tor-relays August 2022

tor-relays@lists.torproject.org

33 participants
29 discussions

How useful are bridges on ports other than 80 and 443
by Eddie 10 Aug '22

10 Aug '22

Unfortunately I've had to shut down my home based tor relay because my wife's employer is mis-categorising it as an exit node, instead of the middle/guard that it really is. So, until she retires, in a few months, that relay will now be silent after about 5-years running (all of which her having the same employer. Go figure). So, I thought in the meantime I'd run a couple of tor bridges, as my IP should now be clear of any published tor node lists. But I do need to leave ports 80 and 443 open for "normal" HTTP(S) traffic, which I know are the recommended bridge ports as they raise the least suspicion. Are there any other ports that folks might suggest I use that would get enough traffic and not be blocked by a simple firewall. I also run an internal mail server, so all those ports are off limits as well. Cheers.

1 0

Setting a bridge to automatically change IP adresses
by Keifer Bly 10 Aug '22

10 Aug '22

3 3

Overload (dropped ntor) due to DDoS??
by Richard Menedetter 06 Aug '22

06 Aug '22

Hi All I have a non exit relay running on a root server (4 AMD Epyc cores, 8 GB RAM, 2.5 GBit/s Ethernet) I have limited tor to numcpus 2, relaybandwidthburst 15 MB, hardwareaccel 1, maxadvertisedbandwidth 10 MB, maxmeminqueues 3GB Usually it takes less than 1 CPU core, and like 1 GB of RAM. But recently my relay is foten shown as obverloaded. I have these LOG entries: Tor[814]: General overload -> Ntor dropped (290376) fraction 5.3451% is above threshold of 0.5000% Is this due to DDoS attacks or a misconfigration on my side? Is there something that I can do to aleviate this issue? CU, Ricsi

4 5

OT: cheap bar metal machines
by lists＠for-privacy.net 05 Aug '22

05 Aug '22

HiHo, because I switched to my own servers in colocation, I canceled some rented ones. These were all Supermicro blades 8c Opteron, 2 hd's and BMC (IPMI). https://www.supermicro.com/Aplus/system/3U/3012/AS-3012MA-H12TRF.cfm SSD: Samsung (840,850,860) EVO, SATA: WD Enterprice (WDC_WD1003FBYX) They're relatively cheap. 16 EUR + 8 EUR per 16GB RAM. So server with 16GB RAM = 24 EUR/month or 32GB = 32 EUR/month. The 16GB are more than enough for 2 Tor instances! I still operated Monero mining on 4 CPU cores. Currently there is a 10% discount (permanent) and all servers with unmetered unlimited traffic (1000 Mbit). All with no setup fee. https://servdiscount.com/ The same applies to the new servers https://www.webtropia.com/ You can rent the servers prepaid or with a term of 1,3,6,... months/notice period. Hints: If you set up a customer account beforehand, you can upload your SSH keys for server setup. When setting up, select Raid1 (mdraid on Linux) directly. If you have any questions, please write to me personally. German or English. -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!

1 0

Re: [tor-relays] tor 0.4.6 reached end of life
by torserver 03 Aug '22

03 Aug '22

Hi, on my Raspberry Pi 4 I can 't update from 0.4.5. The armhf architecture seems to be the problem. How do I have to upgrade to the newer versions? So far I haven 't found the ultimate way to setup a TOR relay on a Raspi 4 with auto updates. Greetz ghostbuster > Op 02-08-2022 14:00 schreef tor-relays-request(a)lists.torproject.org: > > Subject: [tor-relays] tor 0.4.6 reached end of life > > If you still run tor 0.4.6, now is a good time to upgrade your tor version. > > the list of largest operators still running end of life tor versions: > https://nusenu.github.io/OrNetStats/#end-of-life-relays-share > > https://nusenu.github.io

2 1

Please update your Snowflake proxy
by gus 03 Aug '22

03 Aug '22

Hi, If you're running Snowflake proxies, please read and share the message below. Thank you! Gus ------------------------------------------------------------------------ Please Update your Snowflake Proxy to help us rollout Distributed Snowflake Server Support https://forum.torproject.net/t/please-update-your-snowflake-proxy-to-help-u… At Tor, we are constantly trying to improve Snowflake to make it accessible to more people. This means we are currently working on enabling horizontal scaling of Snowflake to distribute the traffic to more than one server. After this update is roll outed, users will be able to choose one of the secondary snowflake servers as the connection target and reduce the traffic load on the default server. However, this change requires an updated version of the snowflake to be rolled out. This means this change is not live until enough proxies are updated to the most recent version and after we start to reject the previous version of snowflake proxies. For this reason, we would like to request you to update the version of your snowflake proxy, if you haven’t done that yet. Here are some guides on how to check the version and/or update the most recent version of snowflake: ### WebExtension on Firefox To check the version: go to about:addons. Click the 3 dot symbol on the right of Snowflake, and then select manage. you will be able to check the version of Snowflake. It should be 0.6.1. To update: Click the gear symbol on the top of the page, and then select check for updates. ### WebExtension on Chrome To check the version: go to chrome://extensions/?id=mafpmfcccpbjnhfhjnllmmalhifmlcie, and you will see the option to update the snowflake WebExtension. It should be 0.6.1. To update: go to chrome://extensions/ turn on developer mode and then select update. ### Standalone with Docker To check the version: docker run thetorproject/snowflake-proxy -v should include “-allowed-relay-hostname-pattern” in the output. To update: docker pull thetorproject/snowflake-proxy ### Standalone with Go Toolchain To check the version: proxy -v should include “-allowed-relay-hostname-pattern” in the output. To update: go install git.torproject.org/pluggable-transports/snowflake.git/v2/proxy@latest -- The Tor Project Community Team Lead

1 0

When will relays disappear form tor metrics
by Anders Burmeister 01 Aug '22

01 Aug '22

Hi heroes Ended and deleted my two relays Aerodynamik02 and Aerodynamik03. When can I expect they will disappear from tor metrics?https://metrics.torproject.org/rs.html#details/EFEACD781604EB80FBC0… Best regards Anders

2 1

tor 0.4.6 reached end of life
by nusenu 01 Aug '22

01 Aug '22

If you still run tor 0.4.6, now is a good time to upgrade your tor version. the list of largest operators still running end of life tor versions: https://nusenu.github.io/OrNetStats/#end-of-life-relays-share -- https://nusenu.github.io

1 0

An attempt to block spam ip addresses
by Toralf Förster 01 Aug '22

01 Aug '22

Issue 40636 and others deal with DDoS / concurrent connections. Here're few numbers from my attempt [1] of the last days to block such ip addresses. The stats are from 2 relays running at the same ip. Currently there're 700 ip addresses (15 IPv6) caught in the denylist. Those either opened >4 connections to the same orport and/or produced >12 new connection attemps within 5 minutes to the orport. Those system do re-appear quickly if the denylist is flushed. Within one hour over 500K packets, mainly TCP connection attempts, are dropped. Furthermore the number of used sockets at the system is reduced from >35K to about 21K. Nevertheless both relays spew the warnings "Your computer is too slow" and "General overload" from time to time. I do assume that this is a layer 7 problem and therefore can't be fixed at layer 3. The filter is build up from iptables. Scripts for IPv4 and IPv6 can be found under [2] and [3] respectively. [1] https://gitlab.torproject.org/tpo/core/tor/-/issues/40636#note_2821683 [2] https://github.com/toralf/torutils/blob/main/ipv4-rules.sh [3] https://github.com/toralf/torutils/blob/main/ipv6-rules.sh -- Toralf

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-relays August 2022