[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor: Please block these file-sharing ports from your exit policy



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Roger Dingledine wrote:
| Hi folks,
Hi.
| If your Tor server has crashed and you haven't noticed, please notice,
| and consider upgrading to at least 0.0.9.3 and restarting it. :) If it
| was running 0.0.9.3 when it crashed, please let me know of any hints
| (e.g. core files and error messages) you might have for us.
Okay... on hellish, Tor 0.0.9.3 crashed with:
Feb 03 06:49:28.001 [notice] connection_expire_held_open(): Giving up on
marked_for_close conn that's been flushing for 15s (fd 72, type Exit,
state 3).
Feb 03 06:49:28.001 [notice] conn_close_if_marked(): Conn (addr
203.88.162.215, fd 72, type Exit, state 3) is being closed, but there
are still 18561 bytes we can't write. (Marked at connection_edge.c:47)
Feb 03 06:50:06.001 [notice] connection_expire_held_open(): Giving up on
marked_for_close conn that's been flushing for 15s (fd 285, type Exit,
state 3).
Feb 03 06:50:06.001 [notice] conn_close_if_marked(): Conn (addr
81.202.71.86, fd 285, type Exit, state 3) is being closed, but there are
still 191666 bytes we can't write. (Marked at connection_edge.c:47)
Feb 03 06:50:33.024 [notice] connection_expire_held_open(): Giving up on
marked_for_close conn that's been flushing for 15s (fd 267, type Exit,
state 3).
Feb 03 06:50:33.025 [notice] conn_close_if_marked(): Conn (addr
203.221.140.111, fd 267, type Exit, state 3) is being closed, but there
are still 133598 bytes we can't write. (Marked at connection_edge.c:47)
Feb 03 06:51:05.002 [notice] connection_expire_held_open(): Giving up on
marked_for_close conn that's been flushing for 15s (fd 368, type Exit,
state 3).
Feb 03 06:51:05.003 [notice] conn_close_if_marked(): Conn (addr
81.34.255.240, fd 368, type Exit, state 3) is being closed, but there
are still 96123 bytes we can't write. (Marked at relay.c:741)
Feb 03 06:53:15.814 [err] connection.c:1460: assert_connection_ok:
Assertion conn->receiver_bucket >= 0 failed; aborting.

Core file @ http://hellish.is-a-geek.net/core
Restarting now.
| ****** Part two: ******
|
| In the past weeks, file-sharing has been pummeling the Tor network:
| http://www.noreply.org/tor-running-routers/
|
| While we don't have any legal or moral opinions about this particular
| traffic, we need to take technical measures to make the network usable
| again. One solution would be to enumerate the ten or so ports that
| we know we want to accept, and reject the rest. We may end up needing
| to do that, but we'd like to try an intermediate approach first. So,
| please prepend the following line to your exit policy, by putting this
| line in your torrc file:
|
| ExitPolicy reject *:4661-4666,reject *:6346-6429,reject *:6881-6999
Done for the moment, but I think a better option would be to have some
sort of QOS routing, so bulk transfers don't clog the network.

And Roger, I think there's something wrong with either your or my gpg.
Enigmail reports:
OpenPGP Security Info

Unverified signature

gpg command line and output:
/usr/bin/gpg --charset utf8 --batch --no-tty --status-fd 2 --verify
gpg: Signature made Thu Feb  3 00:42:30 2005 PST using DSA key ID 28988BF5
gpg: WARNING: signature digest conflict in message
gpg: Can't check signature: general error

Bye now,
Echo Nolan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCAkhoYRxrNySKPh0RAtclAJ9GyG+BioGLtkJtcBMUDv5h73/NYgCgnwpN
Ds4aw6LFcF5yRZYHmhkK/ro=
=uVc2
-----END PGP SIGNATURE-----