[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Reduced exit and not IPv4 exit traffic at all
- To: tor-relays@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-relays] Reduced exit and not IPv4 exit traffic at all
- From: Martin Gebhardt <martin@xxxxxxxxxxx>
- Date: Thu, 17 Feb 2022 21:20:33 +0100
- Authentication-results: rw0b2d; spf=pass (sender IP is 185.220.101.84) smtp.mailfrom=martin@xxxxxxxxxxx smtp.helo=[192.168.178.158]
- Autocrypt: addr=martin@xxxxxxxxxxx; keydata= xsFNBGHx25kBEACa6X8shMQ7JFK8vjeqN46vdxlKTSnGaFkYF1/DnRB2Gly7Ec/jH3xTriyi SgZ91UEq+KIs4VfW0u8axls/0t0lGxD0CRPWYpbGccEODWLVM5SiZNvvS9YWXmkakEX9pL4g lF7v5sV8N/YdgODljaXz/vHa+lgyQtSeozKkudSDC8wafjR14A859P8fjlEbTdIkIhdJF7Gz Ltzl2T4sIiJhWjFgorZzXqkvQShHIQdoz72Ckx6roh9r4ZVJjl+BYInMYBErH829bmGqWVF8 JOC80dAGyaoJtRzBqjsI/pYucFJI5fdNeycSdoMBD88TlXnMf9a2xxbckrYyVaxQFVrH00Q3 EWsL19/mH/N9sJ8bOe9yk9QmYuh1MVbpS4zlKXGHeXlyhuvItqLBcwECcVQHUSJJwyRrfTPJ s+cNfwMKMRoSTtt2l6peYka6RjjvORoPDfJpSmmKtW5DTueL+nTLplJVqpczteLqmCuXlTni GDpFRXUBkQ4aeJI0Kij6NNGoVDUT8cWNBL6fX9LoSoBM1rDNOUQYhM884HTB5r1fafG/kFau /b4LvJnWpqQLBcEHGVrlQFubdN6j76MxwOunIk6DE5sk24zSPETH/teHXNDm2ef1Rq1KWjRl 7k5YImYS/IjO1NHy4QOP84PW8EI7BGUoN7+QYro2eLHJX9ljAwARAQABzSRNYXJ0aW4gR2Vi aGFyZHQgPG1hcnRpbkBnZWJoYXJkdC5pbT7CwZQEEwEKAD4WIQSFI5W9lyjNFzLshN5Ucrhm 6mzT3QUCYfHbmQIbAwUJAHanAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBUcrhm6mzT 3f57EACXx0W9+0LJ2Ho5XaWCdlS4nAQ7h6htAIw7tDe+Zg3MU00bKZbjP4cjYlk4k6C1urwA JtA0ljMXb84UOgeT8A51uGUiV0OjHWSBqUdd2FUg5QDE1oAzPbsXKk7gHo+n6DnF9ZteezDN K5SQrrS7Gb3Cu5wPIiq3JByzClF955sTupduHD1dbU11UQ+JwX7ZiElPo+XZjQBqr7PkYl2K CMpc4Hzl90o0ciPqkyMrC3dg6SMSMA9B0LnpL57U1QYioSa38aFvChTBy35h1p6nEKCEKYGD xRlfi1qDNOkMSM5TaoqseZDO2dKNK4W4Y9hku4G9dwGgGetMyYBHFnUDxglLxOa3MwCPvTo+ znoeKCUjWgi7Wq/wuDNTqozjdbkhrRaxd8GOQ1vK+vaFMvm+Q8BUKPv9bTdxSULH3078xej8 fAoupBtuVBVv7TAaO/uwnV135w3XppQ70UhNa4HUSCRGRD3oLsHVQcZt/MIGIflVZwN1aiXG CARa/PkHVN0d15vvu3YeaW6y3O9/nfHJbGqqQyw48Ha2dzjPtLafslM2y0cFw0sKXn8xPoqp 5xe/Mc1vCYybX1f2Ra+xYsxRTAyr3S3OsDSuh9GQyd7y20IfoeoNiSpNf+bV0AiiCbwEDDgn IQscmg+iWcsgBqZq7xm/fe7yeIn/X72b4WpxsRodIs7BTQRh8duZARAAoU2CilswGTrRpXqF j0cxVIhFO9N1BFZkCXnQ8m5KDCC1Iuj8e/6S8bi6CRRhai9Gj3B7/A6YAba4Dtf9gPxY31WK 2LrN8bo51GA19Ld5Qnt4j0FMi8SP0h9V4lIFz4ibgXIAeB2EvZo5WadFWX9Qa3wZYAAbjvxs +vkhWkCF9ztoI7eiZscatSDBVhrcG4t1N0wT2ykccwcdHKimiLNUdp+SJotVVBxTrvGgToX5 6tkh0V9LxVjjej46j4Sv2i0OFnP5V+3/8X3BgkORYcHE6G/h0G4xEMNf25DckMtJztE2SWfG /FL1eFRmv/GybgFS323OPwBd/pGXXDhNgQHG6OphRdSky3k+vD7aMND82pchIaIkvyMO98Xv fUObrQCnz5tbVvhL5PnhPI/MjfLRr4DexHOiWLR2knLYs3ov13UKfnPkpgv05j76RZgIxAHA cwQj5FL8rtY330LoVZ34edF8RA37rY7S2vnK4fsCYrePdDj7etX/eUv9aRQvj+0dOmfu/Yoi P2Cw48I1WSPjf4plkuw3aprwT13uBGyKMc7prC95gjQRiO4tiyLrmQQyF7AThvmrzLRcE36q C5wp3hrH2mE2I3FXoaL7q6ziiV2FE6gLUS5us5LAItr/DXiiMiAsDwxjvjbufPFEP/4Lii/5 o3b+iD3CUMFRdACgkIkAEQEAAcLBfAQYAQoAJhYhBIUjlb2XKM0XMuyE3lRyuGbqbNPdBQJh 8duZAhsMBQkAdqcAAAoJEFRyuGbqbNPd0PIP/1go0j6D384gyLlw+lZ2I6ue5ir7aD3LWCXu zxfbzsqQ4ZJ0QXzkIz8WyUAsCBKclspFtELvFrc80GFPsrLcu5FxT+Ojp4g04n1DhndKveUR nv2FFKiKgrEeQA/zuN8ZSK77BXGGAbL8Yjptxv2cMaZFIlbh9M1pd1v2Az5AnxNzWusCknjr JFjUez2Z7s/9dhGUJjnscrOnMgGuM84DsprHnpofYeP+D4yZOyMRInpNKvnA+OgBz0X5A4MJ Bu0D1wNmYWRo6c2PrasIFhaMmInpLI0O6GMG2MWpBMEkKgfwr+iwswJ7NpB6fY3hw/ByAizH 3U80Ik9Q2Le+L4ELx7tmaZnQIwIZiDh/juKiKrDqFEaGmoPit7cx4WYj1JM8BVYS3AGyKSeP gweyG8geH3GUbTrxxpb7Qk8i7Rk9jX92B0ugmfz/fhqCfo4PkRrF/uUNlneHI65P+1fXgs5k INwuGewf6fBgOzrkn4F7HPLAKAHmUNuJAszT0vbm6D1e4wJ+2FvF9Q5P0aGNhX5zAsLT6s1T Z4Df7IE0cmaKc+b8Z4O5vJfT1NdlJfuIygBu1/KoHnaUISJqv7iibJoLT6tFK6O20PfayF3+ akmzGBdGxM8A1rXN8226/h9cqadMzFGWFaOeVyG1gqfu8vbrGqQfjJ8BROeDWqP8sx9t6Fjy
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Fri, 18 Feb 2022 17:52:07 -0500
- In-reply-to: <da82af93-ad13-150c-6646-a848468e682d@yl.ms>
- List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
- List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
- List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
- List-post: <mailto:tor-relays@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
- References: <da82af93-ad13-150c-6646-a848468e682d@yl.ms>
- Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.6.0
Hi ,
I would try the following:
ExitPolicy accept [::]:20-21 # FTP, SSH, telnet
ExitPolicy accept [::]:23 # FTP, SSH, telnet
ExitPolicy accept [::]:43 # WHOIS
[..]
ExitPolicy reject *:*
I would recommend that you block outgoing email ports instead of trying
to block out all IPv4 traffic. I've never had any problems with ISPs and
I ban outgoing email and SSH.
I'm not happy with it, but it's better than being discredited by ISPs.
On 2/16/22 13:45, yl wrote:
Hello all,
how can I used a reduced exit policy and don't allow any IPv4 exit traffic?
The following line in the top of all the ExitPolicy lines in torrc seems
not to work.
ExitPolicy reject 0.0.0.0:*
What is the order I needed here, first "reject" and then accept or the
other way around?
Reduced Exit policy like here:
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/ReducedExitPolicy
Webtropia was a bit unhappy lately when UCEprotect listed the whole /24
for some reason I still don't understand.
But then I thought, why not disable IPv4 exit traffic, there is so many
IPv6 resources that a IPv6 only Exit should still be fine.
Thanks
yl
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Attachment:
OpenPGP_0x5472B866EA6CD3DD.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays