Re: [tor-relays] Digital Ocean - running Exit node locked

[Alecks Gates]

I'm running on DO as well with the reduced exit policy and have had
about five complaints in 2 months.  DO certainly appears to be getting
less and less happy.  I'm glad to know it's not just me, though.

Hopefully a curated list of IPs to reject will help a lot.  Thanks for
the link to tornull.

Exit Node fingerprints:
E553AC1CA05365EA218D477C2FF4C48986919D07
889550CB9C98CF172CB977AA942B77E9759056C2

Alecks

On 10/07/2016 07:04 PM, Matthew Finkel wrote:
> On Sat, Oct 08, 2016 at 12:16:39AM +0200, Markus Koch wrote:
>> 2016-10-08 0:09 GMT+02:00 Tristan :
>>> This page has 3 policies: Reduce exit policy, reduced-reduced exit policy,
>>> and a lightweight example policy.
>>>
>>> https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
>>>
>>>
>>> On Oct 7, 2016 5:01 PM, "Markus Koch"  wrote:

 reduced-reduced exit policy. ?

 Illuminate me, pls.

>> Thank you both!
>>
>> Will try https://tornull.org. Perhaps it helps.
>>
>> Markus
>>
> 
> I spotchecked a few of the rejects on the list. Spamhaus returned a page
> showing only [0][1][2][3]:
> 
>   Error SH-403-001 
> 
> 
> Are all of those tornull rejects legit?
> 
> Another one I checked said:
> 
>   "Network operated by cybercriminals, providing services to spammers and
>   botnet operators. Can't trust anything originating from AS59564."
> 
> 
> And that came from [4]:
> 
>   "Upstream Adjacent AS list
>   AS3255 UARNET-AS State Enterprise Scientific and Telecommunication Centre
>   "Ukrainian Academic and Research Network" of the Institute for Condensed
>   Matter Physics of the National Academy of Science of Ukraine (UARNet),UA"
> 
> 
> I worry about blindly following a list of rejected subnets. I won't argue that
> it's not safer for the exit operator, but I hope someone's cross-checking and
> confirming each entry is needed.
> 
> 
> [0] https://www.spamhaus.org/sbl/query/SBL113323
> [1] https://www.spamhaus.org/sbl/query/SBL169644
> [2] https://www.spamhaus.org/sbl/query/SBL300589
> [3] https://www.spamhaus.org/sbl/query/SBL310432
> [4] https://www.spamhaus.org/sbl/query/SBL244638
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


0x26CA0F78.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[Ralph Seichter]

On 08.10.16 00:00, Markus Koch wrote:

> reduced-reduced exit policy. ?

The reduced-reduced policy variant is shown here:
https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy

-Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[Markus Koch]

reduced-reduced exit policy. ?

Illuminate me, pls.

Markus
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[Markus Koch]

# The following sets which ports can exit the tor network through you. For more
# information and updates on the suggested policy see:
# https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
ExitPolicy accept *:53# DNS

# ports for general internet browsing
ExitPolicy reject 103.11.130.162:* # Gute Frage :(
ExitPolicy reject 23.254.211.232:* # gute Frage :(
ExitPolicy reject 211.234.112.4:* # South Korea
ExitPolicy reject 147.67.119.2:* # tax spam
ExitPolicy reject 147.67.119.20:* # tax spam
ExitPolicy reject 147.67.119.102:* # tax spam
ExitPolicy reject 147.67.136.2:* # tax spam
ExitPolicy reject 147.67.136.20:* # tax spam
ExitPolicy reject 147.67.136.102:* # tax spam
ExitPolicy reject 147.67.136.103 # TAX SPAM
ExitPolicy reject 147.67.136.21  # TAX SPAM
ExitPolicy reject 147.67.119.103  # TAX SPAM
ExitPolicy reject 147.67.119.3  # TAX SPAM
ExitPolicy reject 147.67.136.3  # TAX SPAM
ExitPolicy reject 147.67.119.21  # TAX SPAM
ExitPolicy reject 138.197.129.153:* #Hacking Fail2ban
ExitPolicy accept *:80# HTTP
ExitPolicy accept *:81# HTTP Alternate
ExitPolicy accept *:443   # HTTPS
ExitPolicy accept *:3128  # SQUID
ExitPolicy accept *:8008  # HTTP Alternate
ExitPolicy accept *:8080  # HTTP Proxy
ExitPolicy reject *:* # prevents any exit traffic not permitted above

Thats part of my DigitalOcean torrc file. I got the fucking tax spam
and the south korea bank on every droplet ever, so I would advise you
to do the same reject. Its helping to only allow HTTP + HTTPS. But
with the new circle I am just 2 weeks in and already 5 abuse mails.
And these exits should go to a friend ... I need more spare time :/

Markus


2016-10-07 23:49 GMT+02:00 Tristan :
> Guess I'm next. My relay has been running for 3 months now. I'm doing my
> best to be a good neighbor though. After the first month, I got an SSH
> abuse, so now I reject SSH traffic. A month later I got an SQL hack attempt,
> and I switched to the reduced-reduced exit policy. Haven't gotten anything
> else yet.
>
>
> On Oct 7, 2016 4:34 PM, "Markus Koch"  wrote:
>
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> Welcome to DigitalOcean!
>
> Markus
>
>
> 2016-10-07 23:23 GMT+02:00 pa011 :
>> Seems like even DO is not very much in favour of running Exits any more ?
>>
>> Anybody made the same experience - how to handle this please ?
>>
>> Thanks and Regards
>> Paul
>>
>>
>> "Hello -Although we do not specifically disallow TOR exit nodes, as the
>> account holder you are responsible for all the traffic going through your
>> droplet (including traffic that an exit node may generate).
>>
>> Also be aware that we do not allow some of the traffic types that come out
>> of a typical TOR exit node (torrents, spam, SSH probes, hacking attempts,
>> botnets, DDoS, etc).
>>
>> If you are unable to stop this sort of traffic, please reconsider running
>> a TOR exit node as it may lead to your account suspension or termination.
>>
>> Please refer to our Terms of Service for greater detail on this issue:
>> https://www.digitalocean.com/legal/terms/
>>
>> Best,
>>
>> DigitalOcean Support "
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[pa011]

Thanks Markus - you are obviously well experienced with them :-)
We should meet some day and share this and others..

Paul

Am 07.10.2016 um 23:33 schrieb Markus Koch:
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> Welcome to DigitalOcean!
> 
> Markus
> 
> 
> 2016-10-07 23:23 GMT+02:00 pa011 :
>> Seems like even DO is not very much in favour of running Exits any more ?
>>
>> Anybody made the same experience - how to handle this please ?
>>
>> Thanks and Regards
>> Paul
>>
>>
>> "Hello -Although we do not specifically disallow TOR exit nodes, as the 
>> account holder you are responsible for all the traffic going through your 
>> droplet (including traffic that an exit node may generate).
>>
>> Also be aware that we do not allow some of the traffic types that come out 
>> of a typical TOR exit node (torrents, spam, SSH probes, hacking attempts, 
>> botnets, DDoS, etc).
>>
>> If you are unable to stop this sort of traffic, please reconsider running a 
>> TOR exit node as it may lead to your account suspension or termination.
>>
>> Please refer to our Terms of Service for greater detail on this issue: 
>> https://www.digitalocean.com/legal/terms/
>>
>> Best,
>>
>> DigitalOcean Support "
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[Markus Koch]

They will kick you after 2-3 months. Delete account, make new account.
They will kick you after 2-3 months. Delete account, make new account.
They will kick you after 2-3 months. Delete account, make new account.
They will kick you after 2-3 months. Delete account, make new account.
Welcome to DigitalOcean!

Markus


2016-10-07 23:23 GMT+02:00 pa011 :
> Seems like even DO is not very much in favour of running Exits any more ?
>
> Anybody made the same experience - how to handle this please ?
>
> Thanks and Regards
> Paul
>
>
> "Hello -Although we do not specifically disallow TOR exit nodes, as the 
> account holder you are responsible for all the traffic going through your 
> droplet (including traffic that an exit node may generate).
>
> Also be aware that we do not allow some of the traffic types that come out of 
> a typical TOR exit node (torrents, spam, SSH probes, hacking attempts, 
> botnets, DDoS, etc).
>
> If you are unable to stop this sort of traffic, please reconsider running a 
> TOR exit node as it may lead to your account suspension or termination.
>
> Please refer to our Terms of Service for greater detail on this issue: 
> https://www.digitalocean.com/legal/terms/
>
> Best,
>
> DigitalOcean Support "
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Digital Ocean - running Exit node locked

[pa011]

Seems like even DO is not very much in favour of running Exits any more ?

Anybody made the same experience - how to handle this please ?

Thanks and Regards 
Paul


"Hello -Although we do not specifically disallow TOR exit nodes, as the account 
holder you are responsible for all the traffic going through your droplet 
(including traffic that an exit node may generate).

Also be aware that we do not allow some of the traffic types that come out of a 
typical TOR exit node (torrents, spam, SSH probes, hacking attempts, botnets, 
DDoS, etc).

If you are unable to stop this sort of traffic, please reconsider running a TOR 
exit node as it may lead to your account suspension or termination.

Please refer to our Terms of Service for greater detail on this issue: 
https://www.digitalocean.com/legal/terms/

Best,

DigitalOcean Support "
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Politically correct?

[Green Dream]

Tor is not perfect and everyone would be wise to learn as much as
possible about its limitations (I'd start here:
https://www.torproject.org/download/download.html.en#warning). It's
still a very useful privacy tool though.

Snowden: "I think Tor is the most important privacy-enhancing
technology project being used today. I use Tor personally all the
time. We know it works from at least one anecdotal case that’s fairly
familiar to most people at this point. That’s not to say that Tor is
bulletproof. What Tor does is it provides a measure of security and
allows you to disassociate your physical location."
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Middle Relay changed to Exit Relay Bandwidth Change

[Tristan]

It's very normal for exit relays to pick up *much *more traffic than middle
or guard. Because exit relays have to deal with the abuse complaints of Tor
users, there are much fewer exit relays than middle and guard:
http://rougmnvswfsmd4dq.onion/relayflags.html

Even though there is plenty of bandwidth in the Tor network (
http://rougmnvswfsmd4dq.onion/bandwidth-flags.html), the sheer amount of
exit vs non-exit relays causes exit relays to have much more traffic.

On Fri, Oct 7, 2016 at 3:23 PM, tmbates12  wrote:

> Recently I enable exits on my relay and traffic seemed to jump very high
> compared to the almost stagnant bandwidth increase wen it was just running
> as a guard middle relay. I was wondering if this was normal for the traffic
> to jump this much.
>  Here's the Atlas link for my relay: https://atlas.
> torproject.org/#details/ABF5C38A93F2D7E77A226871AB0ADB052279B48F
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>


-- 
Finding information, passing it along. ～SuperSluether
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Politically correct?

[torserver]

Hello list members,

for simple - political - reasons, i began contributing otherwise wasted
bandwith to the tor network about half a year ago. And i am reading this
list.

Lately, there has been a discussion (Intrusion Prevention System
Software - Snort or Suricata), that brought up some opinions about tor,
more or less focused from a technical point-of-view.
Interesting to me (the noob, that i am) was the belief, that tor was ok
(as some seem to think).
I am very much less optimistic:

From the information, i can gather on my own personal computer, i can
see, that almost every operating system sends out greetings to servers
in akamai's reach, a company that happens to have contracts with
microsoft and whatnot.
Reading about their business, i find every reason to believe, that the
time to fight for anonymity on the net is long gone, that security -
even from their perspective - needs more resources than any individual
will ever be able to have at its disposal.
Also, i am aware of the possibility to get tracked by the
telecommunication provider anytime and without me noticing it.

My conclusion has been, that i am maybe 30 years too late in my activity
to support tor - as a simple relay -. And the companies that seem to
have most control over the internet (like google, akamai, and others)
are in the process to control more and more of it, and only for that
reason are fighting against malware like viruses and bots, and of course
also fighting tor (by using honeypots as well as intrusion into the
community to get as much information as possible about the people trying
to hide in anonymity).

This seems to be so true to me, that i begin to feel _guilty of
nourishing false hopes_, that any individual could feel safe by using
tor, irrespective of where and how legitimate/needed their requests are
originating from.
Seriously, i am beginning to think, that tor may be somewhat outdated
nowadays, basically operating on old assumptions, about how the net was
organised merely a decade ago. And not taking into account the reality
of today, where our little community may not be all too useful any
longer. Hard to hide some disappointment, as i used to be a developer
many years ago, and find that no one - apart from myself - refuses to
cooperate in the process of accumulating data, which provides the basis
for semi-automated analysis later, and help some authorities to excert
power and control over the population living on this planet.

As my son very correctly said (btw: on his mobile! ;-)) : "Today, life
begins, where there is neither computer nor electricity, but meeting
with friends."
...until the earth observing satelites will be able to discern
individuals. :-(

Can anyone get me out of this pessimistic viewpoint?

If not, i am seriously reconsidering the futile attempt to engage into
offering something to the net, that could lead to unveiling users
activities opposed to what tor seems to promise.

Sorry for thinking out loud, but seriously worried about my own
simple-mindedness.
The operator of "NewTorKidOnTheBlock"
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Middle Relay changed to Exit Relay Bandwidth Change

[tmbates12]

Recently I enable exits on my relay and traffic seemed to jump very high
compared to the almost stagnant bandwidth increase wen it was just running
as a guard middle relay. I was wondering if this was normal for the traffic
to jump this much.
 Here's the Atlas link for my relay:
https://atlas.torproject.org/#details/ABF5C38A93F2D7E77A226871AB0ADB052279B48F
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay uptime after restarting Tor service

[I]

Nothing you do actually gets you a tshirt.
The knowledge that you qualified for a tshirt is your only badge of honour.

> -Original Message-


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.

[Ivan Markin]

pa011:
> Several of those warnings here as well on Oct 06 - on exit as on non
> exit - at different times

Sure, type of relay doesn't matter here since a rendezvous client picks
random relay to act as Rendezvous Point. Somehow there are clients who
send more than one ESTABLISH_RENDEZVOUS cell to the same relay with the
same cookie.
Most likely it's behavior of some alternative/modified tor
implementation (since it started recently and at almost the same time?).
At least I can't find a way little-t-tor is able to do this.

--
Ivan Markin
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.

[pa011]

Am 07.10.2016 um 20:20 schrieb Green Dream:
> One of my guard relays has a few entries on Oct 06 also:
> 
>   Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in
> ESTABLISH_RENDEZVOUS.
>   Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in
> ESTABLISH_RENDEZVOUS.
>   Oct 06 10:17:30.000 [warn] Duplicate rendezvous cookie in
> ESTABLISH_RENDEZVOUS.
> 
> Times are in UTC. Logs on this machine go back to Oct 03 but those are
> the only occurrences. My other guard relay with nearly identical specs
> and CW doesn't have these entries.


Several of those warnings here as well on Oct 06 - on exit as on non exit - at 
different times
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.

[Green Dream]

One of my guard relays has a few entries on Oct 06 also:

  Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in
ESTABLISH_RENDEZVOUS.
  Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in
ESTABLISH_RENDEZVOUS.
  Oct 06 10:17:30.000 [warn] Duplicate rendezvous cookie in
ESTABLISH_RENDEZVOUS.

Times are in UTC. Logs on this machine go back to Oct 03 but those are
the only occurrences. My other guard relay with nearly identical specs
and CW doesn't have these entries.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.

[Ivan Markin]

Toralf Förster:
> nope, from "git blame" the appropriate line is part of git commit
> 339df5df and that commit is already part of tor-0.2.4.11-alpha :
> 
> commit 339df5df085e2115c01881cf628abe5ed3fbd456

I'm unable find change to this line in
339df5df085e2115c01881cf628abe5ed3fbd456.

AFAICT, this line was introduced long ago in 2004 by
a981c4099af25e8e38ca1fbe4870d09c54d0d20b (SVN commit) and never touched
since then.

I think we should dig deeper why does this happen (started to happen?).
Is it a bug in tor that produces such duplicate cookies or it's in some
independent/modified implementation.

--
Ivan Markin
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.

[Toralf Förster]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 10/06/2016 06:29 PM, Logforme wrote:
> Maybe they are new in 0.2.8.8?
nope, from "git blame" the appropriate line is part of git commit 339df5df and 
that commit is already part of tor-0.2.4.11-alpha :

commit 339df5df085e2115c01881cf628abe5ed3fbd456
Author: Nick Mathewson 
Date:   Sun Mar 10 08:32:58 2013 -0400

Fix 8447: use %u to format circid_t.

Now that circid_t is 4 bytes long, the default integer promotions will
leave it alone when sizeof(int) == 4, which will leave us formatting an
unsigned as an int.  That's technically undefined behavior.

Fixes bug 8447 on bfffc1f0fc7616a25c32da2eb759dade4651659e.  Bug not
in any released Tor.



- -- 
Toralf
PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iF4EAREIAAYFAlf3wQoACgkQxOrN3gB26U4o3AEAigGioHWzKg9sSbDYkRHMeieR
6k4LYT/cdFN7CueizmgA/iLp8uInP87xiRxdTsLjHXMxVNejRi+isC3r49U0XRZL
=r+19
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay uptime after restarting Tor service

[Random Tor Node Operator]

On 10/07/2016 12:55 PM, Zac wrote:
> that my uptime on Atlas is reset to zero when I need to restart
> the service, i.e. for updates or configuration changes.
> Is this expected behaviour

Yes




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay uptime after restarting Tor service

[albino]

That's normal. You should reload rather than restart tor for config changes 
though. 

And in case you're wondering, it doesn't affect your t shirt eligibility :-)

albino

On 7 October 2016 11:55:19 BST, Zac  wrote:
>Hi,
>
>I run this relay:
>https://atlas.torproject.org/#details/02928855BFAD787F8B363F21860D1E7D156E0655
>and noticed that my uptime on Atlas is reset to zero when I need to
>restart the service, i.e. for updates or configuration changes.
>Is this expected behaviour, or should the uptime in fact be unaffected
>by such short down-times?
>
>Thanks,
>
>
>--
>MrDetonia 
>
>
>
>___
>tor-relays mailing list
>tor-relays@lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Relay uptime after restarting Tor service

[Zac]

Hi,

I run this relay: 
https://atlas.torproject.org/#details/02928855BFAD787F8B363F21860D1E7D156E0655 
and noticed that my uptime on Atlas is reset to zero when I need to restart the 
service, i.e. for updates or configuration changes.
Is this expected behaviour, or should the uptime in fact be unaffected by such 
short down-times?

Thanks,


--
MrDetonia ___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] numtcpsock prevents relay from working properly.

[Nils Erik Flick]

Hi Moritz,

thanks for your reply. This is very helpful. I think I will raise the
issue with my provider and see how it goes.

Best,
Erik

Moritz Bartl:
> Hi Nils,
> 
> Yes, this is a known problem. It has been discussed a number of times
> before on this list, but it never made it into any FAQ.
> 
> On 10/07/2016 11:38 AM, Nils Erik Flick wrote:
>> Asking customer service would mean explicitly drawing attention to the
>> fact that I'm trying to use the cheap plan to run Tor nodes. That's
>> completely against my instincts. On the other hand they *did* offer a
>> free-form box in the registration form.
>>
>> Has anyone tried and if so, to any avail?
> 
> It is not unusual for ISPs to set a very conservative default, and then
> raise it when the customer asks. You don't necessarily have to mention
> Tor in your request.
> 
>> IMHO this kind of knowledge should be spread more "pro-actively", which
>> is why I'm posting this on a public list.
> 
> Always a good idea to remind people. Maybe this encourages someone to
> submit a patch for the website?
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] numtcpsock prevents relay from working properly.

[Moritz Bartl]

Hi Nils,

Yes, this is a known problem. It has been discussed a number of times
before on this list, but it never made it into any FAQ.

On 10/07/2016 11:38 AM, Nils Erik Flick wrote:
> Asking customer service would mean explicitly drawing attention to the
> fact that I'm trying to use the cheap plan to run Tor nodes. That's
> completely against my instincts. On the other hand they *did* offer a
> free-form box in the registration form.
> 
> Has anyone tried and if so, to any avail?

It is not unusual for ISPs to set a very conservative default, and then
raise it when the customer asks. You don't necessarily have to mention
Tor in your request.

> IMHO this kind of knowledge should be spread more "pro-actively", which
> is why I'm posting this on a public list.

Always a good idea to remind people. Maybe this encourages someone to
submit a patch for the website?

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] tor relay and syslog logging

[Dr. Who]

I'm trying to log locally (notice.log) and to a local syslog-ng server.

It doesn't seem to work. I get no messages at all to my local syslog 
server. When I try to log some testlines manually (even as the tor 
system user) it seems to work.


As I understood the configuration I can have multiple "Log " lines 
without problem, right?


A test like:
logger -p daemon.notice -t tortest Testing
generates the expected lines in /var/log/messages

What facility is used by tor when logging to syslog? I didn't find that 
information.


System is a standard current debian 8.6 with tor Tor 0.2.8.8 
(git-8d8a099454d994bd), the two Log-Lines are:


Log notice file /var/log/tor/notices.log
Log notice syslog

Any idea what might be missing?


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.

[Petrusko]

x2 too on a non-exit relay :
Oct 06 13:35:22.000 (UTC+2)

But nothing a 2nd relay process on the same machine...


06/10/2016 18:29, Logforme :
> I had 3 today on my non-exit relay. Can't remember seeing them before. Maybe 
> they are new in 0.2.8.8? > Times are UTC+2 > > Oct 06 09:14:03.000 [warn] 
> Duplicate rendezvous
cookie in ESTABLISH_RENDEZVOUS. > Oct 06 14:08:13.000 [warn] Duplicate
rendezvous cookie in ESTABLISH_RENDEZVOUS. > Oct 06 14:08:14.000 [warn]
Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.
-- 
Petrusko
PubKey EBE23AE5
C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays