logs archiveIRC Archive / Oftc / #tor / 2010 / May / 2 / 1
BarkerJr
will the Address directive force binding to that ip?
Sebastian
it should, yeah
BarkerJr
seems that it doesn't on HUP
bug?
Sebastian
file one, please
will try to fix in a few days
BarkerJr
k
there's no 0.2.2.13 in trac
Sebastian
I guess that's true
no clue how to make one
BarkerJr
ok, well it seems that Address doesn't define the listen port
I guess I'll set DirListenAddress
May 01 21:33:59.805 [notice] Closing no-longer-configured Directory listener on 0.0.0.0:9030
May 01 21:33:59.805 [notice] Opening Directory listener on 92.243.8.139:9030
May 01 21:33:59.805 [warn] Could not bind to 92.243.8.139:9030: Address already in use. Is Tor already running?
that's pretty
nsa
or: [Tor Bug Tracker] #1380 filed by BarkerJr: #1380: Adding DirListenAddress Abends Tor on HUP - http://trac.torproject.org/projects/tor/ticket/1380
or: 0.2.2.13
or: Scenario:
or: Tor is currently listening for directory requests at 0.0.0.0:9030. Add
or: DirListenAddress to specify that it should use <specific ip>:9030 to bind[...]
or: [Tor Bug Tracker] #1381 filed by BarkerJr: #1381: Address Directive not used for Binding - http://trac.torproject.org/projects/tor/ticket/1381
or: 0.2.2.13
or: Setting the Address directive in torrc does not force listen ports
or: (ORPort, DirPort, etc.) to bind to it.
Sebastian
helix: How would one add a new version?
BarkerJr: hm
I guess 1381 is not a bug
         

BarkerJr
it's not expected behaviour, hence a bug
if both you and I think it should and there's no spec to say otherwise I mean
Sebastian
I misunderstood what you said above
and I think the documentation in the manpage is quite clear
I guess we can still make it better
BarkerJr
maybe the real bug is that tor listens at 0.0.0.0 anyway, right?
Sebastian
no
that's expected
BarkerJr
why?
it does no good
Sebastian
when there are two interfaces, which one should it bind to?
BarkerJr
tor listens at 0.0.0.0, but only accepts connections to the address that it resolves to anyway
so bind to whatever the system claims its hostname to be
Sebastian
that's not true
BarkerJr
a.k.a. Address
a few months ago, I changed my server's ip and forgot to update the DNS for the server name. tor bound to 0.0.0.0 but it went ahead and did its self-test to the old ip address and failed
if we are going to bind to 0.0.0.0, then we should test all available IPs
Sebastian
what you describe can happen
but it has nothing to do with Tor refusing connections
BarkerJr
maybe "refuse" was too strong of a word... but if it will only test/publish the primary ip, then connections from other relays will only go to that primary ip, so we should bind to it
so then what does binding to 0.0.0.0 instead of Address buy us?
Sebastian
it bought the authority operators the ability to move to new, unblocked IPs, while still allowing clients to use the old one
it also means that Tor can bind, drop privileges, and only later learn what port to advertise to others
BarkerJr
that will be resolved with bug #918
Sebastian
only if we keep a root process around
BarkerJr
we just need to use libcap to retain bind privs after we drop the rest
Sebastian
"just"
BarkerJr
I spent several hours a few weeks ago trying to get libcap working and gave up :)
nsa
or: [Tor Bug Tracker] #1381 was updated: #1381: Address Directive not used for Binding - http://trac.torproject.org/projects/tor/ticket/1381#comment:1
or: Comment(by Sebastian):
or: Suggested documentation fix in branch bug1381 in my repo. I believe the
or: functionality is working as intended.
BarkerJr
is 1206 ok?
nsa
or: sebastian committed revision 22260 (/projects/todo): mention the new bug1381 branch
         

Sebastian
"ok"?
BarkerJr
does arma's comment resolve it? it did for me
Sebastian
no, we still want to change it so that it makes more sense
BarkerJr
k
I keep a spreadsheet of bugs I care about and my prioritisation
diddy
I am using the instructions for setting up Tor from the repos on Ubuntu 10.04 and I am getting this error message when trying to fetch the public key: http://pastebin.com/3Rbxw4N1
Sebastian
diddy: yeah, the file is group writable and readbale
diddy
Sebastian, I changed it with: chmod 600 ~/.gnupg/gpg.conf
Sebastian, but I am getting the same error.
Sebastian
you need to chmod the .gnupg dir, too
diddy
ahh
ok
now it worked, thx
Sebastian
Where did you get the instructions from, and did they fail to mention permissions?
diddy
oh damn, there is no package yet for Ubuntu 10.04
W: Failed to fetch http://deb.torproject.org/torproject.org/dists/lucid/main/binary-amd64/Packages.gz 404 Not Found [IP: 194.8.197.22 80]
Sebastian
karmic should work
diddy
https://www.torproject.org/docs/debian.html.en
Sebastian, but can I use the Karmic in apt/sources.list ?
Sebastian
yeah
that's what I mean
hm, did Ubuntu create a ~/.gnupg/ dir for you?
With the wrong permissions?
Or did you create that yourself?
diddy
I didn't create it.
Anyway. I installed polipo.
Sebastian
sounds like an Ubuntu bug, then
diddy
And Torbutton but I can not connect via Firefox, even though I am using the Polipo config file of the Tor developers: https://svn.torproject.org/svn/torbrowser/trunk/build-scripts/config/polipo.conf
Sebastian
Maybe you didn't uninstall privoxy?
diddy
I restarted polipo. But nothing
I did.
Sebastian
is it running? And is Tor running?
diddy
I uninstalled privoxy with purge option
yes
Sebastian, my bad
Sebastian, did not start Tor again after changing the sources.list
working now. thank you for your help
Sebastian
ok :)
William
Hi to all, could you recomend me minimal parameters of a VPS/VDS server for starting a tor-exit node?
Lunar^
many many tcp sockets
Sebastian
it is really hard to say
the more bandwidth you have the more cpu and ram you'll need
William
I lost my ssh-access to my exit-node but I see in Tor-status that it works. So perhaps it was not banned by my vds provider. I send them an request but I am affraid that they are asleep now because it is night in Europe
BarkerJr
do they have some console you can use?
keb
its quite important to have good legal parameters
such as DMCA immunity
William
I think it need to me to buy another tariff plan because I have anlimited bandwidth but only 128M RAM
BarkerJr yes they have but I have no access to it too
BarkerJr
:/
William
I am a novice in using remote servers :-) Because it I buyed the most low-cost for tranning
keb
you could start with low bandwdith until you figure out how to control stuff
it is safer that way so you do not go over the limits and get charged lots of $$$
(Action) is not making sense
BarkerJr
yes
William
Having unlimited bandwidth I set in torrc 200 KBytes but I have only 128 MB RAM - do I shoot from the hip ?
What do you think - 500 Mgz are little or enough ?
keb
128MB RAM is barely enough to run anything these days
BarkerJr
resource usage is rather guess work
I have a 50KB relay that uses 13MB ram
keb
nice
kmacy_
ioerror: ping
xtoaster
(Action) greets the channel
arma: nice post! the first public strike on the BTers over tor :-D
BarkerJr
be nice. support net neutrality
xtoaster
ok. i revise my words: strike ---> frustration.
intrigeri
https://amnesia.boum.org/news/version_0.5/
koryk_
everyone else got their gsoc intro email out before me - way to make me look bad hbock_, kjbbb, susurrusus :-p
xtoaster
arma: btw i think separating the streams from different application is not a problem, if the user set multiple socks listening port. tor can identify the program by identifying the ports ?
nsa
or: [Tor Bug Tracker] #1382 filed by anonymous: #1382: Resize to a multiple of 50px can't be turned off and seems to make browser fingerprinting possible - http://trac.torproject.org/projects/tor/ticket/1382
or: http://panopticlick.eff.org/ gives a quick overview over information that
or: can be used to identify your browser pretty easy if some of your settings
or: are quite unique. Unfortunately, the only thing that makes my browser
or: unique seems to be the window size.
or: With tor deactivated it says "one of 27" browsers has the resolution[...]
keb
best to turn off javascript and if you really want privacy
xtoaster
? you
d-b_
.
keb
Ü
xtoaster did you see one of the comments mentioned (ab)using random chinese computers to front your bittorrent activities and then abandon them
(Action) hides in #nottor
xtoaster
stupid chrome. not crashing the browser but system :-/
William_Conqueror
Oh, my node is really work! But I have no restored my remote control over it...
I sent a request to the support of my hosting provider but they are probably drunked ...
nsa
or: [Tor Bug Tracker] #1383 filed by dashti011@&: #1383: flash and fl file - http://trac.torproject.org/projects/tor/ticket/1383
or: hi
or: when opened a site that have flv movie,don't show and write install flash
or: player,however install flash player but don't work
or: [Tor Bug Tracker] #1383 was updated: #1383: flash and fl file - http://trac.torproject.org/projects/tor/ticket/1383#comment:1
or: Changes (by Sebastian):
or: * status: new => closed
or: * resolution: => invalid
or: * component: Android (Orbot)-Backend / Core => Torbutton-Backend / Core[...]
roconnor
if multiple of the same options are given in a torrc file, which ones get priority?
Sebastian
depends. What option do you want to give multiple times?
roconnor
DataDirectory or User
to be more clear I'm writing a tor service for NixOS and I let the user tweek the default configuration by appending their configuration to the default torrc file
or I could prepend their configuration
or I could do more complicated things
Sebastian
Why don't you just allow them to edit the config
roconnor
I could let them replace the config, but then they won't get updates to the default config.
Sebastian
So most of the time, an option that is given twice means that Tor will pick the one that is specified last. But I think this is neither guaranteed nor documented.
I think most packagers do this by shipping the config.sample file
Another thought is that you probably don't even need a pre-populated config file
roconnor
well I'm adding DataDirectory and User at the moment
Sebastian
you could pass these via configure
roconnor
possibly, but the service specification is separate from the build specification
I don't really want to tangle them
someone might want to install the tor software but not use it as a system service
granted that would be a bit strange
Sebastian
They could still override everything via config
But sure
Tor doesn't support split config files
So you'd need to let people edit the config file somehow
roconnor
sure
users can modify the config file
by appending to it :)
Sebastian
ok
roconnor
hmm
Sebastian
so appending is what you want to do, if you only specify User and DataDirectory.
roconnor
let me check how we do it with cupsdConf
Sebastian
I think parsing the config from top to bottom is just an implementation detail, though. I tried finding some place where we document that it is sane to rely on that behaviour
roconnor
I guess some options are not overridden but appended, such as SocksAddress ?
Sebastian
indeed
and others, such as ExitPolicy, are supposed to be specified numerous times
and have a well-defined meaning
roconnor
good
nsa
or: [Tor Bug Tracker] #1384 filed by Sebastian: #1384: Document what happens if options are defined more than once - http://trac.torproject.org/projects/tor/ticket/1384
or: Currently, we're allowing users to set some options like DataDirectory or
or: User as often as they want. I've looked around, but we don't tell anyone
or: what will happen in that case - currently, the option that is defined
or: later will win, and command-line options win over torrc options.
or: [...]
Sebastian
Feel free to subscribe to get updates
roconnor
handy
Sebastian
helix: How can I disable email notifications for bugs I'm watching/that I just created? I get all that stuff twice now that I get all bug email ;)
roconnor
added to my agregator
how much is polipo recommended over privoxy
privoxy is already packaged for nixos and I've used privoxy with tor before
« prev 1 2 3 next »