[Tor-BSD] NYCBUG1 earns a T-shirt!

nanotek nanotek at bsdbox.co
Wed Dec 11 07:36:13 EST 2013


Brian Callahan bcallah at devio.us
Mon Dec 9 00:09:44 EST 2013
> Hi tor-bsd --
>
> As the subject line states, I got an email tonight from the Tor project
> offering me a free T-shirt for my (but really: our) efforts in
> maintaining a Tor node.
>
> The Tor project states that they have observed NYCBUG1 running for 61
> days with an average bandwidth of 1170 KB/s. This is more than double
> the minimum bandwidth of 500 KB/s to be eligible for a shirt.
>
> It is nice to get recognition for running a stable Tor node for any
> length of time, but we can do better!
>
> We need more people running *BSD-based Tor nodes. And not just running
> them but being vocal about it as well. This list, I hope in time, will
> be teeming with discussion about Tor on *BSD. Not only will it help us
> as a collective with solving each others' issues and as a tip/hint
> repository - it will also allow us to come forward to the Tor developers
> as a large group who must be heard. And it benefits the Tor project by
> dissipating the current monoculture. Care about Tor? Then start running
> your own *BSD-based Tor node. And take part in this mailing list!
>
> Btw, NYCBUG1 was updated about two weeks ago to 0.2.4.18-rc and
> everything is going well.
>
> As always, NYCBUG1 details can be found here:
> https://atlas.torproject.org/#details/C8DE1C4F154417DF35142ECF4C8EB454D020E118
>
> ~Brian

Congrats!

Maybe my dilemma can be solved with the help of this list, and generate 
some discussion in the process. I'm trying to establish an exit relay on 
my FreeBSD box but am facing some problems. I haven't attempted fixing 
this in over a week because I came to the conclusion that my ISP is 
hijacking my DNS requests (which would be a very recent development as I 
was running a relay on my Win7 box with no problems not too long ago), 
and that is rendering my relay inaccessible. You all would have a better 
understanding than me though.

Some intel to work with:

## torrc
SocksPort 0
Log notice file /usr/local/var/log/tor/notices.log
RunAsDaemon 1
ORPort 9001
Nickname alphadet
RelayBandwidthRate 256 KB
RelayBandwidthBurst 512 KB
AccountingMax 20 GB
AccountingStart month 3 15:00
ContactInfo mark 696872F91EF8745B4FDF99061CB0654ACD57BC18 <mark at bsdbox.co  <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>>
DirPort 9030
ExitPolicy accept *:6660-6667,reject *:*

## relevent excerpts from notices.log
Dec 03 03:12:40.000 [notice] Reloaded microdescriptor cache.  Found 0
descriptors.
[...]
Dec 03 03:12:41.000 [notice] Heartbeat: It seems like we are not in the
cached consensus.
Dec 03 03:12:41.000 [notice] Heartbeat: Tor's uptime is 0:00 hours, with
3 circuits open. I've sent 0 kB and received 0 kB.
[...]
Dec 03 03:12:51.000 [notice] We'd like to launch a circuit to handle a
connection, but we already have 32 general-purpose client circuits
pending. Waiting until some finish.
[...]
Dec 03 03:13:33.000 [notice] We now have enough directory information to
build circuits.
[...]
Dec 03 03:13:34.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Dec 03 03:13:38.000 [notice] Tor has successfully opened a circuit.
Looks like client functionality is working.
Dec 03 03:13:38.000 [notice] Tor has successfully opened a circuit.
Looks like client functionality is working.
Dec 03 03:13:38.000 [notice] Bootstrapped 100%: Done.
Dec 03 03:13:38.000 [notice] Bootstrapped 100%: Done.
Dec 03 03:13:38.000 [notice] Now checking whether ORPort
110.146.133.98:9001 and DirPort 110.146.133.98:9030 are reachable...
(this may take up to 20 minutes -- look for log messages indicating success)
Dec 03 03:13:38.000 [notice] Now checking whether ORPort
110.146.133.98:9001 and DirPort 110.146.133.98:9030 are reachable...
(this may take up to 20 minutes -- look for log messages indicating success)
Dec 03 03:13:41.000 [notice] Self-testing indicates your ORPort is
reachable from the outside. Excellent. Publishing server descriptor.
Dec 03 03:13:46.000 [notice] Self-testing indicates your DirPort is
reachable from the outside. Excellent.

## tor process
PID USERNAME    THR PRI NICE   SIZE    RES STATE    TIME   WCPU COMMAND
54844 _tor          2  20    0 65536K 45648K sbwait   0:16  0.00% tor

This all would indicate Tor is successfully running as a relay. Atlas,
however, still reports differently:
https://atlas.torproject.org/#details/EE16D7A4FBCF6494FEE75C856D76782295CB9DC4


However, the following reveals, what I believe is, the problem:

## more notices.log excerpts
Dec 02 15:37:54.000 [warn] Mismatched accounting interval: moved by
-87.92%. Starting a fresh one.
Dec 03 03:12:38.000 [notice] No AES engine found; using AES_* functions.
Dec 03 03:12:38.000 [notice] This version of OpenSSL has a slow
implementation of counter mode; not using it.
Dec 03 03:12:40.000 [notice] We weren't able to find support for all of
the TLS ciphersuites that we wanted to advertise. This won't hurt
security, but it might make your Tor (if run as a client) more easy for
censors to block.
Dec 03 03:13:44.000 [notice] Your DNS provider gave an answer for
"hxfu4dgtdhch", which is not supposed to exist. Apparently they are
hijacking DNS failures. Trying to correct for this. We've noticed 1
possibly bad address so far.



What is hard to decipher, is that (a) the relay worked for brief moments (data can be found on both
metrics. and atlas.torproject.org), and (b) the tor log explicitly states that the relay is reachable.

I'd love to get a relay going on this box, if you have any ideas I am more than willing to implement
them. Thanks!

     

-- 
nanotek at bsdbox.co

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/tor-bsd/attachments/20131211/6c580d66/attachment.html>


More information about the Tor-BSD mailing list