Tor Relay Guide

As I couldn't find any guide on how to setup a tor relay on OpenWrt, maybe because it's too simple, I decided to write it myself.

Why would you want to contribute to the tor project?

Why a relay? Because non-exit relays:

usually do not receive abuse complaints. All relays will be listed in the public list of Tor relays, so may be blocked by certain services that don't understand how Tor works or deliberately want to censor Tor users

Ready? Let's go.

  1. Install the tor package just like you ususally install software, e.g. using LuCI or:
root@router:~# opkg update; opkg install tor
  1. Edit /etc/tor/torrc. You need to uncomment/modify these lines:
SOCKSPort 0 # run Tor only as a relay
Log notice syslog
DataDirectory /var/lib/tor
ORPort 9001 IPv4Only
Nickname writeyournicknamehere
ContactInfo <youremailaddress>
ExitRelay 0
User tor
  1. You may want to uncomment and modify these lines as well:
#RelayBandwidthRate 100 KBytes  # Throttle traffic to 100KB/s (800Kbps)
#RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb)
  1. Forward the ORPort you specified in torrc (9001 in this example). The easiest way to do this is in LuCI menu Network / Firewall / Port Forwards.

  2. Restart service:

root@router:~# /etc/init.d/tor restart

You can now check the correct execution of the tor relay with

root@router:~# logread -e Tor

If you start getting:

Thu Nov  3 09:29:04 2022 daemon.warn Tor[3742]: Failing because we have 4063 connections already. Please read doc/TUNING for guidance.

messages in your syslog then you might want to raise the limit for the number of open files. You can do that in the start script /etc/init.d/tor by adding procd_set_param limits nofile. Like this e.g.:

procd_set_param command /usr/sbin/tor --runasdaemon 0
procd_append_param command -f "$TORRC_GEN"
procd_set_param respawn
procd_set_param limits nofile="8192 8192"

One more tweak.

After a reboot the keys are lost because they were in tmp space. Tor will automatically create new ones but it takes a few weeks before the relay is running at full throttle again.

Therefore it's better to save and restore them. Save them once e.g. like this:

root@router:~# mkdir /root/tor
root@router:~# cp -rp /var/lib/tor/keys/ /root/tor

Restore them automatically every reboot adding:

cp -rp /root/tor/keys /var/lib/tor

to the start_service() function in /etc/init.d/tor, e.g.:

start_service() {
	mkdir -m 0700 -p /var/lib/tor
	cp -rp /root/tor/keys /var/lib/tor
	chown -R tor:tor /var/lib/tor

Now your relay will resume smoothly after a reboot :ok_hand:.