logs archiveIRC Archive / Oftc / #tor / 2010 / June / 25 / 1
headcuter
hello! can you tell me, is there a torbutton for chrom/iron?
Sebastian
no, unfortunately there isn't (yet)
Torbutton is a lot of work, and we are happy to have something working for Firefox.
Some people are starting to work on an equivalent for Chromium, but that might well take some more time
headcuter
thank you
hbock
Sebastian: ping!
mikeperry: ping also!
what exactly does it mean when a circuit is DESTROYED?
tor-spec leads me to believe it's because there is an unrecognized relay as a hop
but i'm not exactly sure what "unrecognized" means, does it simply mean it's not in my network status?
repost:
AnAnt
Hello, can I make postfix or mixmaster use tor ?
gouki
AnAnt: update.conf should allow you to configure a proxy.
arma
hbock: could be because one of the relays in the circuit went down. could also be because the extend attempt failed. would have to know more about the context.
gouki
That's either ~/.Mix/update.conf or /etc/update.conf. Or you can use one of the web mail interfaces: https://www.cotse.net/cgi-bin/mixmail.cgi
arma
hbock: all of that said. i wonder if there's a controller bug here. grep DESTROYED *.[ch]
the only case it shows up is in the controller printf
suspicious :)
tor_snprintf(extended_buf+n, sizeof(extended_buf)-n,
" REASON=DESTROYED REMOTE_REASON=%s", reason_str);
what is reason_str when you're seeing it?
         

AnAnt
gouki: thanks, how about postfix ?
deelkar
does it make sense to create a middle node on a fairly well connected host?
or is the current bottleneck the exit nodes?
Runa
deelkar: exit would be great if you're ok with that, but a normal relay is just as good :)
deelkar
sorry, can't risk the machine going down due to overzealous law enforcement
Runa
normal relay it is, then :)
deelkar
can I verify it's working, and listed?
Runa
sure, when the relay is up and running it will be listed on http://torstatus.blutmagie.de/
deelkar
the log seems to indicate everything's ok. So I look forward to seeing my node on the list
Runa
thanks for running a relay! :)
deelkar
(Action) is ashamed he didn't set up one earlier.
s/up one/one up/
Sebastian
deelkar: great, thanks for running a relay
deelkar
hm, doesn't show up yet on http://torstatus.blutmagie.de/ should I be worried?
rocky
deelkar: last time I tried, it took hours to show up on torstatus
Sebastian
no, unfortunately it takes some time
also, torstatus is really slow with updating
the better test is to look into your own cached-consensus file
deelkar: if you're interested, I can tell you a bit more about how Tor distributes relays to clients in a bit?
AnAnt
is there a way to make postfix use tor ?
Sebastian
AnAnt: you will probably not have much luck sending email with Tor
AnAnt
ok, I have this problem, my ISP does not allow connections to port 25
I am using mixmaster
mixmaster in turn uses sendmail (postfix in my case)
and I don't want to send email via SMTP
deelkar
Sebastian: I'm all ears (eyes)
AnAnt
I mean: and I don't want to send email via my SMTP account
rocky
AnAnt: instead of using mixmaster you can send anonymous mails using tor, a browser and a free email account like hushmail
         

AnAnt
I see
Sebastian
deelkar: so, once per hour (roughly at :00) all the directory authorities in Tor come together to vote on their opinion of what the network looks like.
Anthony
yah my exit node blocks smtp
as do most i beleave
Sebastian
To do that, they do active reachability testing of all relays they know about, and exchange lists of all the relays.
Anthony
does http://torstatus.blutmagie.de/ list all tor relays cus mines not listed
deelkar
Sebastian: so basically I came a bit too late to be included in the last round. (went up at 14:03 UTC)
Sebastian
So after that list (called a consensus) is voted and agreed upon, they distribute that list. One hour is assigned to get the list to mirrors, so that not everyone has to hammer the authorities to get their list of nodes.
And the next hour is used for clients to fetch that consensus
so you see, it takes quite some time until your address is distributed
that is unfortunate, and we're working on designs to get relays to clients much quicker
but it's not easy.
deelkar
ah, that's no problem. I was just slightly worried I didn't see mine
Sebastian
so
now torstatus is operated by some people who run their own tor clients
those Tor clients don't necessarily fetch a new consensus once per hour, but rather slower (like all clients do, no need to fetch a new one if the one you have is still ok)
This means there might be a further delay for those sites to list your relay.
deelkar
well, I'll probably see it in my traffic stats when my relay gets picked up...
Sebastian
deelkar: that sounds very likely, yes
Anthony: hm
maybe you run a bridge?
Anthony
nope
Sebastian
when did you start your relay?
Anthony
its a exit node its lsited on the status map from my tor software
4-5 days ago
maybe it needs restarting have playyed with firewall since
hmm
Jun 24 22:55:46.428 [warn] Failing because we have 991 connections already. Please raise your ulimit -n.
Jun 24 23:00:04.721 [warn] DH key must be at least 2.
Jun 24 23:00:04.741 [warn] Rejecting insecure DH key [0]
will look into that when i installed my new printer :P
Sebastian
ah
yeah
how are you running your relay?
Anthony
what do you mean
linux shell
DarkNemesis
(Action) is installing tor on her desktop
Sebastian
Anthony: well, there are many linux flavors
Anthony: depending on which one you have, instructions what to do are different :)
Anthony
cent os from source code
it was working cus
restarted it its ok now
Sebastian
it will stop being ok very soon
you have to raise your ulimit or it will run into the same problem again
Anthony
ok will do
ok done
i forgot centos only had 1024 by default
i reimaged the other week
DarkNemesis
Sebastian, are you in #ubuntu ?
Sebastian
DarkNemesis: no?
msd
hey all
Anthony
hi
msd
so when I start the tor daemon, i become a relay? is that right?
i'm just trying to understand how it works better
Sebastian
msd: it depends on your configuration
the default is to be just a client
msd
i can see some connections in netstat to other hosts. on ports 80, 443. this would mean i'm a relay?
deelkar
not necessarily.
do you have incoming connections on your ORPort?
DarkNemesis
Sebastian, sorry confused you with sebseb
msd
no i'm iptables to only allow incoming port 22
atagar
msd: When you start tor (relay or not) it makes some client circuits on the off chance you want to start using it as a client. If they aren't used then they die away after a while.
msd
ahh that will be it then. So how does it know what ip addresses the relays are?
atagar
the current consensus
msd: if you're looking for something to puzzle out what tor's doing on a connection level, then I'd suggest arm ;)
(shameless plug :P)
msd
what's that?
atagar
http://www.atagar.com/arm/
it's a terminal monitor for tor relays
msd
oo interesting
atagar
and includes netstat output correlated against the consensus to puzzle out what the connections are
so in this case it'd be able to label them as being for client usage
msd
very cool, thanks :)
atagar
np :)
msd
so, another thing...
once you set up the tor dns resolver daemon in torrc, then point your resolv.conf to use it... will that largely ensure that my dns traffic goes via tor?
Sebastian
Pretty much, yeah
unless you have applications that don't honor resolv.conf
rocky
or unless your resolv.conf is overwritten
msd
so a iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 53 would be better
Sebastian
if you block all other udp and make sure all tcp gets redirected to Tor, yes
msd
ok
thanks for your help :) cleared a lot of things up
DarkNemesis
Sebastian, about??
anyone about?
Sebastian
just ask your question
DarkNemesis
i went to check.torproject.org and vidalia says tors runningbut sche.tor says not
so set ny network proxy as local host
still not running
what am i doing wrong?
Sebastian
Are you using Torbutton?
Also, what OS are you on and how did you install
DarkNemesis
ubuntu lucid lynx
and i did it via the guide on help.ubuntu.com
https://help.ubuntu.com/community/Tor
Sebastian
DarkNemesis: hm. I'd recommend to use only our instructions
https://www.torproject.org/docs/debian
DarkNemesis
even though ubuntu is not debian
Sebastian
Ubuntu is pretty much Debian
DarkNemesis
yeah debian like - not debian
Sebastian
if you just go to the website, you'll see that it says "Debian/Ubuntu instructions"
DarkNemesis
i did that anyway
same instructions
Sebastian
not the same instructions
https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/PrivoxyConfig this is the config we recommend
(if you want to use privoxy)
DarkNemesis
what do i do with that? do i put at the top of the file?
Sebastian, ?
Sebastian
you just use that as the config file
DarkNemesis
ahhh thanks hunny
(Action) kisses Sebastian on the cheek
:)
(i'm a woman)
Sebastian
It's cool, I'm not homophobic
kiss all you want
let us know if it works
DarkNemesis
Sebastian, awesome :) i know its a genalisation but imhe most of (some parts of) america are homophobic
glad you aren't
Sebastian
I'm not american. If you want to chat more, I think #nottor is a good place for that :)
murb
hey, but germany is instutuionally homephobic anyway -> #nottor.
DarkNemesis_
haya umm how to avoid useing secure http with tor on lucd
lucid lynx*
?
Sebastian,
atagar
DarkNemesis: Hu? Not following what you're trying to ask... how to avoid ssl sites?
darrob
"useing secure" most likely means "use insecure"
well that doesn't really work either. just a guess.
DarkNemesis
atagar, sorry just seen this i'm using 2 pcs
i dont want to use tor to acsess https and bbc iplayer
i want to add exepetions
i turned tor off
but privoxy give out a 503
atagar
That's... interesting. "How do I make my tor usage as sniffable as possible" isn't a question we get often ;)
DarkNemesis
no i want to have a direct connection from my pc to iplayer without tor or privoxy
i am in the uk i chould have the right to use iplayer
rudi_s
DarkNemesis: I think the simplest thing would be to open another instance of your browser with tor disabled. AFAIK tor doesn't support passthrough of some websites.
DarkNemesis
rudi umm ok, so dont apply it sys wide?
rudi_s
DarkNemesis: Yes, Tor can't do it, so you have to do it in your browser. Thus the simplest solution is to use another (instance of your) browser.
« prev next »