[tor-relays] Why are my relays flagged?

2018-12-20 Thread Langrehr, Jan Christian 
Hello everyone,


I'm wondering why both of my Tor relays are flagged for running an unstable or 
outdated version or Tor. I'm running my relays on Ubuntu 18.04 and I get Tor 
from the

deb https://deb.torproject.org/torproject.org bionic main repository. Both of 
my relays run Tor version 0.3.4.8.

My relays are 
https://metrics.torproject.org/rs.html#details/9EDA50493B537837E72D83090BE4ED99A5341987
 and 
https://metrics.torproject.org/rs.html#details/8E57A56487EEA341965B77AE132E4856A0B69382


I'm looking forward for an anwser.

Thank you all very much


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Why are my relays flagged?

2018-12-20 Thread Matt Traudt 
Because 0.3.4.9 is out.

Sometimes the old version will stop being recommend before the new
version is available in various repositories, but that doesn't seem to
be the case here. I see 0349 for bionic on deb.tpo

apt update, apt upgrade, systemctl restart tor

Matt

On 12/20/18 6:21 AM, Langrehr, Jan Christian wrote:
> Hello everyone,
> 
> 
> I'm wondering why both of my Tor relays are flagged for running an
> unstable or outdated version or Tor. I'm running my relays on Ubuntu
> 18.04 and I get Tor from the
> 
> deb https://deb.torproject.org/torproject.org bionic main repository.
> Both of my relays run Tor version0.3.4.8.
> 
> My relays are
> https://metrics.torproject.org/rs.html#details/9EDA50493B537837E72D83090BE4ED99A5341987
> and
> https://metrics.torproject.org/rs.html#details/8E57A56487EEA341965B77AE132E4856A0B69382
> 
> 
> I'm looking forward for an anwser.
> 
> Thank you all very much
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Why are my relays flagged?

2018-12-20 Thread Guinness 
Le Thu, Dec 20, 2018 at 06:26:52AM -0500, Matt Traudt écrivait :
> Because 0.3.4.9 is out.
> 
> Sometimes the old version will stop being recommend before the new
> version is available in various repositories, but that doesn't seem to
> be the case here. I see 0349 for bionic on deb.tpo
> 
> apt update, apt upgrade, systemctl restart tor
> 
> Matt
> 
> On 12/20/18 6:21 AM, Langrehr, Jan Christian wrote:
> > Hello everyone,
> > 
> > 
> > I'm wondering why both of my Tor relays are flagged for running an
> > unstable or outdated version or Tor. I'm running my relays on Ubuntu
> > 18.04 and I get Tor from the
> > 
> > deb https://deb.torproject.org/torproject.org bionic main repository.
> > Both of my relays run Tor version0.3.4.8.
> > 
> > My relays are
> > https://metrics.torproject.org/rs.html#details/9EDA50493B537837E72D83090BE4ED99A5341987
> > and
> > https://metrics.torproject.org/rs.html#details/8E57A56487EEA341965B77AE132E4856A0B69382
> > 
> > 
> > I'm looking forward for an anwser.
> > 
> > Thank you all very much

Hi,

For relays, I stronlgy recommend using unattended-upgrades, as described
in this guide :
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/DebianUbuntuUpdates
This way, your relay will be up to date, and with a simple email config,
you can easily receive some updates everytime an upgrade has been
processed!

Cheers,
-- 
Guinness


signature.asc
Description: PGP signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] How to use a bridge configured with "ORport auto" within Tails?

2018-12-20 Thread Toralf Förster 
The Tails installer asked me for the bridge line (a bridge maintained by 
myself), but didn't accepted the ":auto" behind the ip address.

I do wonder how to proceed?

-- 
Toralf
PGP C4EACDDE 0076E94E




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] How to use a bridge configured with "ORport auto" within Tails?

2018-12-20 Thread Matt Traudt 
On 12/20/18 08:56, Toralf Förster wrote:
> The Tails installer asked me for the bridge line (a bridge maintained by 
> myself), but didn't accepted the ":auto" behind the ip address.
> 
> I do wonder how to proceed?
> 

"ORPort auto" means let Tor pick. It picks at random (technically, I
think it lets the kernel pick and the kernel picks at random, but the
outcome is the same).

So you need to check Tor's logs on the bridge to see what it picked.
Asking Tor over its ControlPort is another option, albeit more advanced.
Look in the logs.

Matt
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] How to use a bridge configured with "ORport auto" within Tails?

2018-12-20 Thread Toralf Förster 
On 12/20/18 3:13 PM, Matt Traudt wrote:
> "ORPort auto" means let Tor pick. It picks at random (technically, I
> think it lets the kernel pick and the kernel picks at random, but the
> outcome is the same).

Understood.
But b/c this:

sed -e "s/^ORPort.*/ORPort $((RANDOM))/g" /etc/tor/torrc

is IMO more easier I do wonder about the use case for ":auto"?

-- 
Toralf
PGP C4EACDDE 0076E94E




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] How to use a bridge configured with "ORport auto" within Tails?

2018-12-20 Thread Matt Traudt 
On 12/20/18 09:25, Toralf Förster wrote:
> On 12/20/18 3:13 PM, Matt Traudt wrote:
>> "ORPort auto" means let Tor pick. It picks at random (technically, I
>> think it lets the kernel pick and the kernel picks at random, but the
>> outcome is the same).
> 
> Understood.
> But b/c this:
> 
>   sed -e "s/^ORPort.*/ORPort $((RANDOM))/g" /etc/tor/torrc
> 
> is IMO more easier I do wonder about the use case for ":auto"?
> 

When you're controlling Tor with something like stem and you need **a**
port, not a **specific** port. Especially if you want to be guaranteed
that you will get a port (what if something is listening on $RANDOM
already?).

For example, Simple Bandwidth Scanner launches Tor for itself and tells
it 'SocksPort auto'. It's conceivable someone wants to control a relay
with a script in a similar manner.

Matt
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Advice for new exit relay

2018-12-20 Thread Nathaniel Suchy 
I'll add most providers willing to do custom WHOIS records are generally much 
more expensive. Is custom WHOIS an absolute requirement? Many providers are 
willing to work with you.

Cordially,
Nathaniel Suchy



Dec 20, 2018, 2:04 AM by dns1...@riseup.net:

> Ook, thank you everybody for this advices. I asked to some providers. As soon 
> as I know if some provider is willing to help to run an exit relay server and 
> to customize WHOIS records, I let you know.
>
> regards
>
> Gigi
>
> Il 20/12/18 03:59, Nathaniel Suchy ha scritto:
>
>> Hi Gigi,
>>
>> Your ISP will need to update WHOIS Records for you as they own the IP 
>> Addresses. They, and only they, have that power. Get in touch with them and 
>> discuss your use case (in this case a Tor exit). Many providers are willing 
>> to work with you.
>>
>> As for recommendations, Scaleway, while not letting you have custom WHOIS, 
>> provides unlimited bandwidth, is cheap, and has okay abuse report handling 
>> (use the reduced exit policy, or the paranoid only allow ports TCP 53, 80, 
>> and 443 Policy and as long as you respond within 48 hours they generally 
>> leave you alone). I've had good experiences with them in the past :)
>>
>> Cordially,
>> Nathaniel Suchy
>>
>>
>>
>> Dec 19, 2018, 2:40 AM by >> dns1...@riseup.net >> 
>> :
>>
>>> Hi,
>>>
>>> excuse my bad english.
>>>
>>> I would run an exit relay on a virtual server. For now i run just a non 
>>> exit relay on my own mini server. I don't like too much do not have full 
>>> control on the server, but, for me, it is the only way to run an exit relay.
>>>
>>> How do I know which service allow me to customize WHOIS records, so I can 
>>> put my email address on report abuse section?
>>>
>>> Could you suggest me some providers that offer unlimited monthly data too?
>>>
>>> Regards
>>> Gigi
>>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org 
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
>> 
>>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> 
>

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Advice for new exit relay

2018-12-20 Thread dns1983 
Hi,

It's not an absolute requirement for me, I just want easily manage abuse 
reports. 

Today I asked to contabo team support and they said me that they don't allow 
exit relay. In the tor wiki page is written that they allow exit relay.

I asked to keyweb too, they said that let me know as soon as possible if it is 
possible.

Anyway thank you, any information is useful to me.

Regards 
Gigi


Il 20 dicembre 2018 18:06:24 CET, Nathaniel Suchy  ha scritto:
>I'll add most providers willing to do custom WHOIS records are
>generally much more expensive. Is custom WHOIS an absolute requirement?
>Many providers are willing to work with you.
>
>Cordially,
>Nathaniel Suchy
>
>
>
>Dec 20, 2018, 2:04 AM by dns1...@riseup.net:
>
>> Ook, thank you everybody for this advices. I asked to some providers.
>As soon as I know if some provider is willing to help to run an exit
>relay server and to customize WHOIS records, I let you know.
>>
>> regards
>>
>> Gigi
>>
>> Il 20/12/18 03:59, Nathaniel Suchy ha scritto:
>>
>>> Hi Gigi,
>>>
>>> Your ISP will need to update WHOIS Records for you as they own the
>IP Addresses. They, and only they, have that power. Get in touch with
>them and discuss your use case (in this case a Tor exit). Many
>providers are willing to work with you.
>>>
>>> As for recommendations, Scaleway, while not letting you have custom
>WHOIS, provides unlimited bandwidth, is cheap, and has okay abuse
>report handling (use the reduced exit policy, or the paranoid only
>allow ports TCP 53, 80, and 443 Policy and as long as you respond
>within 48 hours they generally leave you alone). I've had good
>experiences with them in the past :)
>>>
>>> Cordially,
>>> Nathaniel Suchy
>>>
>>>
>>>
>>> Dec 19, 2018, 2:40 AM by >> dns1...@riseup.net
>>> :
>>>
 Hi,

 excuse my bad english.

 I would run an exit relay on a virtual server. For now i run just a
>non exit relay on my own mini server. I don't like too much do not have
>full control on the server, but, for me, it is the only way to run an
>exit relay.

 How do I know which service allow me to customize WHOIS records, so
>I can put my email address on report abuse section?

 Could you suggest me some providers that offer unlimited monthly
>data too?

 Regards
 Gigi

>>> ___
>>> tor-relays mailing list
>>> tor-relays@lists.torproject.org
>
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>>
>
>___
>tor-relays mailing list
>tor-relays@lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] consensus-health.html and fallback dirs

2018-12-20 Thread teor 

> On 16 Dec 2018, at 17:01, starlight.201...@binnacle.cx wrote:
> 
> The cause is
> 
> https://gitweb.torproject.org/tor.git/commit/?id=78e177d622f5f3b24023d04458f5948275a44766
> 
> https://trac.torproject.org/projects/tor/ticket/24803
> 
> Would be appreciated if the Tor project published outputs
> of UpdateFallbackDirs.py job runs used when rebuilding
> the list.  Thus operators who have expended effort to keep
> their relays eligible will know why when dropped.

We usually attach the logs to the relevant ticket.

This time, I saved the logs, but accidentally overwrote them.
And I didn't ask Colin to attach his logs.

We'll try to do better next time: I've added a note on the ticket
for 2019.

> On 17 Dec 2018, at 10:45, starlight.201...@binnacle.cx wrote:
> 
> Ran the script: output is attached to this message for anyone
> interested.  Live-network test results will vary by time and by
> the location of tester.  Attached run was made over Tor
> itself using 'torsocks'.

Thanks!

> I was bit by having disabled the unencrypted DIR port for
> one day recently as an experiment.

We rely on onionoo's last changed field:
https://metrics.torproject.org/onionoo.html#details_relay_last_changed_address_or_port

Changing or removing a published address or port resets the
last changed date. Adding an IPv6 address does not reset the
last changed date.

I realise that it's disappointing for relay operators to lose a flag.
But we're not too worried if a fallback drops out of the list for a
release or two: changing the fallback list regularly makes it
harder to block. And that's good for users.

T___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays