On Thu, 25 Oct 2018 17:48:09 +0000 dlugasny@protonmail.com wrote:
In did, I have to read more carefully attached documentation. After small changes torrc looks like this:
Does any one of You see any wrong parameters ?
########################## SocksPort 0 Log notice file /var/log/tor/notices.log ControlPort 9051 HashedControlPassword (for nyx) ORPort 9001 RelayBandwidthRate 400 KBytes # Throttle traffic to 100KB/s (800Kbps) RelayBandwidthBurst 600 KBytes # But allow bursts up to 200KB (1600Kb) ContactInfo Dlugas-ny <dlugasny AT protonmail dot com> DirPort 9030 # what port to advertise for directory connections ExitRelay 0 ExitPolicy reject *:* # no exits allowed PublishServerDescriptor 0 CellStatistics 1 ExtraInfoStatistics 1 ConnDirectionStatistics 1 EntryStatistics 1 LogMessageDomains 1 AvoidDiskWrites 1 WarnPlaintextPorts HeartbeatPeriod 1hours DisableDebuggerAttachment 0
These are enough to run a relay:
SocksPort 0 ORPort 9001 RelayBandwidthRate 400 KBytes RelayBandwidthBurst 600 KBytes Log notice file /var/log/tor/notices.log ContactInfo Dlugas-ny <dlugasny AT protonmail dot com> DirPort 9030 MyFamily "fingerprints go here" ExitRelay 0 ExitPolicy reject *:*
MyFamily should contain comma separated list of fingerprints of all your guard, middle, exit relays if you have any. Each fingerprint should be prefixed with '$' symbol. It shouldn't contain fingerprints of your bridges.
If you want to use Nyx then you can enable: ControlPort 9051 HashedControlPassword
Option DisableDebuggerAttachment 0 is for debugging and should be set to 1 during normal operation. Yes, it allows to snoop on Tor circuits in Nyx, but is that really needed?
BTW you can use bits in bandwidth settings, e.g. "RelayBandwidthRate 4 Mbits"
Other options are optional and should be evaluated each separately. For example I don't know why you don't want to publish server descriptor, what is the point of unpublished middle relay? Why avoid disk writes? Modern hardware won't be worn out just by Tor relay disc activity. Why WarnPlaintextPorts? It's a relay, not a client, as SocksPort is 0.
In general it's better to start with software defaults and alter the settings only if you need them altered.