Problems Continue while trying to set up a TOR Private Relay

Jacob Appelbaum jacob at appelbaum.net
Tue Jul 6 07:49:43 UTC 2010 

On 07/05/2010 09:19 PM, Scott Bennett wrote:
>      On Mon, 5 Jul 2010 17:44:18 -0400 Andrew Lewman <andrew at torproject.org>
> wrote:
>> On Mon, 5 Jul 2010 13:04:38 -0700
>> Jim Julian <j.a.julian at gmail.com> wrote:
>>
>>> This is an update of a message sent July 4th.  A quick quote from the
>>> original message:
>>
>> Since you're all Mac, it's easy.  Enable UPNP on the Airport. Tell
>> Vidalia to auto-configure it.  All your port forwarding and such is
>> done. 
>>
>> Your Mac has its own firewall that needs to allow tor and
>> vidalia to talk on various ports (9001, 9030).  When you start up
>> Vidalia, Finder will prompt you for "Do you want to allow connections
>> to tor?" Click yes.  It may ask you again for Vidalia. Click yes.
>>
>> In theory, that's it.  I just setup the same scenario on my testing Mac
>> and it worked just like that.
>>
>      Really?  Is Vidalia really able to a) determine the public IP address
> of the router, then b) configure correctly the Address and ORListenAddress
> statements in torrc, then c) add an RDR to the router's configuration to
> forward packets addressed to the ORPort at the public IP address on to
> 10.0.1.3:9001?  And likewise for DirPort and DirListenAddress?  If so,
> that's terrific!  If not, then the OP needs to go back and read the tor
> man page, paying special attention to the Address, ORPort, ORListenAddress,
> DirPort, and DirListenAddress statement descriptions, as well as reading
> up on how to configure RDRs on his router.
>      On another note, I don't have any real exposure to Mac OS X, so if
> someone could tell me which packet filter (e.g., ipf, ipfw, pf) underlies
> the fancy firewall GUI stuff in OS X, I'd be grateful.
> 

Yes, in many cases, Vidalia can do this - in this case, Vidalia will
probably not be able to do much.

The rub is that the AirPort supports Nat-PMP and not UPnP; we're working
on adding support to tor-fw-helper (not yet released, the source in git)
to take care of this specific network setup. Once we've got a
tor-fw-helper that does both UPnP and NAT-PMP, we're going to be able to
handle this and many other network types.

All the best,
Jacob

More information about the tor-relays mailing list