Chuck wrote:
> On Monday 22 October 2007, Martin Fick wrote:
>> --- Chuck <chuck@sbbsnet.net> wrote:
>>> has anyone been successful in installing tor in a
>>> vserver environment?
>>> the various programs such as inspectsocks complain
>>> of 'socks server' connection refusal.
>>
>
> pass through server for the tor network.
>
>> I am running it on debian and I did manually edit the
>> torrc to set a line like this to my vserver IP:
>>
>> SocksListenAddress 192.168.0.1:9100 # listen on this
>> IP:port also
>>
I'm running a tor node in a vserver behind a NAT router.
If you're running a tor server, and not using it as a client to route
local traffic through tor, you don't need the socks stuff.
Set SocksPort to 0 in your torrc to disable it.
This is all that's in the torrc of my debian-based tor 0.1.2.17 vserver:
SocksPort 0
Nickname elc
Address el-c.xs4all.nl
BandwidthRate 50 KB
BandwidthBurst 50 KB
ContactInfo tor-admin@el-c.xs4all.nl
ORPort 9001
#DirPort 9030 # I disabled this because of my limited bandwidth
ExitPolicy reject *:*
If you want to run an exit node, you'll have to use a different exit policy.
Because of the NAT, you'll have to forward incoming traffic on ORPort
(and optionally DirPort) to your tor vserver.
In your firewall settings, you'll have to allow the tor process to make
outgoing connections, because it connects to the other tor nodes and it
performs DNS lookups. Don't be restrictive in your firewall rules,
because the network breaks down if your tor node can't connect to all
other tor nodes (who can be listening on any port).
If you want to enable your SocksPort and ControlPort, only allow
connections from trusted locations (localhost, or maybe lan). Also make
sure to setup authentication for the ControlPort if you enable it.
Received on Wed Oct 24 00:02:31 2007