Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed (moved)
Opened by Trac@tracbot

QR,DIR ports bind to 0.0.0.0 even when I tell tor otherwise.

Hello,

I am running a tor middle relay on a high bandwidth connection but an running into a problem which is causing me more frustration then needed.

I have multiple virtual ip's on my servers NIC. I only want ports 9030,443 and outgoing connections to be available on 1 virtual IP. In order to accomplish that I have added the following configuration to Vidalia.

This file was generated by Tor; if you edit it, comments will not be preserved

The old torrc file was renamed to torrc.orig.1 or similar, and Tor will ignore it

AccountingMax 11811160064000 AccountingStart month 1 00:00 ContactInfo tor-relay-harrry at comcast dot net ControlPort 9051 DataDirectory C:/Users/jt/AppData/Roaming/tor DirPort 192.223.27.139:9030 DirReqStatistics 0 ExitPolicy reject : HashedControlPassword 16:0FD1F531889C1EA360F45BB687F6635983F68D781254B999BC7EDB0200 Log notice stdout Nickname BeefTits ORPort 192.223.27.139:443 OutboundBindAddress 192.223.27.139 RelayBandwidthBurst 30720000 RelayBandwidthRate 10240000 SocksPolicy reject * SocksPort 9050

The problem is TOR.exe looks for the ports on my default NIC ip address of 63.251.20.61:443 and 63.251.20.61:9031

===================================================================== Mar 29 00:03:59.678 [Notice] Now checking whether ORPort 63.251.20.61:443 and DirPort 63.251.20.61:9030 are reachable... (this may take up to 20 minutes -- look for log messages indicating success)

Because I have communication blocked on these ports the reach-ability test fails.

Mar 29 00:23:58.649 [Warning] Your server (63.251.20.61:443) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. Mar 29 00:23:58.650 [Warning] Your server (63.251.20.61:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.

Is is possible for the service to only use the ports that I am specifying? If I leave the default ports open then port 443 is open on my main server ip which I do not want.

Additionally if I have the configuration setup with the default ports set i.e not specifying an ip:port in the config in vadalia, when I click on settings/sharing the box relay traffic inside the to network (non-exit relay) is checked as expected.

As soon as I edit the configuration like I have above and specify the ip:port allocations the button goes to run as client only by itself, and it over-writes the configuration I added and defaults the configuration to specify just the ports 443 and 9031 which means bind to 0.0.0.0 i.e 63.251.20.61

Question is there a way to specify outgoing and incoming port allocations to one virtual ip on the IP Stack?

Why is it using the default ip when I am specifically telling it not to do so.

I also see the ports being used in the sniffer output so the software is ignoring my configuration for port:ip bindings.

Thanks,

Justin

Trac:
Username: jpl

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information