[tor-relays] Multiple relay instances, debian + systemd
Dear all, I run an exit node on debian strech, fingerprint 13E75F70220903A68BAF1F80B3DA9AB913961841 I would like to use more bandwidth, but I'm unsure how to do that with systemd. So, Lets say I want two exit nodes, each at 20MB/s. As per https://www.torservers.net/wiki/setup/server#high_bandwidth_tweaks_100_mbps, I am supposed to use tor-instance-create tor{1,2} [1] systemctl enable tor@tor1 etc. but what goes in the individual tor@tor1 torrc in /etc/tor/instances/tor1/torrc and what goes in the main instance in /etc/tor/torrc? Looking at the status for the new instance systemctl status tor@tor1 Process: 22722 ExecStartPre=/usr/bin/tor --defaults-torrc /var/run/tor-instances/tor1.defaults -f /etc/tor/instances/tor1/torrc --verify-config it seems the main torrc is not read, so maybe this is just an fancy way of doing the "old" /usr/sbin/tor -f /usr/local/etc/torrc1 /usr/sbin/tor -f /usr/local/etc/torrc2 ... with separate configurationfiles and datadir? I have a few extra ipv4 addresses. Should I allow each instance it's own IP or is sharing fine with one having (80,443) and the other (9091,9030) as (QR,DIR)port? I am aware that one IP can only be shared between two instances. Another question: Should I set the NumCPUs option to 2 or just leave it at 0(default)? https://www.torproject.org/docs/tor-manual.html.en#NumCPUs The processor is a bit old: Model name:Intel(R) Core(TM)2 Quad CPUQ6600 @ 2.40GHz pidstat 5 -p `pidof tor` Linux 4.9.0-3-amd64 (tiger) 2017-07-01 _x86_64_ (4 CPU) 23:38:33 UID PID%usr %system %guest%CPU CPU Command 23:38:38 127 10706 38,60 16,800,00 55,40 2 tor 23:38:43 127 10706 37,20 14,200,00 51,40 3 tor 23:38:48 127 10706 33,20 12,200,00 45,40 3 tor 23:38:53 127 10706 41,00 11,800,00 52,80 3 tor 23:38:58 127 10706 46,40 14,800,00 61,20 2 tor And finally: Do you change the number of maximum file descriptors? As of now, cat /proc/sys/fs/file-nr 9248 0 163085 where ls -l /proc/`echo $(pidof tor)`/fd | wc -l 5866 Best, Paw [1] http://manpages.ubuntu.com/manpages/zesty/man8/tor-instance-create.8.html ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Remove IP from list of known Tor exit nodes
> Your IP leaves the official list of current Exits automatically when it > ceases to be an Exit. > In the previous msg I just repeated the exit-addresses URL. I actually > meant to ask: for how long has the Exit been offline? The oldest by > LastStatus are now from 2017-03-01 ~15:00. You are right. The "wrong" exit node is not figuring on https://check.torproject.org/exit-addresses anymore. But it still visible from https://atlas.torproject.org/. Downtime 4 days 5 hours 21 minutes and 6 seconds Running false How long will it keep figuring on atlas? > So it wouldn't surprise me if Cloudflare won't unlist your IP on request You are right. I have written some mails to supp...@cloudflare.com. According to https://support.cloudflare.com/hc/en-us/articles/203306930-Does-Cloudflare-block-tor Cloudflare updates its list of Tor exit node IP addresses every 15 minutes. But the reply I got from their support was: > it's not listed on honeypot it is not based on any maliscous activity > but rather was a special list of TOR endpoints curated by the request > of our customers to control access to their sites. As such your > endpoint won't be removed from that as it is a TOR endpoint this is > completely independent of the reputation. They have not registered any malicious activity from the IP and it is not figuring on https://check.torproject.org/exit-addresses, but still they won't remove it from their list. > So maybe you'll have to route your home traffic through some VPN now to > get around the Great Cloudwall. I have a few extra IPs, so for now I am routing outbound http-traffic through one of them. But it is still a shame that such big companies can do as they like, without any means to correct mistakes. Thank you for your reply. Best, Paw fnordomat <fnordo...@posteo.net> writes: > Hi again, > > Paw: >> Dear all, >> >> By mistake I routed exit traffic from my Tor exit node through an IP >> that is used for NAT'ing where I live, for a short time. So now the NAT >> ip is found on https://check.torproject.org/exit-addresses which is a >> bit unfortunate, since cloudFlare now does CAPCHA check on my NAT traffic. > > In the previous msg I just repeated the exit-addresses URL. I actually > meant to ask: for how long has the Exit been offline? The oldest by > LastStatus are now from 2017-03-01 ~15:00. > >> >> Is there a way to remove my NAT ip from the list of Tor exit nodes? The >> NAT address does not see any Tor traffic anymore. >> >> Best regards, >> Paw >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Remove IP from list of known Tor exit nodes
Dear all, By mistake I routed exit traffic from my Tor exit node through an IP that is used for NAT'ing where I live, for a short time. So now the NAT ip is found on https://check.torproject.org/exit-addresses which is a bit unfortunate, since cloudFlare now does CAPCHA check on my NAT traffic. Is there a way to remove my NAT ip from the list of Tor exit nodes? The NAT address does not see any Tor traffic anymore. Best regards, Paw ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays