View previous topic :: View next topic |
Author |
Message |
resill n00b
Joined: 18 Feb 2018 Posts: 31
|
Posted: Sun Feb 18, 2018 5:38 pm Post subject: Tor relay stuck at "Bootstrapped 0%: Starting" |
|
|
Hi all,
Gentoo newbie here. I just compiled the latest Tor 0.3.1.7 (vanilla, no special use flags or keywords) on my Raspberry Pi and for some reason it's stuck at "Bootstrapped 0%: Starting" until forever. My torrc:
Code: |
#
# Minimal torrc so tor will work out of the box
#
User tor
PIDFile /var/run/tor/tor.pid
Log notice syslog
DataDirectory /var/lib/tor/data
#
# My config
#
SocksPort 0
RunAsDaemon
ORPort 9001
Nickname NICKNAME
ContactInfo CONTACT
DirPort 9030
ExitPolicy reject *:*
DisableDebuggerAttachment 0
ControlPort 9051
CookieAuthentication 1
|
Nickname and ContactInfo obviously redacted, but here's the syslog excerpt when starting the tor service:
Code: |
Feb 18 18:23:19 localhost Tor[12017]: Not disabling debugger attaching for unprivileged users.
Feb 18 18:23:19 localhost Tor[12017]: Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Feb 18 18:23:20 localhost Tor[12017]: Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Feb 18 18:23:21 localhost Tor[12017]: Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now.
Feb 18 18:23:28 localhost Tor[12017]: Your Tor server's identity key fingerprint is '<NICKNAME> <FINGERPRINT>'
Feb 18 18:23:28 localhost Tor[12017]: Bootstrapped 0%: Starting
|
Identity line also obviously redacted but the log literally stops there - no further messages trying to finish bootstrapping. I tried compiling newer versions and it also didn't make a difference. My Pi is behind a NAT router and I forwarded the OR and Dir ports to my Pi in the firewall config of my router, and then I opened the ports using ufw on the Pi itself. I can even nmap the ports using my phone over 4G and verify that they're open, but for some reason my Pi doesn't finish bootstrapping. I'm at a loss here and I was hoping any one of you guys have any idea what's going on?
Cheers. |
|
Back to top |
|
|
resill n00b
Joined: 18 Feb 2018 Posts: 31
|
Posted: Tue Feb 20, 2018 6:08 pm Post subject: |
|
|
It seems I needed to set the Address option and run a local DNS resolver (I chose Unbound) in order for Tor to resolve my hostname, which apparently was necessary for bootstrapping. Bootstrapping is still stuck at 80%, claiming it can't connect to any hosts. Here's an excerpt from the log:
Code: |
[...]
Feb 20 18:40:24 localhost Tor[19282]: Bootstrapped 0%: Starting
Feb 20 18:40:40 localhost Tor[19282]: Starting with guard context "default"
Feb 20 18:40:41 localhost Tor[19282]: Bootstrapped 80%: Connecting to the Tor network
Feb 20 18:40:50 localhost Tor[19282]: Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Connection refused; CONNECTREFUSED; count 10; recommendation warn; host <FINGERPRINT> at <IPADDRESS>:9001)
Feb 20 18:40:50 localhost Tor[19282]: 9 connections have failed:
Feb 20 18:40:50 localhost Tor[19282]: 9 connections died in state connect()ing with SSL state (No SSL object)
Feb 20 18:40:51 localhost Tor[19282]: Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Connection refused; CONNECTREFUSED; count 11; recommendation warn; host <FINGERPRINT> at <IPADDRESS>:443)
Feb 20 18:40:51 localhost Tor[19282]: 10 connections have failed:
Feb 20 18:40:51 localhost Tor[19282]: 10 connections died in state connect()ing with SSL state (No SSL object)
[...]
|
Obviously I redacted the fingerprints and IP addresses, but I still can't wrap my head around the SSL issues I'm getting. The log errors above can go on indefinitely until I stop Tor.
This is my current torrc:
Code: |
#
# Minimal torrc so tor will work out of the box
#
User tor
PIDFile /var/run/tor/tor.pid
Log notice syslog
#Log info syslog
DataDirectory /var/lib/tor/data
#
# My config
#
SocksPort 0
ORPort 7347
Nickname REDACTED
ContactInfo REDACTED
ExitPolicy reject *:*
ControlPort 9051
CookieAuthentication 1
|
Nickname and ContactInfo fields obviously redacted. As you can see I now opened a random port for ORPort, hoping it would make a difference, also without success. Going back to the error messages above I tried nmap'ing a few of these addresses and their ports, as can be seen in the log, to see if these ports were open. Curious enough they were closed when scanning from my Pi, yet when scanning using my phone over 4G I noticed they were in fact open. I'm now suspecting my ISP does some filtering/censoring and I'm currently trying to work around it. It seems my Pi can connect using Tor bridges as a client, but it appears it is not possible to configure my Tor daemon to connect to other Tor bridges, while simultaneously be configured as a relay, or even a bridge. Or perhaps I'm wrong, and maybe one of you guys have a suggestion?
Cheers, and apologies for the lengthy post. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|