!!! TOR Setup
[tor.png]
\\__T__he __O__nion __R__outing Network, see also [torproject page|http://www.torproject.org]
[{TableOfContents }]
!! Installation / configuration
First [install the tor|tor-install-log.txt] software on the scharnhorst host (FC5).
\\I first tried my CentOS 4.5 host, but I could not get the software installed, could not find proper rpms, could not find rpms to install yum either.
! Port forwarding 9001
The ORPort has been configured on 9001, this port configured in my routermodem, so that this port is forwarde to scharnhorst (10.0.0.102)
! Edit /etc/tor/torrc
The following options were uncommented or changed from default:
{{{
ORPort 9001
ContactInfo harry.metske@gmail.com
Nickname TorComputerhok
Address scharnhorst.computerhok.nl
RunAsDaemon 1
Log info file /var/log/tor/debug.log
SocksPort 9050
}}}
! IP address changed ?!
Now I have had IP address 88.211.133.30 for about 3 years now, and it has changed since last night, I now have __ 195.241.35.97 __ .
\\This has nothing to do with me setting up a tor node, but probably due to the merge of my provider speedlinq with Telfort, the FAQ page tells me that addresse will be changed (with prior otice, but that didn't happen) anyway I changed my CNAME record of www.computerhok.nl, and also torrc:Address to 195.241.35.97.
! Verifying your node
When you tor decides that it's reachable, it will upload a "server descriptor" to the directories. This will let clients know what address, ports, keys, etc your relay is using.
\\Check it [here|http://moria.seul.org:9032/tor/status/authority]
! Install Vidalia
Install of the Vidalia GUI
\\Open up System->Preferences->Software Sources and enter these repositories into 3rd Party Repositories:
{{{deb http://ppa.launchpad.net/adnarim/ubuntu gutsy main
deb-src http://ppa.launchpad.net/adnarim/ubuntu gutsy main}}}
Then: ''sudo apt-get install vidalia''
\\The vialia software cannot show me the stats of a tor node running on another server, so I uninstalled it again.
!! Statistics
I found [torstatus.cyberphunk.org|http://torstatus.cyberphunk.org/index.php] , it shows quite a lot of information, it also tells you if you are using tor yourself.
\\It gives an exensive lists of tor nodes with a lot attributes like
* hostname
* ORPort
* DIRPort
* uptime
* tor version and os
* bandwidth info
Another interesting statistics site is [http://torstatus.blutmagie.de/index.php]
\\You can also zoom into the stats of my own [ComputerhokTOR|http://torstatus.blutmagie.de/router_detail.php?FP=d30a482a4040e77312f94ddd80ff637b63bf75fe]
!! How does it run
I first had to dramatically increase the UBC's for the VPS, expecially the __tcprcvbuf tcpsndbuff__ .
\\I also lowered the __ConnLimit__ to 250.
\\Now also Google starts to nag me with Captcha's, telling me that I have spyware or bot coming from my IP adres, I had that the first day, the second day not anymore. (Was this because of TOR or because of the IP adres change ?)
!! Control protocol
Tor has it's own control protocol. If you specified the ControlListenAddress or ControlPort option, it starts to listen on this port. You can the (very basic duh) open a telnet connection to this port and talk the [control protocol|http://www.torproject.org/svn/trunk/doc/spec/control-spec.txt]
\\A few examples:
{{{
metskem@bismarck:~/downloads$ telnet scharnhorst 9051
Trying 10.0.0.102...
Connected to scharnhorst.
Escape character is '^]'.
authenticate
250 OK
getconf ControlPort
250 ControlPort=9051
getinfo config/names
250+config/names=
AccountingMax DataSize
AccountingMaxKB Integer
AccountingStart String
Address String The advertised (external) address we should use.
__AllDirActionsPrivate Boolean
AllowInvalidNodes CommaList
AssumeReachable Boolean
AuthDirInvalid LineList
AuthDirReject LineList
AuthDirRejectUnlisted Boolean
AuthoritativeDirectory Boolean
BandwidthBurst DataSize
BandwidthRate DataSize
CircuitBuildTimeout TimeInterval
CircuitIdleTimeout TimeInterval
ClientOnly Boolean
ConnLimit Integer
ContactInfo String
ControlListenAddress LineList
ControlPort Integer
CookieAuthentication Boolean
DataDirectory String
DebugLogFile String
DirAllowPrivateAddresses Boolean
DirListenAddress LineList
DirFetchPeriod TimeInterval
DirPolicy LineList
DirPort Integer
DirServer LineList
EntryNodes String
ExcludeNodes String
ExitNodes String
ExitPolicy LineList
ExitPolicyRejectPrivate Boolean
FascistFirewall Boolean
FirewallPorts CommaList
FastFirstHopPK Boolean
FetchServerDescriptors Boolean
FetchHidServDescriptors Boolean
FetchUselessDescriptors Boolean
Group String
HardwareAccel Boolean
HashedControlPassword String
HiddenServiceDir Dependant
HiddenServiceExcludeNodes Dependant
HiddenServiceNodes Dependant
HiddenServiceOptions Virtual
HiddenServicePort Dependant
HttpProxy String
HttpProxyAuthenticator String
HttpsProxy String
HttpsProxyAuthenticator String
KeepalivePeriod TimeInterval
Log LineList
LogFile Dependant
LogLevel Dependant
LongLivedPorts CommaList
MapAddress LineList
MaxAdvertisedBandwidth DataSize
MaxCircuitDirtiness TimeInterval
MaxOnionsPending Integer
MyFamily String
NewCircuitPeriod TimeInterval
NamingAuthoritativeDirectory Boolean
Nickname String
NoPublish Boolean
NodeFamily LineList
NumCpus Integer
NumEntryGuards Integer
ORListenAddress LineList
ORPort Integer
OutboundBindAddress String
PathlenCoinWeight Float
PidFile String
ProtocolWarnings Boolean
PublishServerDescriptor Boolean
PublishHidServDescriptors Boolean
ReachableAddresses LineList
ReachableDirAddresses LineList
ReachableORAddresses LineList
RecommendedVersions LineList
RecommendedClientVersions LineList
RecommendedServerVersions LineList
RedirectExit LineList
RendExcludeNodes String
RendNodes String
RendPostPeriod TimeInterval
RephistTrackTime TimeInterval
RunAsDaemon Boolean
RunTesting Boolean
SafeLogging Boolean
SafeSocks Boolean
ShutdownWaitLength TimeInterval
SocksListenAddress LineList
SocksPolicy LineList
SocksPort Integer
SocksTimeout TimeInterval
StatusFetchPeriod TimeInterval
StrictEntryNodes Boolean
StrictExitNodes Boolean
SysLog Dependant
TestSocks Boolean
TestVia String
TrackHostExits CommaList
TrackHostExitsExpire TimeInterval
UseEntryGuards Boolean
User String
V1AuthoritativeDirectory Boolean
VersioningAuthoritativeDirectory Boolean
VirtualAddrNetwork String
__LeaveStreamsUnattached Boolean
.
250 OK
quit
250 closing connection
Connection closed by foreign host.
metskem@bismarck:~/downloads$
}}}
!! Status
I stopped the tor agent for two reasons:
* the version of the tor agent on my system is too old, I get the following in the tor log:
{{{routers_update_all_from_networkstatus(): Please upgrade! This version of Tor (0.1.1.26) is obsolete, according to 3/3 network statuses. Versions recommended by at least 1 authority are: 0.1.2.19, 0.2.0.11-alpha, 0.2.0.12-alpha, 0.2.0.15-alpha, 0.2.0.18-alpha, 0.2.0.19-alpha, 0.2.0.22-rc}}}
Upgrading was not really an option, it had too many dependencies, I would have to upgrade the whole OS.
* I constantly get prompted with Captchas when searching Google
* __2009-01-17__ reinstalled tor
** on newer infrastructure (Ubuntu 8.04 OpenVZ VPS). (tor version 0.1.2.19) and fibre to the home 35 Mb up/download
** VPS scharnhorst with DNS tor.computerhok.nl
** not an exit node anymore
** configs (other then the defaults):{{{
Log info file /var/log/tor/debug.log
Nickname ComputerhokTOR
Address tor.computerhok.nl
BandwidthRate 1000 KB # Throttle traffic to 100KB/s (800Kbps)
BandwidthBurst 2000 KB # But allow bursts up to 200KB/s (1600Kbps)
ContactInfo harry.metske@gmail.com
ORPort 9001
ExitPolicy reject *:* # no exits allowed}}}
** increased openvz beancounters numtcpsock from 500 to 3000, and tcprcvbuf from ? to 10000000
* view status here: [http://torstatus.blutmagie.de/index.php]
*__stopped__ for the following reasons:
** tor eats up my cpu, averaging to about 60 %, plus an additional 30 % for ntop (at about 500 connections)
** my server starts making a lot of noise because of that (fan blowing)
** my server gets a lot slower for other work
** my server uses too much energy
** I don't want fuzz with my provider