Hi!
On 12.10.2016 07:18, Manny wrote:
> Oh and since I'm bugging you anyways - would it be useful to add ORPort
> [IPv6] as well? (same port as for 4 i guess?)
Yes, I've done this already. There are only a few number of IPv6
Clients, but I guess it would be useful. Most of the time, there are the
Hi!
On 12.10.2016 07:18, Manny wrote:
> Oh and since I'm bugging you anyways - would it be useful to add ORPort
> [IPv6] as well? (same port as for 4 i guess?)
Yes, I've done this already. There are only a few number of IPv6
Clients, but I guess it would be useful. Most of the time, there are the
use it as a bridge and/or as an IPv6-only client.
Regards
On 13.10.2016 01:46, teor wrote:
>
>> On 13 Oct 2016, at 06:07, diffusae wrote:
>>
>> Hi!
>>
>> On 12.10.2016 07:18, Manny wrote:
>>> Oh and since I'm bugging you anyways - would it be useful
On 14.10.2016 00:54, teor wrote:
> No, that's not what I said.
> On non-exit relays, please enable the IPv6 ORPort.
> There's no need to enable an IPv6 DirPort.
So, I wasn't totally wrong. I also guess, that it's useful.
Only because of the IPv6 DirPort, I was unsure.
Thanks again,
Reiner
__
The RPi is good to use as relay with your requirement. You can expect a
total transfer rate of 11 MBytes (100 Mbits/sec). If you use Raspberry
Pi 1 Model B+ you cannot use the official Tor repository, but the
Raspbian repos (armel) do it as well. The Pi 1 has a significant lower
power consumption w
Yes, you are right. That doesn't make a real big difference. To compile
from the source on RPi 1 would take several hours. It's better to use
some kind of cross compiling. On a RPi 2 or 3 you also could disable the
HDMI port and some other unused parts such as WiFi or Bluetooth, that
would also red
AES-NI is an extension to the x86 architecture for CPUs from Intel and
AMD. The Pi 3 is build with a ARM Cortex-A53 CPU (ARMv8-A). This has
NEON SIMD extension (Advanced SIMD 128 bit registers) with instruction
level support for AES (which implement AES rounds) and SHA-1/SHA-256.
So, I think it sh
The thread opener has ask about the superlative. :-)
IMO a Windows Server with tor is some kind of overkill, but on a Pi 3
you could use Windows 10 core and give it a try. Also BSD variants would
be fine and bit more stable.
The power consumption of the RPi 3 depends on what your are using.
Norma
Was it "Buttle" or "Tuttle", right now? ;-)
On 18.10.2016 20:39, Tristan wrote:
> Like David said, they just had the wrong IP, and it happened to be
> yours. In a world where computers outnumber people, even a single
> incorrect digit can have unintended side effects.
>
> Glad you got it fixed so
There a also some x86 mainboards which supported by coreboot. You could
run your boot loader or kernel with initrd from the flash chip, if the
capacity is big enough or you create your own embedded system with tor.
And all works very well ...
On 21.10.2016 17:56, Duncan Guthrie wrote:
> If you wan
On 24.10.2016 09:53, Petrusko wrote:
> Any suggestions and master's thoughts are welcome :)
:-)
Yes, why not use a full disk encryption? You could encrypt the root
partition. I know, it's harder to do this on a running system and
Raspbian doesn't offer you encryption within setup. The best thing
I am interested too.
It would be nice, if you can share it.
Thanks a lot
On 25.10.2016 08:49, Petrusko wrote:
> Absolutely interested ! with pleasure :)
> Will it be a link, or a file...? if you prefer sending it directly to
> this mail address...
>
> Thx in advance ;)
>
>
> Mirimir :
>> I ha
Your "draft" looks very good. I'm sure, that it will help.
Thanks a lot
On 26.10.2016 02:01, Mirimir wrote:
> On 10/25/2016 05:40 PM, teor wrote:
>>
>>> On 26 Oct. 2016, at 10:31, Mirimir wrote:
>>>
Any particular reason to let the mailing list know you have useful
information but not
Heippa,
thanks a lot for your case description.
You're right, the laws should be very similar in all EU countries.
Very strange story, you are telling about. Especially, that they won't
give you the IP address. Normally, no criminal fraud like this, would
made with a "real" IP address. I just re
Hi!
Is this already solved in 0.2.8.9-1 for addresses with global scope?
https://trac.torproject.org/projects/tor/ticket/17153
I was trying to configure a global reachable IPv6 address, but getting
the following error:
"unable to use configured ipv6 address "[::]" in a descriptor."
The only wa
Hi,
I didn't read this to the end:
https://trac.torproject.org/projects/tor/ticket/18387
"Just so you know, we want to implement this enhancement in the next
release (0.2.9)."
So, hopefully 0.2.9 stable will be released soon.
Regards,
___
tor-relays
Hi!
Thanks a lot for you reply.
On 08.11.2016 22:56, teor wrote:
> No, that's a ticket related to private IPv6 addresses on test networks.
Yes, I used the wrong URL.
> You want this one, which is not fixed:
> https://trac.torproject.org/projects/tor/ticket/5940
Maybe it will be fixed or some
Hello,
thanks for your help.
On 10.11.2016 02:31, teor wrote:
> No-one is working on it, as far as I know.
All right, now I see. It's a "nice to have feature", but I don't rely on
it. If it disturbs, than I will find a solution.
> That just changes the IPv6 address selected by the OS.
>
> I c
Hi!
On 10.11.2016 19:27, Dennis Christ wrote:
> 1. Issue: Seeing Connections
Im not sure, but I've only copied the default armrc to
/var/lib/tor/.arm/ and set the proper permissions.
As I see, there is no /usr/share/doc/arm/armrc.sample. I've fetched it
from here: https://www.atagar.com/arm/. I
Hi!
On 11.11.2016 14:10, Michael Armbruster wrote:
> Try using your nickname without quotes, like so:
>
> Nickname Iridium
Yes, I can confirm, that Nickname should be set without quotes.
> You could try to use kilobytes/s instead of a decimal number in MB
>
> RelayBandwidthBurst 1536 KB
The
Hi!
On 11.11.2016 14:14, Dennis Christ wrote:
> I think the problem with CookieAuthentication was that the cookie file
> control_auth_cookie gets written
> to /var/lib/tor. This directory is only readable by user debian-tor and
> not even group readable. I have
> put CookieAuthFileGroupReadable 1
Hi!
On 12.11.2016 12:40, Dennis Christ wrote:
> Yes that is what i tried to do. But it does not work in my case.
>
> $ arm
> [Errno 13] Permission denied: '/var/lib/tor/control_auth_cookie'
That is a bit odd. I don't have '/var/lib/tor/control_auth_cookie'
It resides in /var/run/tor/control.auth
Hi!
On 13.11.2016 03:00, Roger Dingledine wrote:
> So you shouldn't be needing to add any lines to your /etc/tor/torrc
> file.
Right, that what I've meant before.
> I believe that the Tor deb, including the one intended for jessie,
> should work with systemd well:
> https://gitweb.torproject.or
Hi!
On 22.11.2016 03:33, teor wrote:
> 0.2.9 alpha
Is it safe to use 0.2.9 alpha on relays or will it be better to test the
IPv6 client support by running Tor alpha client in a desktop environment?
Regards,
___
tor-relays mailing list
tor-relays@list
On 22.11.2016 04:10, Roger Dingledine wrote:
> If all the relays stay away from 0.2.9 until we call it stable, then it
> will definitely not be stable for relays. :)
;-)
So, I will try the latest alpha release and build it from source.
Thanks a lot
__
Hi!
On 02.12.2016 00:04, George wrote:
> Installing security/arm is simple enough.
>
> pkg install arm
Yes, that normally should solve your problem.
I've recognized that the dependencies are on Tor v0.2.8.9.
You can't install it with security/tor-devel?
Regards,
___
Doesn't deinstall py27-arm-1.4.5.0?
I not sure. If you still have arm in your package list, than it's ok.
On 02.12.2016 00:25, pa011 wrote:
>
>
> Am 02.12.2016 um 00:19 schrieb diffusae:
>> Hi!
>>
>> On 02.12.2016 00:04, George wrote:
>>> Install
You really need this directory, otherwise it won't work.
It depends on your torrc.
On 02.12.2016 00:33, pa011 wrote:
> "sudo mkdir /var/log/tor"
> "sudo chown _tor:_tor /var/log/tor"
> "sudo chmod 600 /var/log/tor"
That looks good.
Regards,
___
tor-re
Oh, yes didn't see, that it is the directory. So you need the x bit.
On 02.12.2016 00:38, George wrote:
> mkdir chmod 700 /var/log/tor;
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/to
You can fix it:
ln -s /usr/local/bin/python2.7 /usr/local/bin/python
On 02.12.2016 00:46, pa011 wrote:
> Starting arm by just "arm" brings up "/usr/local/bin/arm: python: not found"
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lis
See you ...
:-)
On 02.12.2016 00:57, pa011 wrote:
> solved, as far as I can see now - maybe more tomorrow..
>
> Thank you very much gentlemen for your help :-) !!!
>
>
>
> Am 02.12.2016 um 00:51 schrieb diffusae:
>> ln -s /usr/local/bin/pyth
Same as me ...
AFAIK it depends on your settings in torrc.
On 03.12.2016 18:02, nusenu wrote:
> it will not write to /var/log/tor/
> so I can not confirm George's observation and was wondering what version
> he did observe the mentioned behavior.
___
to
Hi!
That's nice to hear.
RAM is also very good for tor relays. :-)
Maybe you want to change your version to tor-devel-0.2.9.5.a, if you
don't done this already (e. g. portsnap fetch update && portmaster
security/tor-devel).
Regards,
On 05.12.2016 18:32, pa011 wrote:
> Working :-)
>
> It look
uick idea how to solve that one:
> To connect to svn.torproject.org insecurely, use
> `--no-check-certificate'.
pkg install ca_root_nss should help. With curl I can connect to svn.
Welcome to svn.torproject.org!
Regards,
Reiner
> Am 05.12.2016 um 18:42 schrieb diffusae:
>
Hi!
That's from today:
rx | tx |total| avg. rate
+-+-+---
today 6,26 GiB |5,21 GiB | 11,47 GiB | 1,27 Mbit/s
It's just a "low" bandwidth, but this depends on the ISP
Hi Tim!
Thanks a lot for your hint.
I've changed it. I'd recognized the public IPs with arm, but didn't know
the circumstances. Now it should be in a more secure mode,
than before.
Regards,
On 05.12.2016 23:49, teor wrote:
>
>> On 6 Dec. 2016, at 08:32, diffusae w
Well, I can read and also now the translation from Bits to Bytes.
But I am not sure about your value of the maximum network capacity.
That's the iperf3 measurement of a Raspberry Pi 1 Model B+:
[ ID] Interval Transfer Bandwidth Retr
[ 4] 0.00-10.00 sec 83.6 MBytes 8.36 M
tml
>
>
> On 12/06/2016 03:00 PM, diffusae wrote:
>> Well, I can read and also now the translation from Bits to Bytes.
>> But I am not sure about your value of the maximum network capacity.
>>
>> That's the iperf3 measurement of a Raspberry Pi 1 Model B+:
&
:-)
Does anyone needs a P4 with 300 Watts power supply. In idle mode it's
only 100 ...
On 07.12.2016 06:32, Rana wrote:
> I can just imagine someone panting while dragging a sub-$35 old desktop
> computer up the stairs after physically searching for it in a nearby
> junkyard. A considerable lev
On 07.12.2016 01:36, Duncan Guthrie wrote:
> if some flaw was exploited in the various nasty proprietary bits that
> make up the Pi, much of the network might be compromised - due to large
> similarities across the different models, this would affect considerable
> numbers of devices. So using man
;home hardware" in any common unused pc or laptop?
> Should that be a concern on ANY newer Intel hardware?
>
> Gumby
What do you think about Intel AMT, it's a part of the most modern PCs?
> On 12/07/2016 02:35 PM, diffusae wrote:
>>
>> On 07.12.2016 01:36, Dun
Which "other parts" do you mean? The GPU blob or Raspbian?
You don't need to use the stock distribution.
On 07.12.2016 23:10, Duncan Guthrie wrote:
> What I was originally getting at was that the parts of the Raspberry Pi
> that are completely proprietary - while there is a free software
> impleme
On 07.12.2016 23:50, Alex Haydock wrote:
> On 07/12/16 21:45, diffusae wrote:
>> Hmm, interesting subject ...
>>
>> On 07.12.2016 21:35, Gumby wrote:
>>> Subject seems to have changed a bit, so not hijacking it.
>>> When thinking of any exploitation of fir
Hi!
Yesterday I encountered a strange IP address update via DynDNS:
Dec 19 23:00:32.000 [notice] Your IP address seems to have changed to
176.10.104.240 (METHOD=RESOLVED HOSTNAME=my.dyndns.cc). Updating.
Dec 19 23:00:32.000 [notice] Our IP Address has changed from xx.xx.xx.xx
to 176.10.104.240; r
is correct ? Please provide some more information about you use
> case/configuration
>
> best regards
>
> Dirk
>
>
> On 20.12.2016 15:25, diffusae wrote:
>> Hi!
>>
>> Yesterday I encountered a strange IP address update via DynDNS:
>>
>> De
Hello,
yes you're right. It looks like I accidentally routed all traffic
through tor due to a faulty firewall rule. It was a bit confusing,
because of the quickly updates with the right IP. It took me a while to
understand the background.
Thanks a lot for your help
Regards,
On 20.12.2016 19:35,
Hello!
Does anybody know how to convert this to pf rules in FreeBSD:
iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports
9040
I' running a Tor client in a jail on a different IP and want to route
only the .onion traffic through.
The DNS stuff is working fine, but I can't fi
Hi!
Thanks a lot for your reply.
On 21.12.2016 20:46, Ivan Markin wrote:
> diffusae:
>> I looked into the wiki and also find some pf rules, which are routing
>> all the traffic though Tor, but this only works locally.
>
> You're likely talking about this wiki:
>
Hi!
Thanks for your reply.
On 26.12.2016 15:32, Corl3ss wrote:
>
> diffusae:
>> Hello!
>>
>
> Hi Diffusae
>
>
>> Does anybody know how to convert this to pf rules in FreeBSD:
>>
>> iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT
Hi!
On 26.12.2016 18:17, Corl3ss wrote:
> diffusae:
>> I've tried the same configuration with FreeBSD11 for armv6 (RPI-B), with
>> and without a jail and it only works locally and also dropped all other
>> network connections. I am not sure, if something is mi
Hi!
Thanks a lot for your hint.
On 28.12.2016 19:52, grarpamp wrote:
> Need to buildworld is rare and usually noted in UPDATING
> and kernel config files. make buildkernel will be much faster,
> and even faster if you strip out junk you don't need from the
> kernel config, which also speeds boot
Hi!
On 29.12.2016 00:16, grarpamp wrote:
> On Wed, Dec 28, 2016 at 5:07 PM, diffusae wrote:
>> I needed the buildworld to create a jail with ezjail.
>
> If you break some of these down all they do is lay down
> an installworld in DESTDIR and run jail on it. Too heavy
> for
Hello!
What does this warning mean?
"Jan 13 09:31:49.000 [warn] assign_to_cpuworker failed. Ignoring."
Do I need to reduce the number of connection to the relay or could I
ignore this message?
Regards,
___
tor-relays mailing list
tor-relays@lists.to
Thanks for your reply.
On 13.01.2017 23:15, teor wrote:
> Check the other warnings/notices near this warning.
> If there aren't any, then there's no problem.
The only warning I have found close to it:
"Jan 13 11:08:46.000 [warn] Your system clock just jumped 216 seconds
forward; assuming establi
Yes I do.
Should I disable it? ;-)
On 14.01.2017 17:32, niftybunny wrote:
> you have a ntp daemon running?
>
> Markus
>
>
>> On 14 Jan 2017, at 17:30, diffusae wrote:
>>
>> Thanks for your reply.
>>
>> On 13.01.2017 23:15, teor wrote:
>>&
Hi!
Thanks for reply.
On 14.01.2017 18:40, Ivan Markin wrote:
> diffusae:
>> What does this warning mean?
>>
>> "Jan 13 09:31:49.000 [warn] assign_to_cpuworker failed. Ignoring."
>>
>> Do I need to reduce the number of connection to the relay or coul
Hi Felix,
thanks for your answer.
On 16.01.2017 18:49, Felix wrote:
> There was similar on 027 but more massive including
> * assign_to_cpuworker failed
> * Your system clock just jumped
> * stalling for seconds
> Which is resolved since 0289. 'Address' was key.
>
> https:// trac.torproject.org
Hi!
Yes, since I set the "Address "line in torrc, this message was gone.
But ... I nevertheless get the "clock jumped" warning once a day:
"Jan 21 18:34:53.000 [warn] Your system clock just jumped 398 seconds
forward; assuming established circuits no longer work."
3-6 minutes difference is quite
Hi!
Thanks for your explanation.
On 22.01.2017 16:54, Ivan Markin wrote:
> This may not be related to this issue.
Yes, it looks like.
> "clock jump" may not be a clock jump actually. E.g. one can just "pause"
> all TCP connections for some time (e.g. on a firewall/DPI/traffic
> shaper) and the
Hello Ralph,
I've tested and seen your "The Onion Box v3.2 RC". I like to say, that
you've done a great work. The Interface looks good.
How about support for multiple instances in 3.2?
Best regards,
Reiner
On 30.01.2017 21:46, Ralph Wetzel wrote:
> Good Evening!
>
> After a month full of test
Hi!
Didn't update right now and got the same message today.
So, it looks like, the address field wasn't the problem.
Feb 05 15:01:25.000 [warn] assign_to_cpuworker failed. Ignoring.
Feb 05 15:01:29.000 [warn] circuit_mark_for_close_: Bug: Duplicate call
to circuit_mark_for_close at src/or/onion.c
Regards,
On 07.02.2017 18:52, Petrusko wrote:
> It's running fine since this last upgrade, on my case.
> (I've reduced RAM used by shutting down an instance... no problem, full
> bandwidth is used now!)
>
> Good luck ;)
>
>
> diffusae :
>> Hi!
>>
>>
lem, full
> bandwidth is used now!)
>
> Good luck ;)
>
>
> diffusae :
>> Hi!
>>
>> Didn't update right now and got the same message today.
>> So, it looks like, the address field wasn't the problem.
>>
>> Feb 05 1
ow!)
>
> Good luck ;)
>
>
> diffusae :
>> Hi!
>>
>> Didn't update right now and got the same message today.
>> So, it looks like, the address field wasn't the problem.
>>
>> Feb 05 15:01:25.000 [warn] assign_to_cpuworker failed. Ignoring.
Me too not.
If the machine is running, the content is always unencrypted.
On 30.05.2017 20:30, tor wrote:
> I just checked a handful of relays that have been running for months or
> years, and the DataDir ranged in size from 60 to 90 MB. They're all
> running debian or ubuntu.
>
> I also don't u
This instance is running forward.
Oct 21 00:44:20.989 [notice] Tor 0.3.1.7 (git-6babd3d9ba9318b3) running
on FreeBSD with Libevent 2.1.8-stable, OpenSSL 1.0.2j-freebsd, Zlib
1.2.8, Liblzma 5.2.2, and Libzstd 1.3.2.
Oct 21 01:08:34.000 [notice] Self-testing indicates your ORPort is
reachable from
Thanks a lot for your hint.
On 21.10.2017 12:45, Alexander Dietrich wrote:
> Sounds like bug #23551
> (https://trac.torproject.org/projects/tor/ticket/23551), which will
> apparently get a fix on 0.3.1.
Yes, it really looks like that. Seems to be zstd version
incompatibility. I discovered it the
67 matches
Mail list logo