Re: [tor-relays] Filtering TOR Non-exit Relay - Just Curious

["Sebastian G. <bastik.tor>" <bastik.tor@xxxxxxxxxxxxxx>]

27.10.2013 20:49, Nelson:

> 1. Real Time Traffic Logging (ip's and ports logged)
> 2. The ability to filter traffic.
> 
> Apparently I am able to do both with PeerBlock, although I'm sure there
> are more suitable and capable tools available out there that do this,
> but I'm not aware of or have used any of these tools.
> 
> In peerblock I can create new custom lists and completely block specific
> ip ranges (ex: warez, torrents etc.), and I am able to see what traffic
> is allowed or blocked based on policies created.
> 
> 1. What problems, if any, arise from using peerblock and Tor together?

Just logging could enable someone to combine your logs with his own or
someone's logs trying to 'unmask' user(s).

Blocking, depending on the filter lists exits might be blocked or the
whole Tor network.

> 2. Why do we not have the ability to at least set our own policy for the
> type of traffic on a relay just like an Exit Relay?
> 

Tor's design/architecture is based on the assumption that any relay can
reach any other relay in the network.

There's no classes of traffic for nodes that aren't exits. Exits can
guess based on the port what certain traffic is, port 25 for example
gets abused by spammers so it is not allowed by default. Exits are able
to identify the communication end-point and can exclude those that
complain about abuse. Exits are at the worst spot when it comes to
complains, they get them, middle-relays don't have that and they can not
distinguish traffic anyway, and they shouldn't be able to do so.

Regards,
Sebastian G.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays