[tor-relays] Manual Relay Guide for OS X
Zachary Alberico
fossuser at gmail.com
Sat Apr 4 23:36:26 UTC 2015
I ended up putting it up on stack exchange since it'll probably be
helpful there anyway.
http://tor.stackexchange.com/questions/6567/how-do-i-manually-setup-a-relay-on-os-x
Thanks,
Zach
On Fri, Apr 3, 2015 at 8:47 PM, Zachary Alberico <fossuser at gmail.com> wrote:
> Hi Tor-Relays,
>
> I wrote the following documentation after figuring out how to get my
> Tor relay working with a manual install. The goal is to give easy to
> follow and concise instructions that explain just enough to understand
> what you're doing.
>
> I'm trying to find out the best way to make this available - would it
> be possible to add it to the externally facing documentation? I'd
> also really appreciate it if someone looks it over and sees if I made
> any typos/forgot something.
>
> I can help with whatever needs to be done.
>
> Thanks,
> Zach
>
> ###
> Manually configuring a Tor Relay on OS X (Yosemite, Tor 0.2.5.11)
>
> This guide walks you through the process of configuring your very own
> tor relay explaining each step along the way.
>
> First install homebrew which will allow us to install the most recent
> version of Tor (http://brew.sh)
> The following command pasted into a terminal will download and install homebrew.
> {code}
> ruby -e "$(curl -fsSL
> https://raw.githubusercontent.com/Homebrew/install/master/install)"
> {code}
>
> Once that completes we'll use homebrew to install tor with the
> following command.
> {code}
> brew install tor
> {code}
>
> At this point tor should be installed and the homebrew command should
> have printed the following:
> {quote}
> You will find a sample `torrc` file in /usr/local/etc/tor.
> It is advisable to edit the sample `torrc` to suit your own security needs:
> https://www.torproject.org/docs/faq#torrc
> After editing the `torrc` you need to restart tor.
>
> To have launchd start tor at login:
> ln -svn /usr/local/opt/tor/*.plist ~/Library/LaunchAgents
> Then to load tor now:
> launchctl load ~/Library/LaunchAgents/homebrew.mxcl.tor.plist
> {quote}
>
> Notice that it mentions the location of the torrc file (we're going to
> edit that next). It also explains how to have tor run at startup and
> how to start it now. Before we go ahead and run those commands let's
> create the location logging is supposed to go since for some reason it
> doesn't already exist.
> These commands are creating directories.
> {code}
> mkdir /usr/local/Cellar/tor/0.2.5.11/var
> mkdir /usr/local/Cellar/tor/0.2.5.11/var/log
> mkdir /usr/local/Cellar/tor/0.2.5.11/var/log/tor
> {code}
>
> Similarly create the following for the DataDirectory if it doesn't
> already exist.
> {code}
> mkdir /usr/local/Cellar/tor/0.2.5.11/var/lib
> mkdir /usr/local/Cellar/tor/0.2.5.11/var/lib/tor
> {code}
>
> Next let's edit the torrc.sample file and save it as torrc.
> To open its location in a finder window use the following command:
> {code}
> open /usr/local/etc/tor
> {code}
> Then open the torrc.sample file in your chosen editor (text edit works fine).
>
> Read through the file and try to understand what each of the options
> are, at a minimum we're going to want to uncomment and use the
> following options.
> {code}
> #Sets the logging location
> Log notice file /usr/local/Cellar/tor/0.2.5.11/var/log/tor/notices.log
>
> #Sets the DataDirectory
> DataDirectory /usr/local/Cellar/tor/0.2.5.11/var/lib/tor
>
> #If you're only configuring this as a relay
> SocksPort 0
>
> #Your main ORPort
> ORPort 9001
>
> #Name of your relay
> Nickname supercoolrelay
>
> #Bandwidth limits
> RelayBandwidthRate 5000 KB
> RelayBandwidthBurst 10000 KB
>
> #Way for the tor project to conact you
> ContactInfo Random Person <a special email you should make just for
> this>@gmail.com
>
> #What port to advertise for directory connections
> DirPort 9030
>
> #If you don't want to run an exit (if you're able to run an exit
> please use the file default!)
> ExitPolicy reject *:* # no exits allowed
> {code}
>
> Once you've uncommented/edited those lines save the file as torrc and exit.
>
> Now it's time for an oversimplified and possibly inaccurate lesson
> about Networking.
> You are probably sitting at a home network at a computer connected
> wirelessly or wired to a router which is connected to a modem which is
> connecting you to the outside Internet.
>
> Your entire network connection has one IPv4 address facing the outside
> world. Your router then uses NAT which stands for Network Address
> Translation to remap traffic to the unique IP addresses you have per
> device on your local intranet. When we configure 'port forwarding'
> we're telling your router to take the ports we need on your computer's
> local IP behind the router and forward them to the ports exposed to
> the real internet as part of this NAT process. In this case this
> allows the tor relay we've configured to receive incoming connections
> on the port we've specified. Unfortunately this process is different
> for every router, but in order to provide an example I'll show what
> the changes look like for an Apple Airport Extreme and hopefully
> you'll be able to translate them to your own router's settings. First
> though we need to know your computer's local IP.
>
> Open System Preferences
> Click Network
> Click Advanced
> Click TCP/IP
> In this window you should see "IPv4 Address: XX.X.X.X"
>
> That's the address we need.
>
> Next open Airport Utilty (this is to configure port forwarding on an
> Apple Airport Extreme router)
> Click on the Airport Extreme
> Click Edit on the tooltip that pops up
> Click Network
> Notice the Port Settings Box, Click +
> Add the following settings:
> Description: Tor Ports
> Public UDP Ports: 9001, 9030
> Public TCP Ports: 9001, 9030
> Private IP Address: XX.X.X.X (this is the IP we found in Network)
> Priave UDP Ports: 9001, 9030
> Public TCP Ports: 9001, 9030
> Click Save
> Click Update (note the router will reboot)
>
> Note: This example shows the default ports we configured in our torrc,
> if you need to or decide to use different ports you'd have to
> configure the forwarding differently. I think only the TCP settings
> matter here, but I ended up setting both while trying to get this to
> work.
>
> Now we can set tor to launch on startup as well as start it right now
> with these two commands.
> {code}
> ln -svn /usr/local/opt/tor/*.plist ~/Library/LaunchAgents
> launchctl load ~/Library/LaunchAgents/homebrew.mxcl.tor.plist
> {code}
>
> Note: If you make changes to torrc in the future you need to restart
> tor. You can restart tor with the following command.
> {code}
> pkill -sighup tor
> {code}
>
> Now let's check out the logs and verify things are working. This
> command will show the end of the log and any new lines as they appear.
> {code}
> tail -f /usr/local/Cellar/tor/0.2.5.11/var/log/tor/notices.log
> {code}
>
> In a few mintues you should see the following lines if things are working:
> 19:29:38 [NOTICE] Self-testing indicates your ORPort is reachable from
> the outside. Excellent. Publishing server descriptor.
> 19:29:36 [NOTICE] Self-testing indicates your DirPort is reachable
> from the outside. Excellent.
>
> If you see something like the following it's irrelevant:
> Apr 02 22:33:02.000 [notice] Have tried resolving or connecting to
> address '[scrubbed]' at 3 different places. Giving up.
>
> And if you see this it's not working (the X's here represent your
> public internet facing IPv4):
> Apr 03 17:10:41.000 [warn] Your server (XX.XXX.XXX.XXX:9001) has not
> managed to confirm that its ORPort is reachable. Please check your
> firewalls, ports, address, /etc/hosts file, etc.
> Apr 03 17:10:41.000 [warn] Your server (XX.XXX.XXX.XXX:9030) has not
> managed to confirm that its DirPort is reachable. Please check your
> firewalls, ports, address, /etc/hosts file, etc.
>
> If you're still having trouble try hopping on IRC.
> ###
More information about the tor-relays
mailing list