-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Robert,
I:
Have you evaluated the Riotboard(.org) for your idea of plug in
Tor relay? It looks like it uses about the same amount of energy as
the Cubieboard but for a little more money would be a lot more
capable.
I haven't, but it's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi, Chris!
Chris Whittleston:
Thanks for this Gordon M - just thought I'd add that if it's useful
for anyone, I threw a Pi Tor (middle) relay setup guide together a
while ago - you can see it here:
of Cipollini - the boxes will never mess with
people's Netflix, and thus they'll leave them plugged in.
https://github.com/gordon-morehouse/peergoggles
Best,
- -Gordon M.
- --
http://gordon.morehouse.me/
PGP key: https://twitter.com/gmorehou/status/433481548030300161
Fingerprint: A3D2 D096 C3A7 6960
testing or convenience, be paranoid
and build from source following the procedure alluded to in the
project README.
Check the Cipollini Project README[2] for more information about the
(very nascent) project.
Best,
- -Gordon M.
1.
https://github.com/gordon-morehouse/cipollini/tree/master
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hey folks,
I've been off the list for quite a long time due to personal reasons,
and I'm aware I have a couple irons still in the fire WRT RasPi and
the SYN flood stuff - I'll get to it.
Today, though, I came across this article:
?
Are you really arguing something like 1000 cycles on a modern
processor (so, what, a microsecond, tops) vs 5 minutes of human effort?
Is this maybe an example of why crypto software UX is almost
universally god-awful?
Best,
- -Gordon M.
On Tuesday, November 26, 2013 3:53:25 PM, Gordon Morehouse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roger Dingledine:
On Sat, Nov 23, 2013 at 02:29:04PM -0800, Gordon Morehouse wrote:
Lunar:
Gordon Morehouse:
Why not just accept KB/sec, KiB/sec, GB/mo, GiB/mo in the
config file?
That would be #9214 [1], implemented by CharlieB, shipped
need to adjust
accordingly (and then, I hope, contribute back!)
https://github.com/gordon-morehouse/cipollini/tree/master/contrib/90_slowboards/tcp_syn_limit
(Ignore the fail2ban stuff for now, I found a more efficient way to
handle the problem with the help of a list reader.)
Nov 16 22:39:52.000
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Lunar:
Gordon Morehouse:
Why not just accept KB/sec, KiB/sec, GB/mo, GiB/mo in the config
file?
That would be #9214 [1], implemented by CharlieB, shipped since
tor 0.2.5.1-alpha.
[1] https://bugs.torproject.org/9214
Good, this is the most
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
krishna e bera:
On 13-11-18 07:28 PM, grarpamp wrote:
A proper IEC gibibyte = GiB = 2^30 = 1024^3 = 1073741824 for data
storage, ram (binary bit handling) A proper SI gigabyte = GB =
1E9 = 1000^3 = 10 for data transmission (packet
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roman Mamedov:
On Fri, 15 Nov 2013 10:40:16 +0100 jj tor jjproye...@gmail.com
wrote:
Hi, list readers,
Someone has experience with russian tor relays?
Do you know of any legal problem for an exit relay ?
Hello,
A significant number
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Eric van der Vlist:
Hi list,
I am a (happy) Gandi customer and I'd like to support the Tor
project by setting up an exit node on one of their VPS
(https://www.gandi.net/hosting/iaas).
I left GANDI with my relay node because of their new
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
gq:
Access to tails does not depend on any specific transfer protocol
such as torrents correct?
Could it not be made available on a hidden service, a website. an
email or ftp server within tor?
An http hidden service with the .onion link in
On Tue, 5 Nov 2013 20:10:09 +0100, jj tor jjproye...@gmail.com wrote:
Hello again,
indeed, the port 9050 is closed, but not filtered. I've set up a drop rule
in the VPS firewall( Parallels Plesk Panel) on this port, but it's not
working fine.
I am amazed by all the amount of this kind
On Tue, 05 Nov 2013 12:04:56 -0800, Zack Becker zbe...@gmail.com wrote:
I would recomend against google hangouts(even though its more widely
used) because google isn't private
I'll say! Quite rather the opposite of private in all senses!
Recovering Google services addict,
Gordon M.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Lukas Erlacher:
your refusal to pay for content people create.
That's a silly smear.
If an endless tsunami of torrent traffic makes it so Tor users can't
buy music off bandcamp - a site where the artist gets the lion's
share, and where some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Lukas Erlacher:
Let me chime in here in regards to torrents to be perhaps not the
devil's, but the radical's advocate.
A lot of the people wishing to handle bittorrent are aware of these
arguments and may not wish to block it so much as throttle
On Mon, 4 Nov 2013 14:38:40 -0500, Paul Syverson paul.syver...@nrl.navy.mil
wrote:
On Mon, Nov 04, 2013 at 08:18:29AM -0800, Gordon Morehouse wrote:
[snip]
That's just plain silly.
Not as silly as you think, but the outright blocking vs finding ways
to throttle is more
On Sat, 02 Nov 2013 21:58:57 +, Paritesh Boyeyoko parity@gmail.com
wrote:
On Friday 01 Nov 2013 14:39:28 Gordon Morehouse wrote:
Completely aside from the ethical and censorship-related buzzsaw you're
about to run into for posting this (perennial) question, I believe some
actual
working currently on automatic bandwidth tuning and congestion avoidance.
1. https://github.com/gordon-morehouse/cipollini
Best,
- -Gordon M.
-BEGIN PGP SIGNATURE-
iQEcBAEBCgAGBQJSdnQyAAoJED/jpRoe7/ujKLAH/1Y8zvahIDDrbTqPzRN0HsOP
C+TIuqpbR9VDjPhLHgcywbiEBEr6gTLbezh+EnCZeky0bO3WZ1ZHlTZ0Szow3X4P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Paritesh Boyeyoko:
On Friday 01 Nov 2013 14:39:28 Gordon Morehouse wrote:
Completely aside from the ethical and censorship-related buzzsaw
you're about to run into for posting this (perennial) question, I
believe some actual developers on Tor
-
there is a real problem someplace, but it seems to be mostly a Problem
with a capital P for low-end hardware with 512MB physical RAM, since
those are the relays likely to actually crash as a result of the floods.
Best,
- -Gordon M.
Dan
On 11/01/2013 05:30 PM, Gordon Morehouse wrote:
huh, well
of Cipollini:
https://github.com/gordon-morehouse/cipollini/tree/master/contrib/90_slowboards
I wouldn't bother with fail2ban right now, I've turned it off pending
some other experiments with total connection limits on the Pi. I have
an open story to investigate making it work, right now it's just
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Paul Garrett Hugel:
Please steer me to the correct list if off topic here
Remote machine is Ubuntu obfsproxy bridge on amazon ec2 using ARM
My local machine running 10.9 Mavericks with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Paritesh Boyeyoko:
On Friday 01 Nov 2013 20:02:29 Gordon Morehouse wrote:
What if someone inside a totalitarian state is attempting to
upload evidence of a massacre to a service which runs on port
80?
Yeah, I did think of this but I
On Fri, 01 Nov 2013 17:48:44 +, Paritesh Boyeyoko parity@gmail.com
wrote:
On Friday 01 Nov 2013 05:37:14 I wrote:
The advice on how to manage exit problems seems to
be very sound and Tor is defensible because it is being abused by
torrenting also.
...and this is something
On Fri, 01 Nov 2013 11:22:19 -0700, Nelson nel...@net2wireless.net wrote:
Please excuse my ignorance operating Tor relays, but if I run an exit
node on Windows 7 and use something like Peerblock and correspoding
block lists of P2P sites, wouldn't this be somewhat effective in
stopping this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Paritesh Boyeyoko:
On Friday 01 Nov 2013 19:36:11 krishna e bera wrote:
On the other hand, i had a reduced exit policy and still got
DMCA complaints just for the .torrent file being downloaded via
HTTP through my exit.
Let me run a couple
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I've just seen the most amazing headshot of my Tor relay by a sudden
massive SYN flood yet. I was online and started noticing problems with
DNS on my local router. I checked my so-called monitoring setup, a
window with a permanent ping to my router,
[notice] Circuit handshake stats since last time:
61533/218956 TAP, 30/30 NTor.
Wow.
Best,
- -Gordon M.
Gordon Morehouse:
I've just seen the most amazing headshot of my Tor relay by a
sudden massive SYN flood yet. I was online and started noticing
problems with DNS on my local router. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roger Dingledine:
On Thu, Oct 31, 2013 at 06:12:47PM -0700, Andy Isaacson wrote:
That's correct, it takes a deliberate action on the part of the
administrator to become a relay; and another deliberate action to
become an exit relay.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
David Serrano:
On 2013-10-27 16:35:43 (-0700), Gordon Morehouse wrote:
And, after the boot, I've simulated an aggressive host from
another machine using hping, and here's the output of 'iptables
-L' after fail2ban banned the host (LAN IP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Das, Anupam:
So we have received some questions about running our traceroute
measurements. Let me answer some of the questions:
Here are two more:
1. Is the traffic to go *through* tor, or just clearnet off the
machine running the relay?
2. Is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
krishna e bera:
On 13-10-20 12:42 PM, Gordon Morehouse wrote:
First, during a SYN flood type overload, some peers which have
*existing* circuits built through the relay and are sending SYNs
as normal traffic, will stochastically get caught
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
David Serrano:
On 2013-10-27 15:00:10 (-0700), Gordon Morehouse wrote:
Here's my 'iptables -L' output, on pastebin because it's a mess
when formatted for email: http://pastebin.com/f1VZNeTF
That's not a fresh boot, though, I did
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Roger, I was hoping you'd get to this eventually. :)
Roger Dingledine:
On Sun, Oct 20, 2013 at 09:42:01AM -0700, Gordon Morehouse wrote:
With the slower computers, sometimes too many attempts to connect
to the ORPort (I am almost positive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Das, Anupam:
Hi Gordon, Thanks for the questions. We have put up a small
description of the project and FAQs (including your posted
questions) at the following link-
http://web.engr.illinois.edu/~das17/tor-traceroute_v1.html
Hope you find
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Gordon Morehouse:
Gordon Morehouse:
I'm still waiting for another storm to test the 60 sec findtime
/ 90 sec bantime guesses that I made (and just pushed to my
repo, BTW). Every time my relay crashes due to a storm, it takes
me that much longer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Gordon Morehouse:
I'm still waiting for another storm to test the 60 sec findtime /
90 sec bantime guesses that I made (and just pushed to my repo,
BTW). Every time my relay crashes due to a storm, it takes me that
much longer to get Stable back
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I:
To see if it was possible just now I set up an obfsproxy bridge as
best I could but it failed to download properly.
Can you be more specific about what this means? What exactly happened?
The instructions say set up Tor then the obfsproxy
-tested (on my relay) than the iptables SYN throttling.
Incidentally, I host binary .debs compiled *for Raspbian* at [1] as
well, if you trust random internet dudes and don't want to compile it
yourself. A deterministic build is a (very long-term) goal.
1. https://github.com/gordon-morehouse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dan Staples:
Thanks Gordon, I've been following your posts about the
circuit-creation storms with interest. I recently upgraded my Pi
to Tor v0.2.4, and haven't witnessed a storm yet (they are
relatively rare for me). But I am certainly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jesse Victors:
On 10/18/2013 11:46 PM, David Carlson wrote:
On October 8 something caused my non-exit relay speed to drop
from around 50 KB to less than 10 KB according to Atlas
graphs. I have checked with my ISP and run speed tests that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dan Staples:
On 10/20/2013 12:42 PM, Gordon Morehouse wrote:
If a tor relay has a circuit built through a peer, and the peer
starts dropping 100% of packets, how long will it take before
the relay with the circuit gives up on the circuit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Eduard:
I rented a VPS with 256mb ram and unmetered bandwidth. Ubuntu
12.04. Can someone please tell me how to configure it as a non-exit
relay for Tor? Acess via PuTTy.
256MB RAM and unmetered bandwidth is going to get you into trouble
very
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Chris Whittleston:
Do you think it might help to restart tor every 24 hours or so
using cron Dan - or would that adversely affect the network too
much/not actually help?
Generally restarting a Tor relay is something you want to do as little
as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Moritz Bartl:
On 2013-10-20 10:55, Gordon Morehouse wrote:
I suspect another user's assessment that Tor middle-node
bandwidth is now abundant, and thus nodes below a certain
consensus fraction are left out in the cold, may be correct.
Just my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Moritz Bartl:
On 2013-10-20 11:19, Gordon Morehouse wrote:
That's nearly everybody on broadband in the US. There are a
lot of us that would rather run relays. 3, 5, 7Mbps is still
reasonably respectable IMO
A relevant ticket is
https
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I:
Gordon,
It seems useful to run obfsproxy bridges on $1 a month VPSs then.
Can weather.torproject.org be used to monitor whether they're
running or not?
That's a very good question - I hadn't tried monitoring my bridges
with it because I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
grarpamp:
Anyone also offering up vpngate, i2p, mail mixes, other
p2p/networks, etc to the public on their relay platform?
The Raspberry Pi is probably too limited for I2P or Freenet, but I am
investigating running these applications on the
the RAM and 2 more
powerful cores with ARMv7 instead of ARMv6.
It's also almost double the price (for considerably more than double the
computer), but I don't expect that to last long.
Best,
-Gordon M.
On Tue, 01 Oct 2013 19:02:37 -0700, Gordon Morehouse gor...@morehouse.me
wrote:
-BEGIN
here:
1. https://github.com/gordon-morehouse/cipollini
However, I don't have obfsproxy packages - I'll need to evaluate how
it's packaged and replicate the latest ones for Raspbian.
There may be further instructions, if you want to avoid the 'setup.py
install' method mentioned by tor_bridge
I have a question which relates to my ongoing groundwork to build a Raspberry
Pi (and hopefully Beagle and Cubie) friendly set of Debian packaged programs
which can turn one of these small, low-power machines into a plug n' forget Tor
relay.
What is the start of the art in NAT hole punching if
On Wed, 18 Sep 2013 18:28:18 -0700, Andy Isaacson a...@hexapodia.org wrote:
On Wed, Sep 18, 2013 at 05:43:13PM -0700, Gordon Morehouse wrote:
Thanks, Roger. I'm still not sure what finally caused the OOM-killer
crash this morning after almost a couple weeks (?) of uptime. I was
also
On Thu, 19 Sep 2013 07:45:17 +0200, Konrad Neitzel kon...@neitzel.de wrote:
Hi all!
On Wed, 2013-09-18 at 19:29 -0400, t...@t-3.net wrote:
Also. It makes me wonder things when, for example, you say Think
bigger while pointing to a couple of potential dollars in someone's
pocket.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hey folks,
Here are my reports. First the good news: it's WAY more stable. Then
the bad news: it still gets OOM-killed once in a while, possibly
preventably.
THE GOOD (notes from September 14):
Here's my Pi relay since compilation of
for icmp_seq 847994
Best,
- -Gordon M.
Gordon Morehouse:
- --
Sent from my thing that sends email.
-BEGIN PGP SIGNATURE-
iQEcBAEBCgAGBQJSOba6AAoJED/jpRoe7/ujcsoH/ioHo/cDvMWI2hkeNrI72dHt
DI+NZBLo0XYSEKPy/IQNmnz1Ap3g/mBO686Ewr21hAiGNRPoZD4ALJovthWI0uC7
rc9ziET7c5P7HAso3y4J
files were left for the Raspbian 'ntp'
package, which I purged, and ensured that only 'ntpdate' (for setting
the clock at startup, run in /etc/rc.local) and 'openntpd' are installed.
Best,
- -Gordon M.
Gordon Morehouse:
Addendum: restarting tor instantly puts my router into a tailspin
On Wed, 18 Sep 2013 16:43:25 -0400, Roger Dingledine a...@mit.edu wrote:
On Wed, Sep 18, 2013 at 06:50:46AM -0700, Gordon Morehouse wrote:
The replay has settled into a fairly steady state (after losing its
flags except Named) of sending 5-10KB more per sec than it gets. I
have a feeling
While I believe you have a good point
On Wed, 18 Sep 2013 19:29:26 -0400, t...@t-3.net wrote:
Think bigger, say what?
Certain of the world's biggest and most well-funded intelligence
agencies hate personal privacy on the internet so much that they've
been going to extreme efforts
On Wed, 18 Sep 2013 08:10:25 -0400, t...@t-3.net wrote:
The OP I saw said:
The Wau Holland Foundation can currently only
reimburse via wire transfer.
This seems to be end-of-story in terms of who, in the end, is
ultimately getting liability/risk, and points to practically no chance
On Wed, 18 Sep 2013 13:16:48 -0400, josh j...@allensw.com wrote:
You may be able to increase the ip_conntrack_max on your router. I had
I can, and have, but eventually its 16MB of RAM becomes a problem. ;)
The bigger deal, though, is I'm attempting to cobble together a set of scripts
and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roger Dingledine:
Hi folks,
I just released 0.2.4.17-rc. Hopefully there will be debs of it
soon.
[snip]
Please consider upgrading. If you do, though, please also keep an
eye on it -- it's possible we introduced some new bugs and the
network
://github.com/gordon-morehouse/cipollini
I haven't made any changes to the source itself - no Pi-specific
optimizations - just built it on a Pi to get ARMv6 compatible
executables; Debian wheezy armhf is targeted at ARMv7 and up, for
those not familiar.
Best,
- -Gordon M.
-BEGIN PGP SIGNATURE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roger Dingledine:
Hi folks,
I just released 0.2.4.17-rc. Hopefully there will be debs of it
soon.
I will get binary debs for Raspbian completed this evening, and this
time sign them with my public key[1] for anyone who chooses to trust
me.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
tor-admin:
You could modify the tor init script to limit the memory usable by
/usr/sbin/tor as described here:
http://jlebar.com/2011/6/15/Limiting_the_amount_of_RAM_a_program_can_use.html
But I don’t know if this works on RaspPi platform
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
So in the documentation:
UserspaceIOCPBuffers 0|1
If IOCP is enabled (see DisableIOCP above), setting this option to 1
will tell Tor to disable kernel-space TCP buffers, in order to avoid
needless copy operations and try not to run out of non-paged
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Andreas Krey:
My main question: How do circuit creation requests on one's Tor
relay cause load on one's network infrastructure? Is it DNS
requests? Is it TCP connection state entries? It's not
bandwidth, we observed that above, and my router
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
krishna e bera:
On 13-08-29 10:35 PM, Gordon Morehouse wrote:
What on earth is causing so many circuit creation requests in
such a short timespan?
One possibility, if i recall correctly, is that the Tor that comes
with the PirateBrowser
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roger Dingledine:
On Thu, Aug 29, 2013 at 11:30:33PM -0400, krishna e bera wrote:
On 13-08-29 10:35 PM, Gordon Morehouse wrote:
What on earth is causing so many circuit creation requests in
such a short timespan?
[snip]
As for the circuit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Since I originally started keeping an eye on these on my Raspberry Pi
relay (read: slow, resource-limited), I've got to wonder if the
circuit creation storms I was seeing months ago weren't normal network
phenomena but some kind of test run.
We are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Bryan Carey:
It's possible. One should always review all configuration files
before making their node operational. You can't assume that it will
be configured in a particular manner.
I mean, who would have thought the TBB would ship with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
That Guy:
nodes. People running non-exit relays getting booted out by their
VPS/ISP provider. I am just curious if it is getting worse or has
it
This is rarely due to anything other than bandwidth issues, although
some backwards ISPs do not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
So, I started having tubes clogged problems this evening and
realized, finally, that my Raspberry Pi powered relay had been
weathering a circuit creation storm since about 18:11 my time.
tl;dr main dev-related questions at bottom
Aug 29
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
var:
Hi guys,
we moved from a Win to Linux with our tor exit node. The win was
running fine no problems since we are running the the exit node
on a Debian wheezy we got in trouble. The exit node is installed
and configured with the how to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Thomas Hand:
Hi Gordon, I'm having a little trouble installing your deb files
using sudo dpkg -i. Am I missing something. Thx. Tom
There may be dependencies - I believe 'apt-get install' has some
option that'll download them, if that's your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
var:
When the relay starts our Internet goes down. Its more like some
DNS problem but i cant point the finger on it. The connection is
still there but he need a lot of time to resolve the names.
Is this a overkill for our router?
My first
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Geoff Down:
On Sun, Aug 18, 2013, at 12:35 AM, Gordon Morehouse wrote:
I've put binary .debs[1] up of the latest Tor experimental
version - 0.2.4.16-rc - which are built for the Raspberry Pi. I
only have a few days of test data, but so far
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Gordon Morehouse:
Good news, everyone!
I've put binary .debs[1] up of the latest Tor experimental version
- 0.2.4.16-rc - which are built for the Raspberry Pi. I only have
a few days of test data, but so far it appears to perform much
better
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roman Mamedov:
On Wed, 14 Aug 2013 10:47:42 -0700 (PDT) Lance Hathaway
qh...@yahoo.com wrote:
Speaking only for myself (in turn), this is something I would
desperately like to see. I've been planning on deploying several
Raspberry Pis for
relatively new
kernel congestion avoidance facilities such as TCP CoDel[2].
This will take a while, don't hold your breath. But in light of
recent news, I'm committed to it.
[1]
https://github.com/gordon-morehouse/torbian/tree/master/raspbian_packages
[2]
http://arstechnica.com/information-technology
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
tor_bri...@mail.md:
Is it possible for the Tor project to make an extra option on the
page https://www.torproject.org/download/download-unix.html.en with
instructions for people to run a bridge/relay on the Pi? I think
it will help people not to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Harold Naparst:
I updated my Raspberry Pi to 0.2.4.16-rc as Gordon Morehouse
suggested. Almost immediately I can see a big difference. I now
have 700 inbound connections, 4 outbound, and 14 circuits. Before
it was about 150/15/50 or so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Roman Mamedov:
On Tue, 13 Aug 2013 12:02:35 + tor_bri...@mail.md wrote:
I'm wondering, is there any other method for running a tor
bridge/relay on the raspberry pi, other than downloading the
source and compiling it yourself?
Raspbian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Nick Mathewson:
Circuit creation happens within the Tor protocol. How many
circuit creation requests you get at once is a function of how much
bandwidth you appear to have. How many you can handle is a
function of how fast your CPU is, and how
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Nick Mathewson:
(Another thing to look at would be the output of ./src/test/bench
in the 0.2.4.x package.)
Here's the output of that, run from the built Debian source package,
on a minimally loaded Raspberry Pi which appears to overclock to
Bill Waggoner:
On Sun, Aug 4, 2013 at 9:24 PM, Gordon Morehouse gor...@morehouse.me wrote:
Michael Berlin:
[snip]
there. Monitoring everything with arm is also nice but far too CPU
intensive.
A quick thought - can we pull together data on tor monitoring utilities
and then figure out
Michael Berlin:
Hi Gordon and Matthias,
I've split your discussion from the original thread Running exit-node in
Germany and created a new one.
I fully agree with you that the Raspberry Pi is the perfect device to let
others run a Tor Relay Node very easily. What follows is a long mail
Michael Berlin:
The logged throughput is also consistent with what I saw with the console
traffic monitor nload (suggested command line options for nicer units and
less refreshes: nload -u K -U G -t 3000). I guess, I saw even higher peaks
there. Monitoring everything with arm is also nice but
Matthias Redies:
Luckly I have a fiber connection and a unused RaspberryPi. So running an
How many Mbps? I've had a RaspberyPi struggle to forward 1.5Mbps (only
intermittently though) and posted about it in here - it may freeze or
reboot when under stress. If you are pushing more than 1.5Mbps,
Matthias Redies:
There are a few talks on youtube that explain this a little. The Chinese
are pretty successful blocking bridges. The last thing I heard was that
they will send every server which creates a SSL connection so someone in
China a Tor-Handshake and block it if it responds.
In
Shawn:
Set up an obfsproxy3 bridge (you can do obfs2 and regular on different
ports, as last I knew China only blocked IP:port combos, not entire IPs)
- there is a big need for obfsproxy bridges.
Here are my stats for a brand new bridge I set up recently:
Tor's uptime is [about 2.5 weeks,
So, I've got my relay back up on a Raspberry Pi and I'm working on
figuring out the optimizations I made to it, and continuing to tune it.
Out of the box these machines have some difficulty even offering a
couple Mbps, but they can be greatly improved. I will post all details
when done.
I see a
It'd be nice if dynamic DNS could solve this somehow, but it can't with
the current implementation. :/
I think this may only get worse now that we're essentially out of IPv4
space.
-Gordon
Samuel Walker:
Bridges ideally have very stable IPs, as their addresses aren't stored in an
hourly
Andreas Krey:
On Tue, 30 Jul 2013 08:03:58 +, Gordon Morehouse wrote:
It'd be nice if dynamic DNS could solve this somehow, but it can't with
the current implementation. :/
Even if - it wouldn't help those users that have an open connection
through the bridge (or relay) while it does
Tom Ritter:
On 18 July 2013 14:10, Roman Mamedov r...@romanrm.ru wrote:
Maybe they just realized they can't actually offer unmetered bandwidth as
they
advertise, and Tor is about the only application that can readily eat all
bandwidth you'll give it, no matter what.
Tom, out of curiosity
Lunar:
Gordon Morehouse:
Yeah, I had to leave GANDI not because of admin pressure but because
they instituted a 500GB data cap instead of unmetered.
Just to let others know, Nos Oignons [1] reached to them about the new
pricing scheme and they offered to sponsor a 25 Mbit/s exit relay
mick:
mick:
Forgot to add - take a look at http://www.edis.at/en/home for
example. They have reasonable offerings (but limited on the KVM
option) in a variety of countries and I have already established
that they would be comfortable with non-exit tor relays.
Be aware that depending on the
mick:
Forgot to add - take a look at http://www.edis.at/en/home for example.
They have reasonable offerings (but limited on the KVM option) in a
variety of countries and I have already established that they would
be comfortable with non-exit tor relays.
Be aware that depending on the data
Hi, Yes. This is absolutely on my to-do list. I've had a family
medical emergency and about 2 or 3 other things recently about that
level of stress, but BELIEVE me, a strategy for getting a Raspberry Pi
to be a rock solid relay is of paramount importance to me.
I'm hoping to figure out all the
100 matches
Mail list logo
