[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Are squid proxies acceptable on exit nodes?



> recently I occasionally get things like depicted in
> https://twitter.com/akrey/status/729677599652380672
> 
> A squid error page that the connection to the remote
> host timed out (here 193.99.144.85, which is the
> address of www.heise.de which I wanted to reach).
> 
> To me it looks like the tor exit is using a squid
> proxy - is that an acceptable thing to do as a
> relay operator?

Exit relays should not route their traffic through transparent proxies
because that causes problems when TCP ports are not used for the usual
protocols and also generates more logs then there should be.

Also they seem to have timeouts a lot, where other exits are able to
deliver the same sites without problems (maybe their squid is overloaded?).

This one is also using a squid proxy and it is likely operated by the
same entity (see last restart timestamp):
https://atlas.torproject.org/#details/8E15D869D266DF5B08351122185F9660CA6D0FA2

as
https://atlas.torproject.org/#details/4F0003EAB0E8712B94B29A84BF8B8F34C95927BC
and
https://atlas.torproject.org/#details/C2C7796F98D22EAB910648FDD54951089E6233DE

unfortunately we can not ask them if they or their upstream is running
squid since they have no ContactInfo set.

Please consider giving them the badexit flag.

you might also want to have a look at other exits on that AS to find out
if their upstream is running squid.
https://compass.torproject.org/#?exit_filter=all_relays&links&sort=cw&sort_reverse&country=&ases=AS49981&top=-1&exits_only

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk