[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Exit node blocking site?
Right now you're degrading service for other Tor users that try to go to
groups.google.com, because you trick them into thinking that it resolves
to something else. Also (and you'll perhaps be more motivated by this), if
the user resolves the address into an IP first, you're not blocking that.
I have to do something, because I'm trying to minimize the abuse
complaints I get.
The better answer is to change your exit policy to reflect the addresses
and ports that aren't reachable from your server. Then clients will
learn it from your descriptor and not even try to exit from you.
Unfortunately, Google dosen't seperate services by IP (notice the first
groups.google.com is an alias for groups.l.google.com.
groups.l.google.com has address 220.127.116.11
groups.l.google.com has address 18.104.22.168
groups.l.google.com has address 22.214.171.124
google.com has address 126.96.36.199
google.com has address 188.8.131.52