[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] RFC1918 addresses on outside interface



On Wed, Nov 28, 2012 at 11:37:29PM -0000, temp5@xxxxxxxxxxx wrote:
> > Running a non-exit Tor relay on Linux and have iptables set up to block
> > inbound and outbound RFC1918 addresses on the outside interface. Notice in
> > the firewall logs several seemingly random private IP addresses connection
> > attempts to my relay port getting dropped on the outside over the past few
> > months. The MAC address associated with these matches my ISP's default
> > gateway.
> >
> > Does Tor do some type of loopback on the outside int.? Or is my ISP doing
> > something peculiar with NAT?
> 
> Assuming it's my ISP, is there any way to configure my relay to discourage
> clients in my AS from using it as an entry point?

Could you say more about why you would want to do that? I ask because
this increases those clients' risk from an AS-level attacker by
mandating an increase in the number of ASes that must be traversed
between client and entry node.

-Paul
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk