TOR relay problem

I am having an issue where I start up my TOR relay and it seems to have other relays connect to it but over time these connections seem to wither away.
Also it has been several hours and there is no evidence of my TOR relay on the metrics.torproject.org page.
If anyone can suggest how to troubleshoot my problem I would be grateful of the advice.
The article on the ipfire wiki page for TOR relays is a little out of date I think as I have options on my screen that are not on the wiki screenshots.
This is my first post so please be gentle :blush:

First sign of madness is talking to myself, but here goes :grinning:


I am showing my setup screen and the tor section from my iptables entries. I know nothing about iptables stuff, can anyone see anything silly that I’ve done?..or not done? :laughing:

I notice when I do an online portscan on my Tor port (9001) it times out. I am guessing that I have a firewall related issue but unfortunately I just don’t understand the external access tutorial on the ipfire wiki
https://wiki.ipfire.org/configuration/firewall/rules/external-access

“In the first section, you have to define the source network or IP address from where the network packets will be sent. If possible, restrict access to a single host or a group of hosts, rather than allowing any host on the internet to connect.”

How do I define “any host on the internet”?, because that’s what I think I want!
What is the source?
What is the destination?
Tor is on the ipfire machine so I’m not forwarding a port using nat am I?

This is so much more complicated and confusing than using UFW on a normal distro :roll_eyes:

Hi Derek - This is how I opened an external port in the firewall for my DVR.

Maybe it will help you.

Hi Jon,

Thanks for the link, I had looked at that before posting on the forum.

I think I would manage to forward ports using NAT to another machine on my network but the thing that I can’t get my head around is that TOR is running on the same machine as IpFire which is solely for firewall duties.
I want to open a port on the IpFire machine, not forward it on for another machine on my network to use.
I bet there will be a few people facepalming at my stupidity :blush: