[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: opening up (exit policy) a bit ...

On May 8, 2010, at 7:54 PM, Dyno Tor wrote:

On Sat, May 8, 2010 at 9:03 AM, John Case <case@xxxxxxxxxxxxxxxx> wrote:

Let's say you run a tor relay with no exit policy:

reject *:*

And then later you alter that exit policy a bit:

accept *:80,reject *:*

My understanding is that this system will continue to be used as a non-exit relay, but will then also be used as an exit. That is, it's not going to be
monopolized by exit traffic only ... it will do both, right ?

I don't believe this is correct.  I think this means you're not an
exit node at all.

What do you mean, not an exit node at all? As long as the Tor
process receives a HUP signal or is restarted to notify it of the
config changes, it will become an exit.

I suspect if you want your node to be an internal relay or have a
chance at being a guard and still relay some exit traffic, you'll have
more luck by running two tor instances, which could be on the same
box.  Put them in the same family (although I suppose tor will be
smart enough to keep them from being used on the same circuit anyway,
since they'll be on the same IP.)  Then you can adjust the bandwidth
for each instance to be the split you want.

This is totally incorrect. Tor uses exit nodes in the middle and possibly
even guard position, depending on flags and general scarcity of

If you're willing to be an exit node, however, you'll help the tor
network out most by doing 100% exit traffic.  That's because we're
currently constrained at the exits.  Also consider letting port 443
through too.  I do ports 80 and 443, and I haven't gotten an abuse
complaint yet.

It is not possible to become a node that acts _only_ as exit.

To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/