Re: first thoughts on exit policies

[Nick Mathewson <nickm@reputation.com>]

On Sun, 2002-06-16 at 20:33, Roger Dingledine wrote:

Sorry about being away from the list so long, everybody.  I'm still
recovering from an intensely tough week at Reputation, and have been
kept away from Minion for a while.

I've had a design for node configuration info on paper for at least a
week, but I wanted to bounce it off Roger before I wrote it up for the
list.  Roger -- talk about this tomorrow (Monday)?

> An exit policy allows a node operator to limit the types of traffic that
> leave his node. A node's configuration file has lines of the form:
> 
> scope protocol rule ipblock
> 
> where:
> 
>  scope is either public or private
>  protocol specifies which protocol to limit (http, smtp, etc).
>    More generally, we can think of this as 'application'.
>  rule is either 'accept' or 'reject'. We can add 'authenticate'
>    down the road.
>  ipblock can be several forms: 18.244.*.*, 18.244.0.0/16, or
>    *.mit.edu

A suggestion: don't try to have every protocol take the same line
format.  There are some rules that make sense for local delivery that
simply don't make sense for SMTP. 

Again, I'll write up my design tomorrow, and try to get it into CVS.

Yours,

 [...]
> The 'public' and 'private' specifiers distinguish between advertised
> exit rules and actual exit rules: a certain node may be willing to let
> certain traffic exit, but may not wish to publish this fact.
 [...]

This is not a bad idea. 

Yours,
-- 
Nick