Hi,
I’m actually struggling with my monero node. I can’t have incoming connections through tor.
I run the last monero version (from binaries, verified) in whonix-18-ws, and sys-whonix-18-gateway as netVM
What I did :
- in
sys-whonix:torrc.d/50_user.confedited to add asHiddenServiceDirand the 2HiddenServicePorts 18089and18084(with themonero-wsip) - in
monero-ws: edited the whonix-firewall settings withEXTERNAL_OPEN_PORTS+=" 18089"and the same for18084. - reloaded
sys-whonixtor andmonero-wsfirewall
Actually some results :
- I can reach my xxxxx.onion:18089/get_info
sys-whonixseems to work and forward the connections to monero-ws. For testing, I installed nginx and tested the two ports 18089 and 18084 : both of them are then reachable from xxxxx.onion:18089 or xxxxx.onion:18084 (after that, I removed nginx)- in monerod outputs : I have outcoming ipv4 and tor connections ; but no tor incoming (no ipv4 incoming connections because of a NAT)
- on another computer, I have a monero node running without any problem on clearnet and tor, with incoming connections on both (as not behind a NAT).
I’m so pretty sure the problem comes from a misconfiguration of monerod.
Here’s my config file :
# /etc/monero/monerod.conf
data-dir=/working/directory/to/data # Blockchain storage location
check-updates=disabled # Do not check DNS TXT records for a new version
enable-dns-blocklist=1 # Block known malicious nodes
enforce-dns-checkpointing=1
db-sync-mode=safe # Slow but reliable db writes
log-file=/working/directory/to/.bitmonero/bitmonero.log
log-level=0 # Minimal logs, WILL NOT log peers or wallets connecting
max-log-file-size=10000000 #set to 10Mo
max-log-files=5
p2p-bind-ip=0.0.0.0 # Bind to all interfaces (the default)
p2p-bind-port=18080 # Bind to default port
no-igd=1 # Disable UPnP port mapping for tor or direct ip
#RPC
rpc-restricted-bind-ip=0.0.0.0 # Bind to all interfaces (the Open Node)
rpc-restricted-bind-port=18089 # Bind to a new RESTRICTED port (the Open Node)
rpc-ssl=autodetect # Use TLS if client wallet supports it; [enabled|disabled|(default)autodetect]
# ZMQ
no-zmq=1 # Disable ZMQ RPC server
max-txpool-weight=384354560 # Maximum unconfirmed transactions pool size in bytes
out-peers=32 # Default 12
in-peers=32 # The default is unlimited; we prefer to put a cap on this
limit-rate-up=48576
limit-rate-down=48576
# Tor - broadcast transactions originating from connected wallets over Tor/I2P
tx-proxy=tor,<sys-whonix-ip>:9153,12,disable_noise
anonymous-inbound=xxxxx.onion:18084,127.0.0.1:18084
disable-rpc-ban=1
print_cn output for example:
print_cn
Remote Host Type SSL Peer id Support Flags Recv/Sent (inactive,sec) State Livetime(sec) Down (kB/s) Down(now) Up (kB/s) Up(now)
OUT xxxxxxx:18080 IPv4 no aaaaaaaaaaaaaaa 1 33668(1)/30069(4) normal 52 0 0 0 0
OUT xxxxxxx:18080 IPv4 no aaaaaaaaaaaaaaa 1 104760(1)/107940(3) normal 151 0 0 0 1
OUT xxxxxxx:18080 IPv4 no aaaaaaaaaaaaaaa 1 179595(2)/179679(6) normal 254 0 0 0 0
OUT xxxxxxx:18080 IPv4 no aaaaaaaaaaaaaaa 1 339226(6)/338550(4) normal 494 0 0 0 0
OUT xxxxxxx:18080 IPv4 no aaaaaaaaaaaaaaa 1 597506(3)/568872(2) normal 861 0 0 0 0
[...]
OUT xxxxxxx:18080 IPv4 no aaaaaaaaaaaaaaa 1 1537143(1)/1496180(4) normal 2847 0 0 0 0
OUT xxxxxxx:18080 IPv4 no aaaaaaaaaaaaaaa 1 673411(18)/681223(4) normal 1164 0 1 0 0
OUT Tor no 1 0 83350(31)/55420(31) normal 226 0 0 0 0
OUT Tor no 1 0 114393(24)/70033(24) normal 701 0 0 0 0
OUT Tor no 1 0 104456(18)/70333(18) normal 859 0 0 0 0
OUT Tor no 1 0 89031(56)/30317(57) normal 260 0 1 0 0
OUT Tor no 1 0 120236(56)/71358(57) normal 1105 0 0 0 0
OUT Tor no 1 0 112466(56)/71584(57) normal 1423 0 0 0 0
OUT Tor no 1 0 120861(4)/71531(4) normal 949 0 0 0 0
OUT Tor no 1 0 123677(56)/72330(57) normal 1439 0 0 0 0
OUT Tor no 1 0 125877(43)/73828(43) normal 1629 0 0 0 0
OUT Tor no 1 0 65430(41)/45578(41) normal 140 0 0 0 1
OUT Tor no 1 0 126164(42)/75111(42) normal 2223 0 0 0 0
2026-02-13 10:22:42.384 W No incoming connections - check firewalls/routers allow port 18080
Any ideas ?
Is there something to deal with anonymous-inbound line ? igd ? p2p ports ?