Does this work with the RPM from to torproject repository? My understanding from the FAQs was that it did *not* unless you were using a Debian derived distribution and I'm using CentOS, a RedHat based distro. However looking over the init.d/tor and torctl scripts it seems like it might work now, since they say they don't use su any more. I really don't want to hack the scripts from the RPM. I suppose I can just try it, but if someone has some experience with this (or words of wisdom) I'd appreciate hearing it. I changed hosting today, which with a firewall screw up on my part, was more disruptive than I'd planned and I don't want to just keep poking at it.
On 7/15/2011 11:11 AM, Damian Johnson wrote: > The far easier method is to add a "User <tor user>" entry to your > torrc then start Tor as root. This way tor will bind to the privileged > ports then lower its permissions to the given user (I've been meaning > to update that faq entry...). > > Also, I wrote a relay setup wizard that makes you a nice relay > configuration (including using 443/80) automagically. To give it a try > just... > - dowload http://www.atagar.com/transfer/tmp/arm-1.4.3rc.tar.bz2 > - extract and run 'arm' > - it should pop up a wizard that looks like... > - http://www.atagar.com/transfer/tmp/arm_wizard1.png > - http://www.atagar.com/transfer/tmp/arm_wizard2.png > - http://www.atagar.com/transfer/tmp/arm_wizard3.png > > Arm is about to have a release in the next few days so I'd love > feedback on the wizard if you have any. Cheers! -Damian > > On Fri, Jul 15, 2011 at 10:56 AM, Softail <[email protected]> wrote: >> I'm trying to switch my ports from 9001/9030 to 443/80. The tor >> configuration seems straight forward. I tried >> >> /sbin/iptables --append INPUT --protocol tcp --match state --state NEW >> --destination a.b.c.d --dport 9001 --jump ACCEPT >> /sbin/iptables --append INPUT --protocol tcp --match state --state NEW >> --destination a.b.c.d --dport 9030 --jump ACCEPT >> /sbin/iptables --table nat --append PREROUTING --protocol tcp >> --source-port 443 --destination a.b.c.d --jump DNAT --to-destination :9001 >> /sbin/iptables --table nat --append PREROUTING --protocol tcp >> --source-port 80 --destination a.b.c.d --jump DNAT --to-destination :9030 >> >> but that doesn't seem to work. The OR and Dir ports are not reachable >> from the outside. I assumed that PREROUTING happened before INPUT but >> not really an expert on this. The firewall blocks everything else >> inbound to that address but the two ports I opened. Do I need to open >> 443/80 on the INPUT chain as well and if so do I also need to keep >> 9001/9030 open also? >> >> CentOS 5.6 if that matters. >> >> Thanks >> >> -- >> A man in chains knows he should have acted sooner... >> Julian Assange >> >> _______________________________________________ >> tor-relays mailing list >> [email protected] >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
