Silk Road forums

Discussion => Security => Topic started by: jase00 on September 05, 2013, 03:03 pm

Title: tor relay / port forwarding
Post by: jase00 on September 05, 2013, 03:03 pm
hey peoples

I'm trying to setup a tor relay using the browser bundle. I think its working as I get the message saying its " connected to the directory blah blah - excellant"

Problem is.....I'm not 100% sure on the port forwarding that is required.
I'm using port 9001 as the tor relay port, the directory port is  9030 and tor control is localhost:9050. All the tutorials I've read say you need to port forward diff ports..

Do I just need to port forward the tor relay, which in my case is 9001 ?

Also some docs have the tor relay as 9001 and others as 443, Does it matter what I use ? I'm assuming what ever port I use is updated in the directory so others can reach me.. as long as its port forwarded and has connectivity ?

any other useful tips and tricks would be great :)

thanks
Title: Re: tor relay / port forwarding
Post by: astor on September 05, 2013, 03:26 pm
You shouldn't run a relay from home, because

1. Residential connections are pretty slow to begin with.

2. It destroys one of Tor's best features, concealing the fact that you use Tor. Your IP address will be in publicly accessible lists like http://torstatus.blutmagie.de

3. Many web sites indiscriminately block all Tor relay IP addresses, irrespective of whether they are exit nodes, so you are likely to find your own web browsing to be blocked.

However, I will answer your questions.

hey peoples

I'm trying to setup a tor relay using the browser bundle. I think its working as I get the message saying its " connected to the directory blah blah - excellant"

Problem is.....I'm not 100% sure on the port forwarding that is required.
I'm using port 9001 as the tor relay port, the directory port is  9030 and tor control is localhost:9050. All the tutorials I've read say you need to port forward diff ports..

Do I just need to port forward the tor relay, which in my case is 9001 ?

You should port forward 9001. If you allowed you relay to be a directory server, you should port forward 9030 as well.

Check onion icon -> Message Log -> Advanced tab for messages about whether your relay is accessible by others. It does some self-testing.

Quote
Also some docs have the tor relay as 9001 and others as 443, Does it matter what I use ?

443 is better because it's the standard HTTPS port so it's harder for censoring governments to block that port without breaking lots of web sites.

Quote
I'm assuming what ever port I use is updated in the directory so others can reach me.. as long as its port forwarded and has connectivity ?

That's correct, although you may not see much traffic for a day or more, while clients are learning about your relay. You also might not see much traffic at all if your bandwidthrate is really low (like below 100 KB).

Quote
any other useful tips and tricks would be great :)

Rent a VPS. :)
Title: Re: tor relay / port forwarding
Post by: jase00 on September 05, 2013, 03:51 pm
thanks for the detailed info :) I wasn't planning on running it at home  (just testing it quickly atm, through my "prepaid" 3G dongle, not my regular service ) but you did give me some extra points I wasn't aware of that I'll need to take into consideration. 
The port 443 vs 9001 makes sense, If I do continue to play around with this I'll stick to 443.

Interesting how it takes a day or so for people to connect.. I was waiting an hour for the directory to update and wondering why I couldn't see much activity.. guess that solves that :}

thanks again !
Title: Re: tor relay / port forwarding
Post by: Bazille on September 05, 2013, 04:09 pm
You shouldn't run a relay from home, because

1. Residential connections are pretty slow to begin with.
2. It destroys one of Tor's best features, concealing the fact that you use Tor. Your IP address will be in publicly accessible lists like http://torstatus.blutmagie.de
3. Many web sites indiscriminately block all Tor relay IP addresses, irrespective of whether they are exit nodes, so you are likely to find your own web browsing to be blocked.

1. In many european countries a 16mbit DSL line is already considered slow, compared with what's possible. But it's enough to run a Tor relay at decent speed (over 100kb/s)
In Germany probably 10% or more of the Tor relays are run from residential connections.
2. Some users might not care whether anyone knows if they use Tor or not
3. Fuck those websites if they don't understand the difference between relay and exit node. They should fire their unskilled admins.

@jase00
You don't need to open the directory port. Opening the relay port is enough, as there are enough directories.
You should use version 0.2.4.17-rc of Tor, because it helps the Tor network with the annoying botnet.

If it takes long for users to connect then your relay may be flagged as slow (less than 50kb/s) or not working properly. You can see its flags on torstatus.blutmagie.de (after it was online for 30 mins or so)

WARNING: Don't run a Tor exit node from home, or police may come take your computers, especially when you live in Germany. You'll also get tons of cease and desist letters from the music mafia.
Make sure your Tor relay configuration includes
Quote
ExitPolicy reject *:*
That will make sure that Tor users can connect to your realy, but your IP adress won't show up when they browse the clearnet.
Title: Re: tor relay / port forwarding
Post by: astor on September 05, 2013, 05:18 pm
1. In many european countries a 16mbit DSL line is already considered slow, compared with what's possible. But it's enough to run a Tor relay at decent speed (over 100kb/s)
In Germany probably 10% or more of the Tor relays are run from residential connections.
2. Some users might not care whether anyone knows if they use Tor or not

True, but someone posting on this forum is likely to be buying drugs and should care. ;)

I wouldn't want my IP address on a widely known (by LE) and scrutinized list.
Title: Re: tor relay / port forwarding
Post by: Bazille on September 05, 2013, 05:25 pm
Right. If I lived in Big Brother land USA I would think twice before running a Tor relay from home while buying drugs. If you buy small amounts of drugs in most countries police won't even bother, unless they have no other choice. It's a lot of paper work and the prosecutor will drop charges. Well unless you live in Bavaria maybe. They'd treat you like a terrorist when you get caught with 0.0001g of weed.