All:
Nevermind... After roughly 48 hours, the written/read bytes per second graph, 
on the metrics.torproject.org site, began showing normal activity, again.
Please consider this thread resolved.
Respectfully,

Gary

    On Monday, August 23, 2021, 2:15:07 AM MDT, Gary C. New 
<garyc...@yahoo.com> wrote:  
 
  All:

It turns out that this issue was related to PortForwarding to the Private 
Gateway Address (192.168.0.1:9001).




The solution was to include an iptables ACCEPT Rule in the INPUT Chain to the 
PortForward destination (the Private Gateway Address - 192.168.0.1:9001).




# iptables -I INPUT -p tcp --dport 9001 -j ACCEPT




# iptables -A VSERVER -p tcp -m tcp --dport 443 -j DNAT --to-destination 
192.168.0.1:9001




Now, the Tor Self-Test is returning successfully. However, now, there is an 
issue with the written/read bytes per second graph, on the 
metrics.torproject.org site, dropping to zero.




Any idea why PortForwarding would cause the written/read bytes per second graph 
to drop to zero?




Respectfully,







Gary


    On Tuesday, August 17, 2021, 7:43:22 AM MDT, Gary C. New 
<garyc...@yahoo.com> wrote:  
 
  All:
After reviewing several packet-traces of Tor bound directly to the Public 
Address:Port vs Tor bound to the Private Address:Port and Advertising the 
Public Address:Port, I believe I may have found the the issue.
It appears that when Tor is bound directly to the Public Address:Port, the 
initial measurement connections are initiated from External Tor Nodes via 
High-Ports to the Public Address:Port over TLSv1.2 or TLSv1.3 successfully 
passing self-test. However, when Tor is bound to the Private Address:Port and 
Advertising the Public Address:Port, the initial measurement connections are 
initiated from External Tor Nodes via High-Ports to the Public Address:Port 
over TLSv1.0. Tor does not like the TLSv1.0 connections and Resets the them; 
thus, failing the self-test.
The question is... Why are the initial measurement connections initiated from 
External Tor Nodes via High-Ports with the Private Address:Port binding and 
Public Advertised Address:Port combination over TLSv1.0?
Has anyone successfully implemented the Private Address:Port binding and Public 
Advertised Address:Port combination that successfully passes self-test whom 
would be kind enough to share their configuration?
Is there a way to force the External Tor Nodes that initiate the measurement 
connections to use TLSv1.2 or TLSv1.3 with the Private Address:Port binding and 
Public Advertised Address:Port combination?
Thanks, again, for your assistance.
Respectfully,

Gary

    On Saturday, August 14, 2021, 2:47:01 AM PDT, Gary C. New 
<garyc...@yahoo.com> wrote:  
 
  David,
The ISP has port 9001 blocked to the Public Address.
Do the ports have to be the same, when using NoAdvertise & NoListen with the 
ORPort directive?
Thanks!

Gary

    On Saturday, August 14, 2021, 12:20:36 AM MDT, David Figuera <d...@mm.st> 
wrote:  
 
 > ORPort 198.91.60.78:443 NoListen
> ORPort 192.168.0.1:9001 NoAdvertise

Why two different ports?
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
        
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Reply via email to