Bridges with no DirPort failing?

Roger Dingledine arma at mit.edu
Wed Feb 9 12:35:58 UTC 2011


On Tue, Feb 08, 2011 at 02:38:28PM -0800, Robert Ransom wrote:
> > I am having issues connecting to one of my own Bridges that is only
> > listening on ORPort.
> > 
> > However when I add DirPort 9030, I am able to successfully connect to
> > the Bridge!
> > 
> > My Tor client and the 'failing Bridge' configuration:
> > 
> > Bridge config:
> > ==============
> > log debug file /usr/local/var/log/tor/debug-2.log
> > RunAsDaemon 1
> > DataDirectory /usr/local/var/lib/tor-2
> > SocksPort 0
> > ORPort	993
> > ORListenAddress 50.7.249.43:993
> > Nickname 25bahman002
> > Address 50.7.249.43
> > RelayBandwidthRate 1000 KB  # Throttle traffic to 100KB/s (800Kbps)
> > RelayBandwidthBurst 5000 KB # But allow bursts up to 200KB/s (1600Kbps)
> > ContactInfo 4096R/0B47D56D SiNA <sina AT anarchy dot cx>
> > MyFamily 25bahman001,25bahman002,25bahman003
> 
> This is a published relay (and an exit node), not a bridge (a bridge
> needs "BridgeRelay 1"

Ah ha! Yes, good catch. I believe that's the answer here.

> and should have "ExitPolicy reject *;*" in its torrc).

Yep. As of Tor 0.2.2.6-alpha the default exit policy for a bridge is
reject *:*. But before 0.2.2.6-alpha, it looks like you will need to
set your exitpolicy to reject *:* explicitly.

> As I understand it, Tor bridges handle BEGIN_DIR requests, Tor clients
> that are configured to use bridges request directory information from
> their bridges using BEGIN_DIR requests, and non-bridge Tor relays with
> no DirPort configured may or may not handle BEGIN_DIR requests.  That
> may be the issue with your configuration.

Correct.

--Roger



More information about the tor-dev mailing list