From 8f7c217f8470afc02ea678fd37838b01a6b2423c Mon Sep 17 00:00:00 2001 From: Jacob Appelbaum Date: Fri, 19 Aug 2011 15:23:48 +0200 Subject: copy over sshd config --- packages/torouter-prep/src/torouter_config.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packages/torouter-prep/src/torouter_config.sh b/packages/torouter-prep/src/torouter_config.sh index e27c81e..ddeac3e 100644 --- a/packages/torouter-prep/src/torouter_config.sh +++ b/packages/torouter-prep/src/torouter_config.sh @@ -95,6 +95,9 @@ cp $config_dir/dnsmasq.conf /etc/dnsmasq.conf cp $config_dir/ntp.conf /etc/ntp.conf cp $config_dir/openntpd-default /etc/default/openntpd +# Configure ssh +cp $config_dir/sshd_config /etc/ssh/sshd_config + # XXX We should configure ufw here # XXX We should configure denyhosts -- cgit v1.2.3 From 4903ee8284c0fdaaed29d1fdaf98c76112c17907 Mon Sep 17 00:00:00 2001 From: Jacob Appelbaum Date: Fri, 19 Aug 2011 15:58:05 +0200 Subject: add 0.2.3.x stuff --- packages/torouter-prep/configs/sources.list | 5 +++-- packages/torouter-prep/src/torouter_config.sh | 3 +++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/packages/torouter-prep/configs/sources.list b/packages/torouter-prep/configs/sources.list index 38ba8fe..42bc62b 100644 --- a/packages/torouter-prep/configs/sources.list +++ b/packages/torouter-prep/configs/sources.list @@ -21,8 +21,9 @@ deb http://deb.torproject.org/torproject.org experimental-squeeze main deb-src http://deb.torproject.org/torproject.org experimental-squeeze main # Tor 0.2.3.x package repo -deb http://deb.torproject.org/torproject.org tor-0.2.3.x-squeeze main -deb-src http://deb.torproject.org/torproject.org tor-0.2.3.x-squeeze main +deb http://deb.torproject.org/torproject.org tor-0.2.3.x-stable main +deb-src http://deb.torproject.org/torproject.org tor-0.2.3.x-stable main + # Torouter project repo deb http://torrouter.torproject.org/torrouter torrouter main diff --git a/packages/torouter-prep/src/torouter_config.sh b/packages/torouter-prep/src/torouter_config.sh index ddeac3e..12f7ab3 100644 --- a/packages/torouter-prep/src/torouter_config.sh +++ b/packages/torouter-prep/src/torouter_config.sh @@ -52,6 +52,9 @@ apt-get -y -t squeeze-backports install openntpd # Install Tor and deps: apt-get -y install tor tor-geoipdb +# To build a 0.2.3.x Tor: +# apt-get source tor=0.2.3.1-alpha-1~~squeeze+1 +# Debuild here... # To build with natpmp support apt-get -y -t experimental install libnatpmp-dev -- cgit v1.2.3 From 3fcd1051437b12f3f56bd8d7dc81f58497b9cef5 Mon Sep 17 00:00:00 2001 From: Jacob Appelbaum Date: Fri, 19 Aug 2011 16:05:49 +0200 Subject: make us a public bridge by default --- packages/torouter-prep/configs/torrc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/torouter-prep/configs/torrc b/packages/torouter-prep/configs/torrc index 7a12e73..9ad3a51 100644 --- a/packages/torouter-prep/configs/torrc +++ b/packages/torouter-prep/configs/torrc @@ -80,7 +80,7 @@ DataDirectory /var/lib/tor ## See https://www.torproject.org/docs/tor-doc-relay for details. ### Required: what port to advertise for incoming Tor connections. -ORPort 9001 +ORPort auto ## If you want to listen on a port other than the one advertised ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the ## line below too. You'll need to do ipchains or other port forwarding @@ -151,9 +151,9 @@ Nickname Torouter ## won't be able to block all the bridges. Also, websites won't treat you ## differently because they won't know you're running Tor. If you can # be a real relay, please do; but if not, be a bridge! -ExitPolicy reject *:* -ExitPolicy accept *:* +BridgeRelay 1 +ExitPolicy reject *:* AvoidDiskWrites 1 -- cgit v1.2.3 From 5e40918ade723becb9b3e9e388f05442fd62a4e5 Mon Sep 17 00:00:00 2001 From: Jacob Appelbaum Date: Fri, 19 Aug 2011 16:15:03 +0200 Subject: implement #3481 --- packages/torouter-prep/configs/torrc | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/packages/torouter-prep/configs/torrc b/packages/torouter-prep/configs/torrc index 9ad3a51..29a9526 100644 --- a/packages/torouter-prep/configs/torrc +++ b/packages/torouter-prep/configs/torrc @@ -96,8 +96,8 @@ Nickname Torouter ## Define these to limit how much relayed traffic you will allow. Your ## own traffic is still unthrottled. Note that RelayBandwidthRate must ## be at least 20 KBytes. -#RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps) -#RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB/s (1600Kbps) +RelayBandwidthRate 50KB KBytes +RelayBandwidthBurst 75KB KBytes ## Contact info to be published in the directory, so we can contact you ## if your relay is misconfigured or something else goes wrong. Google @@ -151,7 +151,6 @@ Nickname Torouter ## won't be able to block all the bridges. Also, websites won't treat you ## differently because they won't know you're running Tor. If you can # be a real relay, please do; but if not, be a bridge! - BridgeRelay 1 ExitPolicy reject *:* -- cgit v1.2.3