[tor-relays] Re: (No Subject)

Am Mon, 10 Feb 2025 21:03:46 + schrieb Azraxiel : > I openened Port 9001 on my router 192.168.178.1 and forwarded it to > my OpenSense 192.168.178.2 In OpenSense(10.0.0.1 Own IP) i created > the following NAT rule and same Firewall rule for the WAN Interface > TCP *AnySource *AnyPort Destinati

[tor-relays] Re: (No Subject)

Am 10.02.2025 um 11:35:42 Uhr schrieb Azraxiel via tor-relays: > I followed every step in the Documention for setting up a Relay but > it doesn't work and the opnsense community can't help either. You have to allow all incoming TCP traffic on the listening port and all outgoin

[tor-relays] (No Subject)

Hello, does anybody use the Opensense Plugin for Tor? I followed every step in the Documention for setting up a Relay but it doesn't work and the opnsense community can't help either. Best regards Azra Sent from Proton Mail Android publickey - azraxiel@proton.me - 0x2AAAF94E.asc Description: ap

[tor-relays] Re: Mass-email sent to relay operators

elays@lists.torproject.org/thread/PLWP4RIGGFGEFR76UGPYTT6KUCWUE5A4/ On Mon, Feb 10, 2025 at 11:20:44AM +0100, mpan via tor-relays wrote: > > Hello my fellow relay operators, > > It doesn't seem like there's any malicious intent, maybe a bit of > > schizophrenia perhaps,

[tor-relays] Re: Adding falgs to new relays

On Sunday, 9 February 2025 19:35 ZK via tor-relays wrote: > I'm asking the Torpoject to publicly answer the question: why do you add > BadExit and MiddleOnly flags to new relays? The TorProject is an open source project and you can read all the information about what, why, when and h

[tor-relays] Re: Mass-email sent to relay operators

Hello my fellow relay operators, It doesn't seem like there's any malicious intent, maybe a bit of schizophrenia perhaps, but I've reached back out simply asking if he has any proof of anything actually going on just to appease my own curiosity. (…) I have no further comment about this. Thanks,

[tor-relays] Re: Adding falgs to new relays

Am 09.02.2025 um 18:35:51 Uhr schrieb ZK via tor-relays: > I'm asking the Torpoject to publicly answer the question: why do you > add BadExit and MiddleOnly flags to new relays? Please give the Nickname for the affected relay. > Please don't lie as you did before and lis

[tor-relays] Adding falgs to new relays

I'm asking the Torpoject to publicly answer the question: why do you add BadExit and MiddleOnly flags to new relays? Please don't lie as you did before and list the criteria here ___ tor-relays mailing list -- tor-relays@lists.torproject.org To unsubscri

[tor-relays] Mass-email sent to relay operators

Hello my fellow relay operators, I just received an email that was sent to many relay operators' contact emails. The content is as follows: // Start message Hello to all the relays operators. My name is Zakwan Kalb. I'm investigating a possible ongoing end-to-end confirmation attack run by the

[tor-relays] Re: Guidance on optimal Tor relay server configurations

hat e-mail, > i.e. under time pressure. > > I hope I could help you anyway. > > Best Regards, > -GH > On Friday, February 7th, 2025 at 12:22 PM, George Hartley via tor-relays > wrote: > >> Hi there "usetor", >> >> I am going to answer a few

[tor-relays] Re: Guidance on optimal Tor relay server configurations

On Friday, February 7th, 2025 at 12:22 PM, George Hartley via tor-relays wrote: > Hi there "usetor", > > I am going to answer a few of your questions: > > > 1. "If a full IPv4 /24 Class C was available to host Tor relays, what are > some optimal ways

[tor-relays] Re: Guidance on optimal Tor relay server configurations

RAM conclusion seems 4x more? Linear extrapolation to 256 IPs means, at a minimum, 256 physical cores and 512GB RAM? Sent with Proton Mail secure email. On Tuesday, February 4th, 2025 at 2:27 AM, bic via tor-relays wrote: > we wrote down some notes on our experiece: > https://osservatori

[tor-relays] Re: Guidance on optimal Tor relay server configurations

k you for running Tor nodes! All the best, -GH On Monday, February 3rd, 2025 at 5:00 PM, usetor.wtf via tor-relays tor-relays@lists.torproject.org wrote: > Hi All, > > Looking for guidance around running high performance Tor relays on Ubuntu. > > Few questions: > 1) If a full

[tor-relays] Re: Guidance on optimal Tor relay server configurations

, usetor.wtf via tor-relays wrote: Hi All, Looking for guidance around running high performance Tor relays on Ubuntu. Few questions: 1) If a full IPv4 /24 Class C was available to host Tor relays, what are some optimal ways to allocate bandwidth, CPU cores and RAM to maximize utilization of the IPv4 /24

[tor-relays] Re: Guidance on optimal Tor relay server configurations

://osservatorionessuno.org/blog/2024/12/how-to-bgp-from-your-basement-and-other-tales/ On 2/3/25 5:00 PM, usetor.wtf via tor-relays wrote: Hi All, Looking for guidance around running high performance Tor relays on Ubuntu. Few questions: 1) If a full IPv4 /24 Class C was available to host Tor relays, what are

[tor-relays] Guidance on optimal Tor relay server configurations

Hi All, Looking for guidance around running high performance Tor relays on Ubuntu. Few questions: 1) If a full IPv4 /24 Class C was available to host Tor relays, what are some optimal ways to allocate bandwidth, CPU cores and RAM to maximize utilization of the IPv4 /24 for Tor? 2) If a full 10

[tor-relays] Web Tunnel Bridges

Web tunnel bridges Port 443, https I set up three of these. One in UK, one in Australia and one in USA. Only the USA service is attracting traffic. This might be normal. The others are very quiet. Then I look at it on Tor Relay metric it reports Running

[tor-relays] Re: Having trouble with setting up a relay in a censored country.

Hi,  sorry for the late reply, I was busy working. The only thing that stands out to me immediately is that you configured two separate ControlPort authentication methods: > HashedControlPassword > XX:XX > CookieAuthentication 1 You m

[tor-relays] Re: All of my nodes have been banned

Hello, Thank you. I have read all of it. I have also re-sent my Email, please let me know if you see it now. Thank you. ___ tor-relays mailing list -- tor-relays@lists.torproject.org To unsubscribe send an email to tor-relays-le...@lists.torproject.org

[tor-relays] Re: All of my nodes have been banned

Hello! petition_tricky750--- via tor-relays: Hello, What are some of the most common reasons for relays and exits to be banned from Tor? Had it happen to all of my 5 nodes and I'm currently awaiting response from bad-relays list. I don't see an email from you there yet. You mig

[tor-relays] All of my nodes have been banned

Hello, What are some of the most common reasons for relays and exits to be banned from Tor? Had it happen to all of my 5 nodes and I'm currently awaiting response from bad-relays list. They all present this in logs Jan 18 20:41:40 example.com Tor[2439671]: http status 400 ("Fingerprint and/or

[tor-relays] Re: Possible attack on servers via Tor Guard relays?

On Wed, Jan 15, 2025 at 12:06:09PM -0300, x9p via tor-relays wrote: > I am running a relay and other servers. Sometimes doing SSHD over Tor via a > hidden service in a VPS in openbsd.amsterdam. In all my other setups, in > other providers, I do not see this problem happening. > >

[tor-relays] Re: Possible attack on servers via Tor Guard relays?

Hi, > I do get a "banner line contains invalid characters" error Imo, those characters are somehow related to the communication between the ssh client and the sshd on server. The onion skins should not be able to access the inner most layer, in this case the ssh communication. > Possible at

[tor-relays] Re: Having trouble with setting up a relay in a censored country.

Am 15.01.2025 um 16:25:42 Uhr schrieb nyyymi: > > Please post your torrc (without comments). > > and the IP addresses of the machine. > Ip is 192.168.1.113. This is a private IPv4 address, unreachable from the internet by design. You need to set up port forwarding in your router to make it reac

[tor-relays] Re: Having trouble with setting up a relay in a censored country.

Am Wed, 15 Jan 2025 16:01:44 + schrieb nyyymi : > Nickname is nyymi. It doesn't show up on the relay search That is an indicator that something isn't working. Please post your torrc (without comments). and the IP addresses of the machine. ___ tor-re

[tor-relays] Re: Having trouble with setting up a relay in a censored country.

Am 14.01.2025 um 19:50:19 Uhr schrieb nyyymi via tor-relays: > For the past few days I've been trying to open a tor-relay on > my old laptop running arch. The tor service starts fine but when I > check nyx no traffic goes through me, both download and upload is 0. New relays p

[tor-relays] Possible attack on servers via Tor Guard relays?

Hi, I am running a relay and other servers. Sometimes doing SSHD over Tor via a hidden service in a VPS in openbsd.amsterdam. In all my other setups, in other providers, I do not see this problem happening. Upon connecting for the first time, I do get a "banner line contains invalid charac

[tor-relays] Re: Question: Relay speed South Africa

indeed is new, it might take a while for it to pick up speed.. for Guard relays, this can take longer than 8 weeks, for exit relays it is usually around 1-2 weeks. On Tuesday, January 14th, 2025 at 4:59 PM, s7r via tor-relays wrote: > The VPS does not provide the advertised speed, the ne

[tor-relays] Re: Having trouble with setting up a relay in a censored country.

Otherwise, make sure that your ControlPort is opened, and that you use CookieAuthentication. Thank you, -GH On Tuesday, January 14th, 2025 at 8:50 PM, nyyymi via tor-relays wrote: > Hello. For the past few days I've been trying to open a tor-relay on my old > laptop running arch. The

[tor-relays] Having trouble with setting up a relay in a censored country.

Hello. For the past few days I've been trying to open a tor-relay on my old laptop running arch. The tor service starts fine but when I check nyx no traffic goes through me, both download and upload is 0. Nyx shows Unknown:portnumber. I doubt that the port is closed or somehow unavailable since

[tor-relays] Re: Question: Relay speed South Africa

Carlo P. via tor-relays wrote: Hello experts, I have, from the same provider, two VPS with same specs (also same port speed of 200MBit/s, verified via speedtest-cli) - one in Germany, one in South Africa. Whilst the German one behaves as expected (two fast relays on it), the two relays in

[tor-relays] Question: Relay speed South Africa

Hello experts, I have, from the same provider, two VPS with same specs (also same port speed of 200MBit/s, verified via speedtest-cli) - one in Germany, one in South Africa. Whilst the German one behaves as expected (two fast relays on it), the two relays in South Africa won't really get up to s

[tor-relays] Re: My web-bridges looks offline in the Relay Search

Hej, like said before, its not recommended to expose the ORPort. The forum link (yes, it's me) only enables IPv6 for outgoing connections from the container and does not expose any ORPorts to the outside. 2001:db8:1::/64 is "IPv6 prefix for documentation purpose", so think of it like 192.168.0.0

[tor-relays] Re: My web-bridges looks offline in the Relay Search

Hello! On Tuesday, January 7th, 2025 at 11:38, atari … via tor-relays wrote: > is related to not exposing your ORPort (which is highly recommended). See > these 2 tickets: Can you please clarify what is recommended? To expose ORPort or not? At first from your quoted message I decide

[tor-relays] Re: My web-bridges looks offline in the Relay Search

On Mon, Jan 06, 2025 at 01:11:15PM +, Brook Rameev via tor-relays wrote: > Today all my web tunnel relays become offline according to > https://metrics.torproject.org/rs.html#search/BrookRameev (my web > tunnel bridges have the 'W' suffix). But they are surely online >

[tor-relays] Re: My web-bridges looks offline in the Relay Search

Hej, they are all green again on metrics ;) Your bridges showing offline from time to time is related to not exposing your ORPort (which is highly recommended). See these 2 tickets: https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/129 https://gitlab.torproject.org/tpo/web/communi

[tor-relays] My web-bridges looks offline in the Relay Search

Hello! Today all my web tunnel relays become offline according to https://metrics.torproject.org/rs.html#search/BrookRameev (my web tunnel bridges have the 'W' suffix). But they are surely online (except BrookRameev7W, which is surely dead). I see traffic on them, I see no problems in logs, no

[tor-relays] Re: Tor node shutdown

ghput (above 5 Terabyte per month). All the best, -GH On Monday, December 30th, 2024 at 7:22 AM, Tschador via tor-relays wrote: > FYI: My Tor node »TorMachine« (6A7551EEE18F78A9813096E82BF84F740D32B911) > will be shut down on 2024-12-31. > > Sorry folks – but I'm too old for th

[tor-relays] Re: Strange UFW logs from another Tor node - update.

GINT if the process is > running in the background, or simply press CTRL + C.. both ways lead to a > graceful exit of tcpdump: > > > kill --signal 2 tcpdump > > > Now you can inspect the traffic using a GUI to

[tor-relays] Re: Tor node shutdown

Thank you for your service! On 2024-12-30 01:22, Tschador via tor-relays wrote: FYI: My Tor node »TorMachine« (6A7551EEE18F78A9813096E82BF84F740D32B911) will be shut down on 2024-12-31. Sorry folks – but I'm too old for the job. Good luck and all the best wishes for the f

[tor-relays] Tor node shutdown

FYI: My Tor node »TorMachine« (6A7551EEE18F78A9813096E82BF84F740D32B911) will be shut down on 2024-12-31. Sorry folks – but I'm too old for the job. Good luck and all the best wishes for the future! ___ tor-relays mailing list -- tor-relays@lists.torpro

[tor-relays] Re: Question about middle relays and common web usage annoyances

I wanted to chime in. I run an entry-middle relay in my basement connected to 300mbps fiber. It doesn’t push much traffic but it’s mine and I’m proud. The bank where I do my banking blocked our IP. After carefully explaining the situation to their IT team, they contacted their web host and had

[tor-relays] Re: Question about middle relays and common web usage annoyances

Individual bridge IPs are not published anywhere and so cannot be blocked like this. Unless they are collateral damage from a block of IPs being banned because of relays.  Like all IPs from a VPS provider. Cheers. On 12/26/2024 4:02 AM, ndub via tor-relays wrote: I'm also facing the

[tor-relays] Re: Question about middle relays and common web usage annoyances

ndub via tor-relays wrote: I'm also facing the same problem. I'm wondering whether this also happens to bridges and if it doesn't, why not running a bridge ? Because of how everyone *thinks* that understands internet and particularly internet security... not to mention the

[tor-relays] Re: Question about middle relays and common web usage annoyances

I'm also facing the same problem. I'm wondering whether this also happens to bridges and if it doesn't, why not running a bridge ? -- ndub On 25/12/2024 08:29, Richie via tor-relays wrote: Hi, tierce, can confirm (germany), and afaik a known issue for quite a long time now. M

[tor-relays] Re: What're these ufw block logs saying?

mended) which can parse .pcap files and decode / recognize many types of packets. Please report back what you find! All the best, -GH On Monday, December 23rd, 2024 at 6:46 PM, code9n via tor-relays wrote: > > Hi, > >   re. my (guard / middle

[tor-relays] Re: Question about middle relays and common web usage annoyances

ail to you. On Tuesday, December 24th, 2024 at 8:07 AM, gniping via tor-relays wrote: > Hello, > > I'm located in Belgium. > > I keep two small middle relays (no exit, not even guard)… > > https://metrics.torproject.org/rs.html#details/89B4597169A

[tor-relays] Re: Question about middle relays and common web usage annoyances

Good morning tierce, I suspect that the sites you're unable to access are using https://www.dan.me.uk/dnsbl or another blocklist provider that naively blocks middle relays and/or entry relays instead of/in addition to exit relays. If you don't want to or can't pay for third-party hosting to mo

[tor-relays] An update regarding the raid in August

Hello everyone! The holidays and the 38C3 are coming up. Unfortunately nobody from our organization will be able to attend the congress in person this year. In case that the police raid in August is going to be a topic for the relay operators meetup, we would like to provide you with a small upd

[tor-relays] Re: Question about middle relays and common web usage annoyances

ell them/offer them migitation methods). I'd be happy to hear success stories on deblocking tor relay IPs, but i doubt that i'll see this happen. Thanks for running a relay, Richie Am 24.12.24 um 08:07 schrieb gniping via tor-relays: Hello, I'm located in Belgium. I keep two

[tor-relays] Question about middle relays and common web usage annoyances

Hello, I'm located in Belgium. I keep two small middle relays (no exit, not even guard)… https://metrics.torproject.org/rs.html#details/89B4597169A9DBB171F0B4629C73C0FD55D767C7 https://metrics.torproject.org/rs.html#details/07E3A0DC6AD4A5F07D1AF942626EBBF6CC0C72C7 If I browse the web using a

[tor-relays] What're these ufw block logs saying?

Hi, re. my (guard / middle relay) : 181.215.226.65 : 443 : http://hctxrvjzfpvmzh2jllqhgvvkoepxb4kfzdjm6h7egcwlumggtktiftid.onion/rs.html#details/41D4F82AB54AE5C5FB8D3CD24B4FC84350EFEF03 I'm getting traffic from another (non-exit) relay : 155.138.146.249 : 9001 : http://hctxrvjzfpvmzh2jllqhgvvko

[tor-relays] Announcing the shutdown of our Tor Relay "ExitTheMatrix"

Hello dear list readers and contributors, We received UDP floods (mostly through DNS Amplification) which were usually 60-70 GBit/s in size, up until a month ago this was not a problem for most of the exit relays lifetime, because we had a custom Tilera sitting between our server and the remain

[tor-relays] Re: Unable to bind to IPv6

7.0.0.1:9090 NoAdvertise > ## If you want to listen on IPv6 your numeric address must be explicitly > ## between square brackets as follows. You must also listen on IPv4. > #ORPort [2001:DB8::1]:9050 Good luck with everything. -GH On Tuesday, December 17th, 2024 at 2:42 AM, Red Oaive

[tor-relays] Re: Standalone snowflake proxy re-testing as restricted

There is a hacky fix available: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/460 ___ tor-relays mailing list -- tor-relays@lists.torproject.org To unsubscribe send an email to tor-relays-le...@lists.to

[tor-relays] Tor activities at 38th Chaos Communication Congress, Hamburg, 2024

Hello, Join us for Tor activities @ 38th Chaos Communication Congress (38C3): https://events.ccc.de/congress/2024/ The 38th Chaos Communication Congress runs from December 27 to 30, 2024 in Hamburg. We've got a lineup of Tor activities happening during this congress! - December 28: "Guardian

[tor-relays] Re: Next Tor Relay Operator Meetup - December 7th 2024 @ 1900 UTC

On Monday, December 9th, 2024 at 07:45, gus via tor-relays wrote: > ### Phase one, Ben's talk > > https://direct.mit.edu/books/oa-monograph/5761/TorFrom-the-Dark-Web-to-the-Future-of-Privacy I had to miss the meetup, so thanks for these notes from Ben Collier's visit. I

[tor-relays] Re: Unable to bind to IPv6

On 2024-12-16 06:39, George Hartley via tor-relays wrote: Hi, it seems that your address is not reachable for me: You were pinging his link local fe80 address, which isn't routable. He is having troubles listening on the real IPv6 address, which he obfuscated. On 2024-12-15

[tor-relays] Re: Unable to bind to IPv6

q=3 Destination unreachable: Address >unreachable >From fe80::6e62:6dff:fe85:b8f9 icmp_seq=4 Destination unreachable: Address >unreachable Did you check that you can actually have IPv6 connectivity FROM your server? All the best, -GH On Monday, December 16th, 2024 at 12:37 AM, Eddie via tor-

[tor-relays] Unable to bind to IPv6

I had an issue with my VPS that I didn't notice for a while where I had lost my IPv6 addressing.  After contacting support they have restored the IPv6 address, but I'm now unable to bind to the address.  I've a feeling it's more either my configuration or the VPS configuration at fault, not tor

[tor-relays] Re: [Possible phishing attempt] install OBFS4

te > > > > -GH > > On Tuesday, November 19th, 2024 at 10:29 PM, Keifer Bly > > keifer@gmail.com wrote: > > > > > Hi, yes I got it running. Wondering is there a single debain command to > > > set up automatic upgrades for tor, and is there a to

[tor-relays] Question about WebTunnel bridge

Hi, can I run a webtunnel bridge on the same device that already runs a common bridge ? I have 1 bridge relay running 24/7, I could setup another machine for the webtunnel bridge but I can't get another ipv4 . Should I put it down and replace with a webtunnel bridge ? Thoughts ? Cheers ___

[tor-relays] Re: Next Tor Relay Operator Meetup - December 7th 2024 @ 1900 UTC

Hello, Thanks everyone for joining us last Saturday. Here are the meetup notes. Our next online meetup will happen at the end of January 2025. I'll announce it in January. cheers, Gus ## Tor Relay Operator Meetup - 2024-12-07 ### Phase zero, announcements New WebTunnel bridges campaign

[tor-relays] Tor Relay via Tailscale Funnel?

Long time lurker. Saw the call for more middle relays. I have a large amount of spare capacity on my homeserver and 2.5GB fiber to the house. Is there precedent for running a relay through a Tailscale Funnel? I would need to check to make sure Tailscale TOS was okay with it, but to my ISP, it

[tor-relays] Re: ORPort bug is an impediment to running on my servers

Thank-you for all assistance. It still does not appear to be a bug in nyx, but it does appear to be a bug only in tor's reporting through its control port. As such it is, I'm sure, a low priority to fix in light of efforts to replace the c relay. I've updated the bug report.

[tor-relays] Countering botnet traffic using DNS blocklists

Hi all, Haven't posted in a while here, it's good to see that this list is still going strong :) I hope that some Tor Project employee can reply on list item 2 below. I've been co-operating an exit relay for some four years now. My usual response to abuse notifications is adding a reject rule to

[tor-relays] Re: ORPort bug is an impediment to running on my servers

Thank-you for the private and forum replies with various suggestions. Suggesions were in two flavours: 1) Add OutboundBindAddress - no efect. I did not expect this to have an effect as it only addresses the outbound bind address. 2) Problem is with nyx pointing to https://github.com/torproject/

[tor-relays] ORPort bug is an impediment to running on my servers

Bug 40994 (reported at https://gitlab.torproject.org/tpo/core/tor/-/issues/40994) has become a fairly serious impediment to running relays. I generally obtain two ipv4 addresses on my machines and the ports I want to use for tor are not available on both addresses. So listening on 0.0.0.0 is

[tor-relays] Re: Next Tor Relay Operator Meetup - December 7th 2024 @ 1900 UTC

Hello, Just a friendly reminder that our meetup is happening this Saturday, December 7th, 2024 at 1900 UTC. ## Agenda 1. Announcements - New WebTunnel bridges campaign - https://blog.torproject.org/call-for-webtunnel-bridges/ - Upcoming in-person events 2. Ben Collier's book presentation

[tor-relays] Re: Tor automatic start

Thanks all. --Keifer On Mon, Dec 2, 2024 at 11:24 PM William Denton wrote: > On Sunday, December 1st, 2024 at 14:15, Keifer Bly > wrote: > > > So on Debain 12, is there a way to configure tor to start automatically > when the os boots? Thanks. > > One way is to use the @reboot time in a cron j

[tor-relays] Re: WebTunnel Hardware Requirements

Quoting Dan (2024-12-03 04:22:39) > I'm hoping to spin up some webtunnel bridges in response to the call for > more. > I currently run a few middle relays, but have never setup a bridge. I have > found a provider in the good-bad-isps list that offers additional IPv4 > addresses for a small fee

[tor-relays] Re: Tor automatic start

sudo systemctl enable tor On Sun, Dec 1, 2024 at 2:15 PM, Keifer Bly wrote: Hi, So on Debain 12, is there a way to configure tor to start automatically when the os boots? Thanks. --Keifer signature.asc Description: OpenPGP digital signature __

[tor-relays] Re: Tor automatic start

On Sun Dec 1, 2024 at 8:15 PM CET, Keifer Bly wrote: > Hi, > > So on Debain 12, is there a way to configure tor to start automatically > when the os boots? Thanks. > > --Keifer Do you mean something like, `systemctl enable tor`? ___ tor-relays mailing li

[tor-relays] Re: Regarding IPv6 & webtunnel bridge

Hej Dionysios, guess you have to additionally put the following to your torrc: ORPort [::1]:auto AssumeReachableIPv6 1 Best regards, atari ___ tor-relays mailing list -- tor-relays@lists.torproject.org To unsubscribe send an email to tor-relays-le...@l

[tor-relays] Re: Standalone snowflake proxy re-testing as restricted

Cecylia Bocovich wrote: > We've had several reports about the NAT check being inconsistent since > we upgraded and re-installed the Snowflake broker[0], it seems it's not > just you having this problem. I've opened an issue to look into it[1]. Thanks for the confirmation. Meanwhile, I was getti

[tor-relays] Standalone snowflake proxy re-testing as restricted

Hey there, I have been running a standalone snowflake proxy for quite some time now. First in a docker container, but now in its own linux container to have more control over it myself. This has worked out great so far with an ephemeral-ports-range of 200 ports. Those are forwarded to the linux

[tor-relays] Regarding IPv6 & webtunnel bridge

Hello, Is there any particular configuration change I have to do in torrc/nginx for my bridge to be listed as both v4/v6 on the metrics website? It's a webtunnel bridge and that complicates things, for obfs4 the configuration is pretty much straightforward. D. _

[tor-relays] Re: [Possible phishing attempt] install OBFS4

29 PM, Keifer Bly wrote: > Hi, yes I got it running. Wondering is there a single debain command to set > up automatic upgrades for tor, and is there a torrc configuration to limit > CPU usage? Thanks > > > On Mon, Nov 18, 2024, 11:19 PM torproject.qj5i9--- via tor-relay

[tor-relays] relay operator meeting postponed

Greetings fellow relay operators! Sorry for the last minute notice, but we're postponing the usual relay operators meeting previously set for tomorrow. Stay tuned for a new date. George -- 43C2 85B0 41B6 4AC1 0E02 2767 7092 AEB3 40B0 C804 ___ tor-rel

[tor-relays] Re: [Possible phishing attempt] install OBFS4

Add Tor's repo in your system: https://support.torproject.org/apt/tor-deb-repo/ Then install unattended-upgrades too: https://wiki.debian.org/UnattendedUpgrades Unattended-Upgrade::Origins-Pattern { "origin=*"; }; This way (by including all origins) you basically keep all your packages

[tor-relays] Re: Journal warnings spam

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Great tip Thank you! :) - -- Original Message -- From "Chris Kerr" To tor-relays@lists.torproject.org Date 18/11/2024 5:45:28 μμ Subject [tor-relays] Re: Journal warnings spam On 15/11/2024 13:01, Dionysios K. wrote: Hey guys, Do

[tor-relays] Re: Journal warnings spam

On 15/11/2024 13:01, Dionysios K. wrote: Hey guys, Do you have any solution to stop the spam caused by tor: The IPv4 ORPort address 127.0.0.1 does not match the descriptor address . If you have a static public IPv4 address, use 'Address ' and 'OutboundBindAddress '. Indeed I have a static

[tor-relays] Re: [Possible phishing attempt] install OBFS4

Hi, have you installed the obfs4proxy? If you follow this guide: https://community.torproject.org/relay/setup/bridge/debian-ubuntu/ you should be good to go. I've added "BridgeDistribution https" for my bridge, if you follow the post install page there is written something about distribution c

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

Hi, I had very similar reports to [tor-operator_urdn.co](https://forum.torproject.org/u/tor-operator_urdn.co): DateTime Action AttackClass SourceIP Srcport Protocol DestinationIP DestPort 0 30-Oct-2024 14:06:13 BLOCKED attempted-recon 92.51.45.21 0 202.91.162.47 22 1 30-Oct-2024 14:43:35 BLOCKED a

[tor-relays] Journal warnings spam

Hey guys, Do you have any solution to stop the spam caused by tor: The IPv4 ORPort address 127.0.0.1 does not match the descriptor address . If you have a static public IPv4 address, use 'Address ' and 'OutboundBindAddress '. Indeed I have a static IP but behind nat, so defining it in torrc

[tor-relays] Re: Raspberry Pi 4

PM, Keifer Bly wrote: > Thinking of using a libre computer instead. > > --Keifer > > On Sat, Nov 9, 2024, 1:38 PM Keifer Bly wrote: > > > Ok thanks all. > > > > --Keifer > > > > On Thu, Nov 7, 2024, 6:43 AM Michael Wächter via tor-rela

[tor-relays] Re: Tor relays source IPs spoofed to mass-scan port 22?

Hi, the node is back online. Everything works normally, and I don't get any bogus SSH packets when using iptraf-ng. Also, we noticed reverse path filtering was off on the VM.. we enabled it. but don't know why it was off.. I configured the ArchLinux VM's /etc/sysctl.d entries on my own, and i

[tor-relays] Re: Tor relays source IPs spoofed to mass-scan port 22?

Hello, add me to the list too. Started receiving packets 3 days ago and Tor Weather sent me an e-mail regarding it. Sad that I could not respond further.. I try to maintain an extremely high uptime. So far, the node has only been been offline for 6 hours in 6 months.. now it's been 72 hours :(

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

Hi, A few notes. I don't know if I have missed it but I don't recall seeing bridges mentioned in this discussion. I too have gotten an abuse message/info/alert from my hosting provider (Nov 8, 03:20 hrs) and I have an OBFS4 BRIDGE, no middle or exit node. And it has always been a bridge, from

[tor-relays] Metrics issue with my relay?

Dear experts, my relay https://metrics.torproject.org/rs.html#details/0FBABB8C7B22CEDDFC849331E8E9E29C18081235 is shown as "down since more than three days" in Metrics. The logs on the server however seem to show normal activity: Nov 10 06:45:35 odin Tor[87753]: Heartbeat: It seems like we are

[tor-relays] Re: Tor relays source IPs spoofed to mass-scan port 22?

Adding another me too. 2 of 5 different ISPs for middle and entry nodes shared same abuse complaints other received. First time in 10 years to receive abuse complaints from middle/entry nodes. Not fun. It'd be great for Tor to publish a blog on what is happening / what happened so we can inclu

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

Hello all, those watchdogcyberdefense "specialists" have meanwhile publicly admitted their mistake (of course, hidden in a political wording to create a different impression): https://watchdogcyberdefense.com/2024/11/is-this-attackers-ip-spoofed/ Quote: "This experience got us thinking about t

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

On 2024-11-08 08:47, tor-relays+tor-rel...@queer.cat wrote: This rule will also count SYN-ACKs sent from your own server to bots trying to connect to your SSH on port 22. The rule is on the source port = 22, not the destination port = 22. Incoming bot connections will not have a sport = 22.

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

I just reset my SYN-ACK detection nft counter and it's still showing activity: tcp sport 22 tcp flags == 0x12 counter packets 9 bytes 504 That was in five minutes. On 2024-11-08 03:03, Red Oaive wrote: Thank-you for you efforts, and for the efforts of the anonymous contributors! And let me

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

Thank-you for you efforts, and for the efforts of the anonymous contributors! And let me second the motion requesting (much) more information about the perps. Do we know the full impact though? The vast majority of relay operators seem not to be on the mailing list. What are the actual numb

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

* Roger Dingledine: > We should expect some more days of fallout, while mistaken abuse > complaints are still being processed by various hosters. You called it. Mere minutes ago, Hetzner forwarded another complaint, for a grand total of 9 (yes, nine, what a gruesome level of abuse) spoofed connec

[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

That's great news! Kudos to all who helped track this done. On Thu, Nov 7, 2024, at 12:49 PM, gus wrote: > Hello everyone, > > I'm writing to share that the origin of the spoofed packets has been > identified and successfully shut down today, thanks to the assistance > from Andrew Morris at Grey

[tor-relays] wedos.cz

On 2024-11-05 16:32, George Hartley via tor-relays wrote: Also, please consider using a provider that is not overcrowded with Tor nodes already like OVH. I can recommend Wedos.cz ... https://wedos.cz/en/ They block access to their web site to Tor users. This doesn't bode well for ho

[tor-relays] Re: Inquiry about a possible DDoS case

Hi, Yes, there is a DNS server but port 53 is not open to the internet, only locally. King regards On Nov 6, 2024 at 9:17 PM, tor-relays+tor-rel...@queer.cat wrote:Is your server running a DNS server that's open to the internet on port 53? On 6/11/24 09:25, Jose A via tor-relays

Re: [tor-relays] Raspberry Pi 4

Hi all, I’m running a relay on a Pi 4 now for almost 2 years, almost no issues at all. Average CPU load 40 %, average bandwidth 5 MB. Updating to a newer version of tor is a bit tricky. Rads Michael > Am 04.11.2024 um 12:40 schrieb jl2238--- via tor-relays > : > > It works.

  1   2   3   4   5   6   7   8   >