[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: iptables and tor




Tom Hek schrieb:
By default are all the private ranges already blocked in the exitpolicy.
Yes, the private or non-routable nets. I should have been more precise what I
meant. ;-) (or should have avoided the term "private")
Suppose you have 87.78.1.170 as exit node and its subnet is 87.78.1.128/26.
Suppose your organization has the net 87.78.1.1/24 and you have some services
for internal use running on various hosts in that Class-C net.
Then AFAIK you have to take care yourself of the appropriate exit policies,
because tor can't possibly know this, e.g. explicitly disallow 87.78.1.1/24.

Dominik