[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] Get rid of the notion of a separate default default exit po...



Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/or

Modified Files:
	config.c or.h router.c 
Log Message:
Get rid of the notion of a separate default default exit policy.

Create ExitPolicyPrepend config parameter, to customize the default
exit policy.


Index: config.c
===================================================================
RCS file: /home/or/cvsroot/src/or/config.c,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -d -r1.79 -r1.80
--- config.c	10 Jan 2004 23:40:38 -0000	1.79
+++ config.c	18 Feb 2004 03:56:10 -0000	1.80
@@ -165,6 +165,7 @@
     config_compare(list, "ExitNodes",      CONFIG_TYPE_STRING, &options->ExitNodes) ||
     config_compare(list, "EntryNodes",     CONFIG_TYPE_STRING, &options->EntryNodes) ||
     config_compare(list, "ExitPolicy",     CONFIG_TYPE_STRING, &options->ExitPolicy) ||
+    config_compare(list, "ExitPolicyPrepend",CONFIG_TYPE_STRING, &options->ExitPolicyPrepend) ||
     config_compare(list, "ExcludedNodes",  CONFIG_TYPE_STRING, &options->ExcludedNodes) ||
 
     config_compare(list, "Group",          CONFIG_TYPE_STRING, &options->Group) ||
@@ -243,6 +244,7 @@
   tor_free(options->EntryNodes);
   tor_free(options->ExcludedNodes);
   tor_free(options->ExitPolicy);
+  tor_free(options->ExitPolicyPrepend);
   tor_free(options->SocksBindAddress);
   tor_free(options->ORBindAddress);
   tor_free(options->DirBindAddress);
@@ -258,7 +260,8 @@
   options->ExitNodes = tor_strdup("");
   options->EntryNodes = tor_strdup("");
   options->ExcludedNodes = tor_strdup("");
-  options->ExitPolicy = tor_strdup("reject *:25,reject 127.0.0.0/8:*,reject 0.0.0.0/8,accept *:*");
+  options->ExitPolicy = tor_strdup("reject 0.0.0.0/8,reject 169.254.0.0/16,reject 127.0.0.0/8,reject 192.168.0.0/16,reject 10.0.0.0/8,reject 172.16.0.0/12,accept *:20-22,accept *:53,accept *:79-80,accept *:110,accept *:143,accept *:443,accept *:873,accept *:1024-65535,reject *:*");
+  options->ExitPolicyPrepend = tor_strdup("");
   options->SocksBindAddress = tor_strdup("127.0.0.1");
   options->ORBindAddress = tor_strdup("0.0.0.0");
   options->DirBindAddress = tor_strdup("0.0.0.0");
@@ -271,7 +274,7 @@
   options->DirFetchPostPeriod = 600;
   options->KeepalivePeriod = 300;
   options->MaxOnionsPending = 100;
-  options->NewCircuitPeriod = 60; /* once a minute */
+  options->NewCircuitPeriod = 30; /* twice a minute */
   options->BandwidthRate = 800000; /* at most 800kB/s total sustained incoming */
   options->BandwidthBurst = 10000000; /* max burst on the token bucket */
   options->NumCpus = 1;

Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.223
retrieving revision 1.224
diff -u -d -r1.223 -r1.224
--- or.h	18 Feb 2004 01:21:20 -0000	1.223
+++ or.h	18 Feb 2004 03:56:10 -0000	1.224
@@ -497,6 +497,7 @@
   char *EntryNodes;
   char *ExcludedNodes;
   char *ExitPolicy;
+  char *ExitPolicyPrepend;
   char *SocksBindAddress;
   char *ORBindAddress;
   char *DirBindAddress;

Index: router.c
===================================================================
RCS file: /home/or/cvsroot/src/or/router.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- router.c	17 Feb 2004 08:29:22 -0000	1.10
+++ router.c	18 Feb 2004 03:56:10 -0000	1.11
@@ -253,8 +253,8 @@
   }
 }
 
-static void router_add_exit_policy_from_config(routerinfo_t *router) {
-  char *s = options.ExitPolicy, *e;
+static void router_add_exit_policy_from_config_helper(char *s, routerinfo_t *router) {
+  char *e;
   int last=0;
   char line[1024];
 
@@ -286,6 +286,11 @@
   }
 }
 
+static void router_add_exit_policy_from_config(routerinfo_t *router) {
+  router_add_exit_policy_from_config_helper(options.ExitPolicyPrepend, router);
+  router_add_exit_policy_from_config_helper(options.ExitPolicy, router);
+}
+
 /* Return false if my exit policy says to allow connection to conn.
  * Else return true.
  */
@@ -296,7 +301,7 @@
 
   return router_compare_addr_to_exit_policy(conn->addr, conn->port, 
                    desc_routerinfo->exit_policy);
-    
+
 }
 
 const char *router_get_my_descriptor(void) {