[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: iptables and tor
Tom Hek schrieb:
By default are all the private ranges already blocked in the exitpolicy.
Yes, the private or non-routable nets. I should have been more precise what I
meant. ;-) (or should have avoided the term "private")
Suppose you have 184.108.40.206 as exit node and its subnet is 220.127.116.11/26.
Suppose your organization has the net 18.104.22.168/24 and you have some services
for internal use running on various hosts in that Class-C net.
Then AFAIK you have to take care yourself of the appropriate exit policies,
because tor can't possibly know this, e.g. explicitly disallow 22.214.171.124/24.