logs archiveIRC Archive / Oftc / #tor / 2009 / December / 1 / 1
nsa
or: kaner committed revision 21071 (/projects/gettor): Only log exception details if we actually have some
or: ioerror committed revision 21072 (/projects/gettor): Update our .pot file to only have constants and update the locale-spec-draft.
or: ioerror committed revision 21073 (/projects/gettor): Update to show what we called when we created the _current_ .pot.
or: ioerror committed revision 21074 (/projects/gettor/i18n/templates): Update the .pot file.
Siegfried
Hi, anyone knows if http://torstatus.kgprog.com/ip_list_exit.php is a correct (and updated) list of exit nodes?
arma
you'll probably do better with https://check.torproject.org/cgi-bin/TorBulkExitList.py
Siegfried
so it means only dnsel is efficient :/
arma
only dnsel does active testing
i'm not sure what the torstatus listing does.
Siegfried
in fact all those torstatus sites have different lists.. that's why i was wondering
but dnsel is a bit boring to implement
and i don't see myself doing lookups for each IP :|
nsa
or: pootle committed revision 21075 (/translation/trunk/projects/torbutton/es): one new spanish torbutton string
arma
siegfried: well, that's what the bulk exitlist is for.
nsa
or: pootle committed revision 21076 (/translation/trunk/projects/torcheck/zh_CN): chinese torcheck updates
or: pootle committed revision 21077 (/translation/trunk/projects/torbutton/zh_CN): chinese torbutton updates
or: arma committed revision 21078 (/projects/gettor/lib/gettor): strip trailing whitespace
or: pootle committed revision 21079 (/projects/gettor/i18n): Update some gettot stuff.
         

Siegfried
arma yes thanks, i didn't read the page correctly, it's perfect :)
IBM
can you give the user the option of privoxy or the other one
instead of enforcing one
thought open source projects was about choice
and the second you accumilated hundreds of thousands of users you brought a responsibility on yourself
dr|z3d
And IRC is about politeness, not aggressively airing your views, IBM.
phobos
users are free to download and install whichever they want
dr|z3d
No need to feed the absent troll. :)
phobos
interesting how IBM was upset about the proxy, but not the choice of browser
nsa
or: arma committed revision 21080 (/projects/gettor/lib/gettor): fix typos, etc
Cisco
you quiet me again for asking a completely legit question i'll find out where you live, fly to your house and stab you in the fu*king throat. you attention seeking faggot, I was asking arma not you're unimportant,doesn't help tor in no way useless troll ass
damn you suck dr|z3d
do it
dr|z3d
(Action) laughs.
MIT
will see if you're still laughing when you're bleeding to death, you stupid fu*k oh look you're infos all over the internet
phobos
angry troll is angry
dr|z3d
Angry troll is always angry. *laugh*
nsa
or: arma committed revision 21081 (/projects/gettor/lib/gettor): don't document the "Lang:" part, since choices are confusing and
or: the 'plus' approach should work for everybody.
or: make it clearer which addresses to send to for your language.
or: use "zh" rather than "zh_CN" in the examples. we need to make an
phobos
i'm ok with taking on the angry about polipo vs. privoxy
since the blog is flooded with comments about how much we suck for switching
_matHeuS`
Hiiiiiiiiiiiiiiiiiiiiiiiii :)
I'm having some problems to 'joke' with Tor on IRC, can anyone give me a little attention
merlijn
in the torrc in the option supposed to be SocksBindAddress or SocksListenAddress? the torrc.sample.in and torrc.complete.in differ in this syntax in svn
keb
merlijn both options can be used. read the tor manual for details
mackan
Hmm. Tor doesn't recognize my ORPort as reachable from the outside
the Dirport works fine, though
which is weird because they're both forwarded in the exact same way
murb
mackan: have you tested it yourself fromthe outside?
keb
maybe a firewall or other application is blocking your ORPort
         

mackan
I don't have a firewall :>
murb, nope, not yet
murb, do you have nmap?
murb
mackan: i have netcat :)
i'm sure if you tell people here the IP and ports we can test quickly.
keb
looks like my tor server stays closer to the RelayBandwidthRate and expected transfer amount if i set the RelayBandwidthBurst at triple rather than double
mackan
"Dec 01 17:47:04.605 [warn] Your server ([ip]:9001) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc."
Still wont work :o
Even though port is obviously reachable from the outside
s/obviously/without douby
keb
obviously to you ;)
mackan
doubt*
murb tested and was able to connect :>
keb
oic. did you set the Address in torrc
mackan
nope
but Tor guessed correctly
keb
i wonder if the reachability testing code is the same as the operational code. maybe there is a bug
mackan
Hmm... I also get "TLS error: unexpected close while renegotiating"
multiple times
I have Tor 0.2.1.20
keb
there was some kind of openssl bug that relates to renegotiation
did you update openssl or compile from source
mackan
the TLS error is just a warn; It appears I'm getting it with each IRC reconnect
keb
*compile tor from source
i never get that warning, but i am using 0.2.2.6
mackan
I installed both openssl and tor with pacman, the package manager of Arch Linux
hmm. no new version of openssl available
there is however a new Tor, tor 0.2.1.20-2
maybe I should try to install that
keb
-2 ? is that an Arch specific package
mackan
no idea :s
installed it and restarted Tor
Hmm.
That fixed the bug
I guess it's some Arch specific bug, then
http://bugs.archlinux.org/task/17185
interesting.
Well, now it works. Thanks :)
SwissTorExit
great mackan, i think that there have updated the new stable with openssl-0.9.8l
because the first wasen't and only 0.2.2.6alpha was compatible ;)
if i am right ;)
mackan
ah okay :)
SwissTorExit
:P
keb
i was getting a lot of [warn] Rejecting insecure DH key [0] in 0.2.2.5-alpha
SwissTorExit
i never have in almost one year such message
i see sometime peoples said same things
maybe i am lucky with connections done by Tor but i must said that i ban a few nodes
keb
do you think those are attacks
SwissTorExit
i have not enough knowledge to answer but i know that i am always updated and have i think a not bad config
but that's must a experimented guy to answer you :P
anyway i don't feel good
keb
how can a relay have a HSDir flag when the DirPort isnt open
SwissTorExit
i have testing some version inclued 0.2.2.5-alpha so come from something for sure
i dunno but it's hidden HS so it must not open for me to communicate if it will still hidde
i make too much speculation and better not told such things lol
keb
i guess DirPort is only for mirror of main directory
SwissTorExit
i am sure wrong ;)
keb
lol yeah better to RTFM
SwissTorExit
:D
what OD are you runing ?
OS*
for my part i am always happy when i have most as possible flags, because i give all time a good realy who will never have bad things :P
keb
debian
SwissTorExit
That's why i am so sad to have no exit at this time :/
Sebastian
SwissTorExit: good to see you figured it out.
SwissTorExit
oh ok, i never have worked on it
eheheh hey Sebastian, hi my friend :P
Sebastian
keb: the only critera for being a hsdir is being online for more than 24 hours, iirc
SwissTorExit
:D
keb
ok
SwissTorExit
but i am happy that you said that, sometime i am confuse due of my knowledge
Sebastian
imho, having the stable flag should be a requirement, too, but I didn't find that in the spec. Maybe karsten can tell us if it is a requirement, and if it isn't why not.
SwissTorExit
it's very important for me because have many sense, i feel just a bit "bad exit" not enough used for really know bad one
Sebastian
keb: these rejecting insecure DH key messages are very probably not attacks, but either someone trying to build their own Tor or someone running a very old client. The warning has been/will be moved to a loglevel where it won't scare as many people
keb
what would be the added extra indicated by HSDir if Stable was prerequisite? maybe HSDir is weaker than stable
SwissTorExit
anyway i never use it , if are not flag that's sure while Tor don't use it anyway lol
Stable are not require keb for HSdir
only like seb said
Sebastian_
I think running for 24h is less of a requirement than proving that in the past month your mtbf is high
SwissTorExit
24 hours and i am flaged most of time and sometime less but are reasonable to said thatz
keb
yeah my server which has HSDir but not Stable is only up for 2 days
SwissTorExit
because of too much test of upgarde, i am not always as stable but i don't thing are really some metter
i better like stay guard like almost always , same if i just restart the system so it's good
that's will nice to have a wiki with "flags" descriptions
or requirements *
Sebastian
wiki?
there's a spec
keb
spec isnt luser-friendly
Sebastian
https://git.torproject.org/checkout/tor/master/doc/spec/dir-spec.txt <-- section 3.3
well, if you're a luser, you better not care
:-)
fabi
Hi! I want to know, how exactly the observed bandwidth entry in the descriptor is calculated. Can you tell me where to find this info? I had it sometime ago, but I don't find the right spec-file
ok, i found it
The server remembers the max bandwidth sustained output over any ten second period in the past day, and another sustained input.
so my question is, what is meant by "the past day" here. Is it the last calender day, or the past 24 hours from the moment on when the descriptor is generated?
arma
fabi: 24 hours from the moment the descriptor is generated
fabi
ahhh ok
can you tell my how often descriptors are generated when TestingTorNetwork is set?
arma
fabi: i think it is no different
fabi
ok, and how is default? 18 hours?
ah 18 hours, or the bw has changed by factor 2, that's interesting
arma
yep
fabi
i actually wonder why this path selection metric performs so well
did you try out other selection strategies?
arma
nope
i just picked it
fabi
ok, then you might be interested in the fact, that you did a surprising good choice
arma
well, it made sense, right? the idea was to load balance across the bandwidth we have. so if relay A has twice the bandwidth of relay B, it should get twice the attention.
the areas where it's imperfect are 1) if you don't measure the bandwidth well enough, and 2) different users put wildly different amounts of load on their circuits
fabi
yes, but I think the observed bw somehow is the theoretically maximum capacity of the node with no respect to it's current load
arma
right. we can't use current load. there's too much latency between measurement and use.
3) relays that have a low bandwidthburst will behave worse than relays with high bandwidthburst, for a given bandwidthrate
fabi
and if you imagine to define current load not to a specific moment but to a interval of time, say 1 hour?
arma
wouldn't you want to advertise the difference between maximum load and current load? who cares how much *isn't* available
fabi
ok, you are right if bw is not limited by any other ressources, e.g. high cpu load (caused by crypto)
arma
maximum load meaning the current advertised bw i mean. not the theoretical size of the nearby pipe.
fabi
ok, so what if you have a or with say unlimited bw ressources, (it would advertise max bw since it has definitely seen this in a ten second period), but the or is so much utilized by other things, that it can currently not serve even a fraction of the theoretically available bw
b0ngL0ad
is slow tor browsing normal? I am a new user as of today
fabi
that's what i meant by current load
misc
b0ngL0ad: it is slower usually, yes
b0ngL0ad
can you determine where you are browsing from? I mean to make google readable?
arma
fabi: another example is, what if you're on a shared cablemodem, and you can burst to 10MB/s at 6am, but at 6pm your neighbors are all file-sharing and you can't push more than 50KB/s.
fabi: you know about mikeperry's bandwidth measurement stuff, right?
b0ngL0ad
wow this is very slow, everything is timing out. am i doing something wrong?
arma
b0ngl0ad: if you upgrade to the development version (0.2.2.6-alpha), it will be slightly faster. not much though. tor is overloaded these days.
fabi
yes, actually i acquired a lot experience with it, especially TorCtl
b0ngL0ad
does anybody know of a way to configure firefox to bounce through a shell accoount?
arma
fabi: ok. because the load balancing that tor clients do these days is based on those numbers, not the self-measured bw numbers.
and i think it's performing better.
fabi
on which numbers?
I think I don't get the point. If that cablemodem guy advertises his peak as 10MB/s but can only serve 50kB, then the observed bw is a quite poor estimate I would say
arma
right. that's an instance where my original design is imperfect.
in theory mike's bw scripts will correct for that
fabi
do you mean his proposal on those bw offsets?
arma
yes. not just a proposal, we're doing it.
have been for months
fabi
is it included in dir-spec?
arma
parts of it. the measured= line and how to vote on it.
fabi
ok, i will definitely have a closer look on that
what actually quite confuses me, is the fact that even without these improvements the simple path selection metric performs so well
ok, so this is very important for me: in which version was this measured= feature added and what version must the client at least use to benefit from it?
arma
o Major features:
- Clients now use the bandwidth values in the consensus, rather than
the bandwidth values in each relay descriptor. This approach opens
the door to more accurate bandwidth estimates once the directory
authorities start doing active measurements. Implements more of
proposal 141.
part of 0.2.1.17-rc
as for when the actual consensus values changed, you should fetch the consensuses from archive.torproject.org and find out. i think we turned it on and off a few times while making it work right.
fabi
i asked because i wanted to know, if i use this feature without knowing it on my private testing tor network
« prev 1 2 next »