On Thursday 30 April 2009 08:15:02 Scott Bennett wrote: > About a day ago, I added a list of obsolete nodes, mostly running > 0.1.*.* releases, to my ExcludeNodes list in torrc. One of those was > TSL. I still see TSL being chosen for routes for circuits. I've > noticed such apparent violations and commented upon them previously > here. > What I don't yet know is whether I might be misunderstanding what > ExcludeNodes is supposed to do, based upon my understanding of the tor > man page, which says, > > ExcludeNodes node,node,... > A list of identity fingerprints, nicknames, country codes and > address patterns of nodes to never use when building a circuit. > (Example: ExcludeNodes SlowServer, $ABCDEFFFFFFFFFFFFFFF, {cc}, > 255.254.0.0/8) > > It seems to me that as soon as I send tor a SIGHUP after adding a node > to ExcludeNodes in torrc, tor ought to begin excluding it from future > path selections and ought also to remove it from its list of chosen > entry guards if it is in that list. If my understanding of what > ExcludeNodes is supposed to do is incorrect, I'd very much appreciate > someone letting me know and also some advice as to how to accomplish > real, immediate exclusion of the node from any new circuits established > by the client side of tor. ExcludeNodes isn't respected by tor when building circuits for 'internal' use, e.g. directory updates. If you can confirm that the nodes are being chosen for circuits that are for the user's use then that would indicate a problem. I think the best way of tracking it would be to do: telnet localhost 9051 authenticate setevents extended circ stream set excludenodes={your exclude nodes} then watch/log the output. if you see 'purpose=general' against a stream on a circuit containing an excluded route created after you set the excludenodes then there may be a problem worth investigating. You could post the suspect output here. > Thanks for any information on this matter. > > > Scott Bennett, Comm. ASMELG, CFIAG > ********************************************************************** > * Internet: bennett at cs.niu.edu * > *--------------------------------------------------------------------* > * "A well regulated and disciplined militia, is at all times a good * > * objection to the introduction of that bane of all free governments * > * -- a standing army." * > * -- Gov. John Hancock, New York Journal, 28 January 1790 * > **********************************************************************
Attachment:
signature.asc
Description: This is a digitally signed message part.