Warning! Depending on the configuration of your Tor relay, operating a Tor relay may be troublesome in some countries. More information about this topic is to be found on the bottom of this page.

A Tor relay can operate in many different ways. Basically your relay will receive packets from a set of relays and send them to other relays (or exit the Tor network if you are an Exit Node). By this chain of relays, the Tor network is able to hide the source of the packet. The data is encrypted, so that nobody on the path towards the destination may intercept any data.

In order to set up your installation of theIPFire Tor add-on as a Tor relay, just check "Enable Tor Relay" at the top of the page. You need to select one of the Tor operation modes, you want to operate your Tor relay in. The rest of the configuration can be left at default settings, which is not recommended.

Relay Information

Enter the FQDN for your red interface or your public IP address into the Relay Address field, if Tor cannot determine the right one automatically.

This may be necessary, if you have multiple public IP addresses. Normally, you can leave this field blank.

The Relay port is the port, other peers use to contact your relay. It will be automatically opened by IPFire, so you don't need to configure it on the external access page. The default port is 9001. Another very commonly used value is 443, which is also used for HTTPS, but will help to hide Tor traffic making it look a bit like HTTPS.

Give your relay a nickname (Relay nickname), so others can use it more easily and would not need to have your relay's fingerprint. The name must be under 20 characters and may contain letters and numbers, but no spaces or other characters.

Contact Information

Although it is very counter-intuitive, you really should provide your contact information.

It is important to make clear that there is a Tor relay on that IP address. If there is any abuse detected, your ISP (or other people) should be able to contact you in order to report that abuse case. More about this can be found in the Tor Legal FAQ.

The format to enter your contact details is like this: John Doe <john.doe@example.com>

Bandwidth Settings

Because you wouldn't always want to share all of your bandwidth with the Tor network, you may limit the bandwidth of the Tor data stream and the total amount of packets per day.

The Max. rate setting limits the maximum bandwidth Tor can use relaying through your router. Max. burst allows Tor to use a bit more for a short amount of time, if it is necessary. The burst setting must always be equal or greater than the max. rate setting. For example, setting Max. Rate to 160 kBit/s and Max. burst to 256 kBit/s will generally allow 160 kBit/s through, with occasional, short term "bursts" of up to 256 kBit/s. You must devote at least 1Mbit bandwith if you select the relay option or the TOR daemon will not start.

Traffic Limits

You can also limit the total amount of traffic through your router on a daily, weekly or monthly basis. When that limit is reached, your Tor relay will no longer relay until the total amount of traffic falls below the value you enter. This is important with some ISP's who charge for the total amount of traffic used.

If you don't want to give more than a certain amount of bytes to the Tor network per day, week or month, you may configure this in the accounting limit field. Enter the amount of data, in megabytes, that may be used per period. Choose the period in the drop-down menu below. For example, if you are limited to 1 Gigabyte total data transfer in a month, and you want to donate 20% of that to the Tor project, you would enter 200 in the Accounting Limit field (MB) and set the Accounting Period to Monthly.

The actual transferred amount of data and how much of the granted traffic is left can be viewed in the statistics section.

First, calm down. Operating a Tor relay is not as bad as it may seem at a first glance.

Tor has been developed to embrace free speech, privacy and human rights.

However, some people use the Tor network for illegal activities, since you can send and receive traffic through the network anonymously. If you are operating a relay at home, this traffic may be attributed to you and, in some countries, your law enforcement may seize your computer. Hence it is not recommended to run an exit-node at home.

For more detailed information, supporting ISPs:

If you can and are willing to run an Exit Node, there is a good (if dated) blog post describing several do's and don'ts at:

This wiki is not your lawyer, so please don't take this as legal advice. But we are still going to point you to some resources that help you finding out how the situation in your country might be.


In Germany, there exists the legal term "Störerhaftung" (liability for interference), which makes the owner of the internet connection responsible for all misuse that is done from that connection. Therefore it is strongly adviced not to run an Exit Node from your internet connection at home in Germany.