[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Time between client's consensus fetches?



corridor[0], a Tor traffic whitelisting gateway, usually subscribes to
NEWCONSENSUS events in a Tor control connection and converts each new
networkstatus consensus into a Linux ipset.

ipset entries can be be associated with a timeout value to make them
disappear from the set after some number of seconds. I'd like to use
that feature so the gateway fails closed if the corridor daemon dies.

Is it possible to get a consensus's fresh-until/valid-until dates
through a control connection?

In practice, is there a maximum time that can pass between a client
fetching consensus n and n+1? Over the last day I've observed intervals
between 900 and 7700 seconds.

Also, how does a client filter the raw incoming consensus into a
NEWCONSENSUS event? For example, on a box without CONFIG_IPV6 in the
kernel I can't see any IPv6 relay. Maybe the IPv4 relay list too is some
kind of local view, dropping relays that couldn't be reached?

Rusty

[0] https://github.com/rustybird/corridor

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk