[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: False warning(?) and logging



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm running on Linux  2.6.10-1-k7  i686 GNU/Linux and Tor version 0.1.0.10.

Markus

- ----- Original Message -----
From: "maillist" <maillist@xxxxxxxxxxxx>
To: <or-talk@xxxxxxxxxxxxx>
Sent: Tuesday, June 21, 2005 10:31 AM
Subject: False warning(?) and logging


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi

I had to change my nodes exit policy to much stricter due abuse, now my
node
only allows traffic to port 80 and 443 (thats just sad but hope it helps).
When I restarted my node (do you have to restart node If policy changes?)
I
got following warning messages:

Jun 21 10:13:14.751 [warn] exit_policy_implicitly_allows_local_networks():
Exit policy accept *:80 implicitly accepts localhost (127.x)
Jun 21 10:13:14.752 [warn] exit_policy_implicitly_allows_local_networks():
Exit policy accept *:80 implicitly accepts addresses in private network
10.x
Jun 21 10:13:14.752 [warn] exit_policy_implicitly_allows_local_networks():
Exit policy accept *:80 implicitly accepts addresses in private network
169.254.x
Jun 21 10:13:14.752 [warn] exit_policy_implicitly_allows_local_networks():
Exit policy accept *:80 implicitly accepts addresses in private network
172.16.x
Jun 21 10:13:14.752 [warn] exit_policy_implicitly_allows_local_networks():
Exit policy accept *:80 implicitly accepts addresses in private network
192.168.x

Ok, my mistake. Added some lines to config, heres the whole exit policy:

# Just for showoff
ExitPolicy reject *:25

Exitpolicy reject 217.78.206.0/24:*
Exitpolicy reject 62.241.240.0/24:*
Exitpolicy reject 62.197.172.0/24:*
Exitpolicy reject 192.168.0.0/16:*
Exitpolicy reject 10.0.0.0/8:*
ExitPolicy reject 127.0.0.0/8:*
ExitPolicy reject 169.254.0.0/16:*
ExitPolicy reject 172.16.0.0/16:*

ExitPolicy accept *:80
ExitPolicy accept *:443

ExitPolicy reject *:*


Then I restarted my node:

Jun 21 10:19:28.418 [warn] exit_policy_implicitly_allows_local_networks():
Exit policy accept *:80 implicitly accepts addresses in private network
172.16.x
done.

Uh? Other messages disappeared but warning about 172.16.x... Bug or my
mistake?

And logging (from my nodes config):
## Send all messages of level 'notice' or higher to
/var/log/tor/notices.log
Log notice file /var/log/tor/notices.log

Doesnt that mean that level 'warn' should go there too? Well it doesn't,
those warnings about exit policys never ended up in logs... How to fix
this
and really log notices and higher?


And third, is this anything to worry about? directory_handle_command_get(): Client asked for the mirrored directory, but we don't have a good one yet. Sending 503 Dir not available.


Markus

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32) - GPGrelay v0.959
Comment: GnuPT 2.6.2.1 by EQUIPMENTE.DE

iD8DBQFCt8JH6fSN8IKlpYoRAqWRAJ43nB12Je0Wg4YXwNuoLymzHDKTZgCgm+gs
1ulKqhF6oz7eMti2JWTMnsg=
=wBxp
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) - GPGrelay v0.959 Comment: GnuPT 2.6.2.1 by EQUIPMENTE.DE

iD8DBQFCt8Mr6fSN8IKlpYoRAgGYAKCiVcNmZaRbsSHxmRp0nFWOdpu8eQCgovZL
7qWW4BHVobl3QosVlqCa6zQ=
=5Ia7
-----END PGP SIGNATURE-----