Re: My tor exit node is gone from the node list?
On Tue, Apr 28, 2009 at 04:33:35PM +0300, Alexandru Cezar wrote: > For several months, we've been running a tor exit node (kyirong/A8BD >32A9 C2F2 0C4F 8ED2 C26C E477 0A24 85E3 CD22). Since a few days, it >seems to have vanished from the list of nodes, and I cannot make it >reappear. How odd. It is still publishing descriptors, and the directory authorities are still testing its reachability. In particular, here are the six votes from the six directory authorities: moria1: r kyirong hJ1FoyM1XrNPcy7120MLkGoh2q4 a8to9mHCh8NrHRXv2kYvWc80StA 2009-05-09 15:14:55 89.248.169.108 8010 80 s Exit Fast HSDir Running Unnamed V2Dir Valid dizum: r kyirong hJ1FoyM1XrNPcy7120MLkGoh2q4 a8to9mHCh8NrHRXv2kYvWc80StA 2009-05-09 15:14:55 89.248.169.108 8010 80 s V2Dir Valid tor26: r kyirong hJ1FoyM1XrNPcy7120MLkGoh2q4 a8to9mHCh8NrHRXv2kYvWc80StA 2009-05-09 15:14:55 89.248.169.108 8010 80 s Unnamed V2Dir Valid ides: r kyirong hJ1FoyM1XrNPcy7120MLkGoh2q4 a8to9mHCh8NrHRXv2kYvWc80StA 2009-05-09 15:14:55 89.248.169.108 8010 80 s Exit Fast HSDir Running V2Dir Valid dannenberg: r kyirong hJ1FoyM1XrNPcy7120MLkGoh2q4 a8to9mHCh8NrHRXv2kYvWc80StA 2009-05-09 15:14:55 89.248.169.108 8010 80 s Exit Fast HSDir Running V2Dir Valid gabelmoo: r kyirong hJ1FoyM1XrNPcy7120MLkGoh2q4 a8to9mHCh8NrHRXv2kYvWc80StA 2009-05-09 15:14:55 89.248.169.108 8010 80 s V2Dir Valid Only three of the six are voting for the Running flag. Therefore it's not considered running, and it's left out of the consensus (since nobody would use it anyway). So that's why it's missing. But, why is it not considered reachable from three of them? I'm not sure. --Roger
Re: ExitNodes for encrypted connects only are not possible. Why?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/09/2009 01:38 PM, Gitano wrote: >> It's unlikely that the criteria you pasted above will be changed. There >> need to be some criteria, and if almost every node matches them, the >> flag would be useless. > > Ok, but adding one more 'secure' port beside 443 would be enough in this > case. I'm not sure what you are trying to achieve with that. The idea is not to flag as many nodes that permit exiting as Exit nodes. The idea is to relieve the exit nodes carrying most of the exit traffic from acting as middle nodes, so that they can push more exit traffic. The same is done for guard nodes, by the way. It's unlikely that your node would carry as much exit traffic with the five ports you mentioned as compared to other nodes that already meet the requirements for the Exit flag. Of course the requirements could be lowered to assign the Exit flag to more relays. But it defeats the purpose if too many nodes have that flag. In the end, all nodes would see the same load as before, without the Exit flag. I'm not saying that the current definition for the Exit flag is perfect. But right now we lack good data to come up with a better definition. Best, - --Karsten -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoFvy8ACgkQ0M+WPffBEmXMawCgkzkbYdk1J4F6y7VSxdfxUKTm LeoAoMNHbXYG6BqSIFu2dpq3VQ+He56t =O2DW -END PGP SIGNATURE-
Re: Vidalia issue
On Fri, 8 May 2009 13:01:23 -0400 Praedor Atrebates wrote: > I have had to give up on Tork and am now trying to make vidalia > work. I am unable to get vidalia to assign a password to the control > port. How does one do this short of running vidalia as root? It is > preventing me from being able to support the tor network because I do > not want to run with no protected control port. Is tor started by the system/run as a daemon? And vidalia is trying to attach to the existing Tor? -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identica/Twitter: torproject
Re: ExitNodes for encrypted connects only are not possible. Why?
Karsten Loesing wrote: > Feel free to configure your node to exit to those 5 ports only. That > makes your node an exit node for connections to those ports. > > Your node won't get the Exit flag, though, but that's not required for > being an exit node. The Exit flag is used by clients for path selection. > Relays with the Exit flag are selected less often for non-exit > positions, so that their bandwidth is saved for exiting connections. > That means that your node will be selected more often as middle node and > less often as exit node compared to relays that have the Exit flag. Thank you for illuminating this. I will do so. > It's unlikely that the criteria you pasted above will be changed. There > need to be some criteria, and if almost every node matches them, the > flag would be useless. Ok, but adding one more 'secure' port beside 443 would be enough in this case.
Re: ExitNodes for encrypted connects only are not possible. Why?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/09/2009 11:19 AM, Gitano wrote: > In 'git.torproject.org/checkout/tor/master/doc/spec/dir-spec.txt' > ExitNodes are defined as: > >"Exit" -- A router is called an 'Exit' iff it allows exits to at > least two of the ports 80, 443, and 6667 and allows exits to at > least one /8 address space. > > I would like to setup my ExitNode for ports 443, 465, 563, 993, 995 > (https, ssmtp, nntps, imaps, pop3s) only, but this is not possible. > > What's the reason behind this? Is there any chance to loose this > restriction in one of the next releases? Feel free to configure your node to exit to those 5 ports only. That makes your node an exit node for connections to those ports. Your node won't get the Exit flag, though, but that's not required for being an exit node. The Exit flag is used by clients for path selection. Relays with the Exit flag are selected less often for non-exit positions, so that their bandwidth is saved for exiting connections. That means that your node will be selected more often as middle node and less often as exit node compared to relays that have the Exit flag. It's unlikely that the criteria you pasted above will be changed. There need to be some criteria, and if almost every node matches them, the flag would be useless. Hope that helps! - --Karsten -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoFTeEACgkQ0M+WPffBEmX4jgCgncZIgKLe1t4nK3Fau0NWirws eCgAnRC4XUqHvaBHpv9WZ9y1hP+JZb6T =yEhk -END PGP SIGNATURE-
ExitNodes for encrypted connects only are not possible. Why?
In 'git.torproject.org/checkout/tor/master/doc/spec/dir-spec.txt' ExitNodes are defined as: "Exit" -- A router is called an 'Exit' iff it allows exits to at least two of the ports 80, 443, and 6667 and allows exits to at least one /8 address space. I would like to setup my ExitNode for ports 443, 465, 563, 993, 995 (https, ssmtp, nntps, imaps, pop3s) only, but this is not possible. What's the reason behind this? Is there any chance to loose this restriction in one of the next releases?