I went through my firewall's log today, and noticed a large number of blocked packets coming from other tor servers. I run a tor server myself on port 995. About 1-10 packets per minute coming from other tor servers are blocked. They all communicate to ports between 59000 and 65000, and my firewall blocks their communication.
My most important question is, why do other servers communicate to my server through any other port than 995? 995 is my advertised port. And if other tor servers' communication to me are answers to requests from my own tor server sent to them through ports 59000-65000 in my firewall, why doesn't my firewall allow those answers? The firewall doesn't block traffic that are answers to "normal" internet software for example: internet explorer, firefox, email. And only rarely block streaming video/audio by mistake. But it blocks a lot of tor traffic, why? (By the way, it blocks tor server traffic to ports 59000-65000 even when i disable SPI.) And is the tor software intelligent enough to resend the packets to port 995 instead of ports 59000-65000 when they get blocked? I'd be thankful for answers to these questions. Not that my life depends on it, but I'm curious. :-) /Viking