I started Webtunnel on my VPS according to this article and it works.
But if you look at the log using the docker logs -f webtunnelBridge command, there are a large number of messages:
Dec 01 09:34:23.000 [warn] Your server has not managed to confirm reachability for its ORPort(s) at xxx.xxx.xxx.xxx:4yyyy. Relays do not publish descriptors until their ORPort and DirPort are reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.
But I checked this port using this service and also from my local PC and it is available:
$ nc -zv xxx.xxx.xxx.xxx 4yyyy
Connection to xxx.xxx.xxx.xxx port 4yyyy [tcp/*] succeeded!
I don’t understand, is there a problem, or is everything okay?
Yes, this is an odd behavior. But I guess everything is fine, when the webtunnelbridge works for you.
My explanation for this is the following:
Inside the docker container tor assumes it has no direct internet connectivity, which is correct.
The tor daemon inside the container listens on 0.0.0.0 which is in this case something like 172.18.0.2.
Basically all behaves like behind a NAT. Docker forwards and exposes the ORPort on 0.0.0.0 of the docker host. Without additional configuration in the torrc for dealing with NAT and port-forwarding this warnings are normal.
Odd thing is, the ORPort is exposed, but it should not be reachable at all. Following the instructions without Docker the tor daemon is bound to 127.0.0.1 and also “AssumeReachable 1” is set in torrc, which is totally missing in the Docker case.
Dec 02 03:55:05.000 [notice] Heartbeat: Tor's uptime is 12:00 hours, with 6 circuits open. I've sent 35.22 MB and received 39.36 MB. I've received 93 connections on IPv4 and 0 on IPv6. I've made 6 connections with IPv4 and 0 with IPv6.