From the debug log: Sep 05 23:55:10.000 [warn] The IPv4 ORPort address 127.0.0.1 does not match the descriptor address <my-public-ip>. If you have a static public IPv4 address, use 'Address <IPv4>' and 'OutboundBindAddress <IPv4>'. If you are behind a NAT, use two ORPort lines: 'ORPort <PublicPort> NoListen' and 'ORPort <InternalPort> NoAdvertise'.
Also from the torrc: ServerTransportListenAddr webtunnel 127.0.0.1:15000
From notices.log
Sep 05 23:55:04.787 [notice] Opened OR listener connection (ready) on 127.0.0.1:45671
Sep 05 23:55:04.787 [notice] Opening Extended OR listener on 127.0.0.1:0
Sep 05 23:55:04.787 [notice] Extended OR listener listening on port 45503.
Sep 05 23:55:04.787 [notice] Opened Extended OR listener connection (ready) on 127.0.0.1:45503
@arma on IRC pointed out that:“if you’re using the tor deb to run your webtunnel, you need to edit tor’s apparmor file to let it launch your webtunnel.”
If you run dmesg, you’ll see some lines like this:
Find the section where file permissions are defined and add an entry allowing tor to execute webtunnel binary ( /usr/local/bin/webtunnel). It might look something like this: