> On 5 Jul 2015, at 11:37 , teor <[email protected]> wrote: > >> Date: Sat, 4 Jul 2015 19:34:45 -0400 >> From: Ben Serebin <[email protected]> >> Subject: Re: [tor-relays] unflagged BAD EXIT nodes >> >> ?I'll hijack the response.... I'm a sysadmin, an unloved Windows one. My >> unwanted $0.02 are: >> >> - Windows installer (omg, Windows, the evil one which if you really want >> greater adoption is the answer! Oh smokes, someone said it! > > I agree that relay installers, particularly for non-Linux platforms, would > help increase Tor's platform diversity. But platform diversity isn't a large > part of Tor's threat model, as its impact is mainly felt through > vulnerabilities shared by an entire platform. > > Currently, it looks like 90% of the Tor relays are Linux, by count of relays. > (I believe the weighted bandwidth statistic is much higher than 90%.) > https://metrics.torproject.org/platforms.html > > One suggestion I've heard, but that isn't ideal, is to download the Tor > Browser Bundle, and modify the torrc in it to run a relay. > > That said, a relay operator really needs to know how to download, install, > and configure a service on a secured server. So that's one reason a one-click > installer is a bad idea. > >> - change the architecture so running behind nat works (this is probably the >> #1 limit factor for increasing relays). Every tom, dick, and harry could >> then add bandwidth via every internet circuit. It would be insane! > > Tor relays run quite fine behind a NAT, as long as the NAT box handles the > number of connections which tor makes. > > There's even src/tools/tor-fw-helper, which supports NAT-PMP and UPnP. > It can be configured via the torrc option: > PortForwarding 1 > > Or, you can configure your NAT box to forward ports yourself.
Don't use PortForwarding or src/tools/tor-fw-helper, just configure your NAT box to forward ports. It's much more reliable, and you can see exactly what's configured. Tim Tim Wilson-Brown (teor) teor2345 at gmail dot com pgp ABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
