Re: [tor-relays] Considering setting up an exit, need advice
Thanks again guys for the help. usuexit is now online, and should be functioning properly, but there seem to be a few mystifying issues: 1) TorStatus marks it as hibernating which it clearly isn't; it's online and accepting connections. I'm not sure what made TorStatus think it was offline. 2) For the first nine hours it has moved about 12 MB of data. I would think it would be more than that, especially for an exit. There's a blog post outlining the growth rate for guards, but how about for exits? 3) There are mysterious warnings in the log: Jan 30 21:57:36.000 [notice] Circuit handshake stats since last time: 0/0 TAP, 50/50 NTor. Jan 30 22:57:36.000 [notice] Circuit handshake stats since last time: 0/0 TAP, 31/31 NTor. Jan 30 23:07:29.000 [warn] EXTEND cell received, but not via RELAY_EARLY. Dropping. [4 similar message(s) suppressed in last 3600 seconds] Jan 30 23:07:29.000 [warn] (We have dropped 95.24% of all EXTEND cells for this reason) Jan 30 23:57:36.000 [notice] Circuit handshake stats since last time: 0/0 TAP, 39/39 NTor. Jan 31 00:01:41.000 [warn] Got headers HEAD / HTTP/1.0\r\n\r\n with unknown command. Closing. Jan 31 00:57:36.000 [notice] Circuit handshake stats since last time: 2/2 TAP, 41/41 NTor. Jan 31 01:04:46.000 [warn] EXTEND cell received, but not via RELAY_EARLY. Dropping. Jan 31 01:04:46.000 [warn] (We have dropped 95.45% of all EXTEND cells for this reason) I'm familiar with the meaning of the EXTEND cell, but I'm not sure what RELAY_EARLY is, nor do I know what this warning means. If the relay has an exit policy, why are circuits being extended beyond it? Hidden services, maybe? Basically the log has more warnings in it than it should (at least based on my experience with regular relays) and I'm not sure why. I tried restarting Tor, but the warnings still appeared. Any ideas on what I can do about them, if anything? Thanks, Jesse ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Considering setting up an exit, need advice
On Fri, Jan 31, 2014 at 01:22:47AM -0700, Jesse Victors wrote: Thanks again guys for the help. usuexit is now online, and should be functioning properly, but there seem to be a few mystifying issues: 1) TorStatus marks it as hibernating which it clearly isn't; it's online and accepting connections. I'm not sure what made TorStatus think it was offline. I see quite the variety of descriptors published by usuexit. Here are the timestamps (GMT): published 2014-01-30 19:53:38 published 2014-01-30 20:11:27 published 2014-01-30 20:24:13 (this is the one that said hibernating) published 2014-01-30 20:24:30 published 2014-01-30 20:30:04 (and this one too) published 2014-01-30 20:30:35 published 2014-01-30 20:38:35 published 2014-01-30 20:39:55 published 2014-01-30 20:43:50 published 2014-01-30 20:46:34 published 2014-01-30 20:49:59 published 2014-01-30 20:52:40 published 2014-01-31 01:56:36 (and this one as well) Have you set AccountingMax in your torrc, by chance? Also, you sure are restarting the relay a lot. You should learn how to use 'service reload' rather than 'service restart'. :) 2) For the first nine hours it has moved about 12 MB of data. I would think it would be more than that, especially for an exit. There's a blog post outlining the growth rate for guards, but how about for exits? Here's the blog post: https://blog.torproject.org/blog/lifecycle-of-a-new-relay You're in 'phase one' right now. 3) There are mysterious warnings in the log: Jan 30 23:07:29.000 [warn] EXTEND cell received, but not via RELAY_EARLY. Dropping. [4 similar message(s) suppressed in last 3600 seconds] Jan 30 23:07:29.000 [warn] (We have dropped 95.24% of all EXTEND cells for this reason) You don't happen to have set ProtocolWarnings 1 in your torrc, have you? I'm familiar with the meaning of the EXTEND cell, but I'm not sure what RELAY_EARLY is See https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/110-avoid-infinite-circuits.txt as motivated by http://freehaven.net/anonbib/#congestion-longpaths My guess is that these are unofficial Tor clients you're seeing, and you're seeing them more because all official Tor clients are ignoring your relay until it gets out of 'phase one' (from the blog post). --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Considering setting up an exit, need advice
Jesse Victors jvict...@jessevictors.com wrote: I'm thinking about setting up an exit here at my university here in the US. My ISP has no problem with Tor relays on the fast connections, but I haven't inquired about exits. I'd be running the exit on a surplus computer that I have control over in a lab in one of the main buildings. How do I ask my ISP about it? I'll be doing some research as to what Get out your campus phone book and look up their number. For all practical purposes, a university is its own ISP. Call your campus networking staff. They are good people to be acquainted with anyway for many practical reasons. ports I can open to contribute yet avoid being flooded by complaints, but if anyone has any tips I'd appreciate it. Would it be a good idea to copy the exit policy of the node at MIT? Is there a way to configure the Linux firewall so that only Tor has Internet access, in order to help show that I wasn't behind anything that comes out of the exit? I'm Probably not. For one thing, you would then be restricted to using sneakernet to install new versions of tor. basically just looking to get started here if this is feasible, and looking for advice. You have two approaches from which to choose. One is to call them up, explain what you'd like to do, and ask their advice on how to do it without breaking any university rules. Networking staffs at university are not ordinarily concerned with content, but might be interested in how much traffic (i.e., network capacity) you hope to tie up with your relay. The other approach is based on the widely held belief that it is often better to ask for forgiveness than permission. :-) Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at sdf.org *or* bennett at freeshell.org * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Considering setting up an exit, need advice
Schools are like work... either it's a free for all or requires permission and signoff. Especially for anything that can take heat, like an exit. To avoid issues, check with your administration... both the network people and the people you report to policy/class wise. Neither are hard to find or talk with. Thanks for running a relay. Also... https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays-universities ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
