19:37 CET Chris Enkidu-6 wrote: I've noticed a new kind of possible attack on some of my relays, as early as Dec.23 which causes huge spikes of outbound traffic I have included charts and excerpts from the log in my post in Tor forum at below link: https://forum.torproject.org/t/new-kind-of-attack/11122 This seems to be related to what we already had in September: https://forum.torproject.org/t/excessive-unbalanced-relay-traffic/9291 It is always only intermittent and only some off my relays are affected. https://forum.torproject.org/t/excessive-unbalanced-relay-traffic/9291/8 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
Hi, It is located in Tokyo, Japan. https://ipleak.net/?q=198.13.48.219 Mensagem original Em 18/01/2024 14:48, noury escreveu: > Hey, > > For what it's worth ipinfo.io says it's in Ōi, Saitama, Japan. > > https://ipinfo.io/198.13.48.219 > > On 18.01.24 18:22, Jag Talon wrote: > > Hello, > > > > I have a relay in Japan with the IP of 198.13.48.219, but it's being > > marked as being in the US. I've tried using different websites like > > www.iplocation.net, iplocation.io, and www.wolframalpha.com and > > they're all telling me that the IP is in Japan. > > > > I'm wondering if perhaps there's an issue with the GeoIP lookup? Or > > perhaps an outdated database? > > > > Thanks! > > > > > > ___ > > tor-relays mailing list > > tor-relays@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > publickey - cauanzorzenon1@protonmail.com - 0x3C656E83.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay in Japan being marked as a US relay?
Hey, For what it's worth ipinfo.io says it's in Ōi, Saitama, Japan. https://ipinfo.io/198.13.48.219 On 18.01.24 18:22, Jag Talon wrote: Hello, I have a relay in Japan with the IP of 198.13.48.219, but it's being marked as being in the US. I've tried using different websites like www.iplocation.net, iplocation.io, and www.wolframalpha.com and they're all telling me that the IP is in Japan. I'm wondering if perhaps there's an issue with the GeoIP lookup? Or perhaps an outdated database? Thanks! ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Relay in Japan being marked as a US relay?
Hello, I have a relay in Japan with the IP of 198.13.48.219, but it's being marked as being in the US. I've tried using different websites like www.iplocation.net, iplocation.io, and www.wolframalpha.com and they're all telling me that the IP is in Japan. I'm wondering if perhaps there's an issue with the GeoIP lookup? Or perhaps an outdated database? Thanks! -- Jag Talon Designer for the Tor Project OpenPGP_0x2F17E7825E755F08.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays