Re: [tor-relays] Relay question
On Fri, Dec 08, 2023 at 03:19:49AM +, Mulloch94 via tor-relays wrote: > Greetings, I was directed to this relay subscription by the owner. I've > recently started my own relay and everything has went smooth for the first > few days. Then the relay mysteriously went offline for a period of 8-9 hours. What do you mean by offline? The computer was offline? Or, the relay process was not running? Or, the relay process was still running but it was no longer reachable from the outside? Or something else? I think there aren't enough hints so far for us to guess what happened, i.e. there is still some mystery. > Happened while I was sleeping I think, but any rate it came back on after I > restarted the tor daemon and rebooted the server. I'm starting to think my > firewall configurations might have been the culprit, even though I ran a very > rudimentary setup. Basically just: > -A INPUT -p tcp --dport -j ACCEPT > -A INPUT -p tcp --dport 9050 -j ACCEPT > -A INPUT -p tcp --dport 443 -j ACCEPT > -A INPUT -p tcp --dport 80 -j ACCEPT > -A INPUT -j DROP > > Default ACCEPT on OUTPUT I am no iptables expert, but (a) this sounds like it should work, and (b) you probably don't want that 9050 line in there, since your Tor relay's socksport is intended to be only listening on localhost. (Opening up the firewall for 9050 shouldn't hurt any though, so long as Tor still only listens on localhost.) > My ORPort is on 443, so I don't see how this could be interfering. I noticed > my server reboot got rid of all my rules, so I'm thinking that could've been > the issue. If so, what other ports should I add? Do I even need a firewall > for the relay? I don't do anything else with that server, so If it doesn't > need a firewall to stay secure I won't use one. Opinions differ on the importance of firewalls, but technically no, you would be fine without any sort of rules like these, so long as you keep track of what applications are running on the system and make sure things aren't listening on the outside that you didn't intend. If you aren't a confident and experienced sysadmin though, the firewall rules are probably helpful because they simplify the question of how much surface area might be exposed to the world. > One more thing, I had a flag on my relay that said I needed to "update the > descriptor." It went away after rebooting my server as well, could that been > the issue? That sounds normal-ish, and it implies that your relay stopped running somehow, before that reboot. Next step would be to check the Tor logs, check the system logs, otherwise try to better understand what is going on on your computer. --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] EFF's university Tor relay campaign
On Thu, Aug 10, 2023 at 03:19:06AM -0400, Roger Dingledine wrote: > EFF has launched their advocacy campaign for getting more Tor relays > running at universities: > > https://toruniversity.eff.org/ Cooper has posted an update on how the campaign is going: https://www.eff.org/deeplinks/2023/11/tor-university-challenge-first-semester-report-card Highlights include: * we have made contact with more already-existing relays at universities, * we now have some new relays running at universities, * and we have made better contact with European NRENs (the national-level university internet connectivity organizations), particularly the ones in Switzerland, the Netherlands, and Greece. > So: if you are at a university, or you know somebody who is and want to > help them, please consider setting up relays there. It can be anything > from an exit relay (the most useful to Tor users, but the most work in > terms of local advocacy and relationship-building), to a non-exit relay > (still very useful to Tor users, because we need more network diversity), > to a non-NATed Snowflake bridge (currently used most by people in Iran > to get around their censorship and reach the Tor network). This part is still true! No time like the present to get involved. :) --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Relay question
Greetings, I was directed to this relay subscription by the owner. I've recently started my own relay and everything has went smooth for the first few days. Then the relay mysteriously went offline for a period of 8-9 hours. Happened while I was sleeping I think, but any rate it came back on after I restarted the tor daemon and rebooted the server. I'm starting to think my firewall configurations might have been the culprit, even though I ran a very rudimentary setup. Basically just: -A INPUT -p tcp --dport -j ACCEPT -A INPUT -p tcp --dport 9050 -j ACCEPT -A INPUT -p tcp --dport 443 -j ACCEPT -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -j DROP Default ACCEPT on OUTPUT My ORPort is on 443, so I don't see how this could be interfering. I noticed my server reboot got rid of all my rules, so I'm thinking that could've been the issue. If so, what other ports should I add? Do I even need a firewall for the relay? I don't do anything else with that server, so If it doesn't need a firewall to stay secure I won't use one. One more thing, I had a flag on my relay that said I needed to "update the descriptor." It went away after rebooting my server as well, could that been the issue? Sent with [Proton Mail](https://proton.me/) secure email.___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
