[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] firewall prompt gone in 4.0?

> It appears the nice firewall prompt has been removed in TBB 4.0. For
> those of us who block all but a couple outgoing ports (and all the
> incoming), is the only way to retain this functionality to edit the
> "torrc" file with something like below for every new download?
> ReachableAddresses accept *:80
> ReachableAddresses accept *:443

You can still configure this option through the Network Settings
available from the onion menu. The ReachableAddress setting is a bonus:
Tor will try to connect to relays in turn until it succeeds, so it
should eventually try to connect to a relay that listens on the right

The rationale from removing the option is the amount of headaches for
users and support: how many users know what a firewall is? How many
users know the difference between an outgoing and an incoming firewall?
How many users actually *have* an outgoing firewall?

So they would enable ReacheableAddress for the two ports you mention,
and then configure bridges. And so Tor was not ever able to connect
because it wasn't allowed to connect to the configured bridges.

> Compared to the menu item, this seems rather inconvenient for linux
> users who (quite surprisingly) don't have any well-developed means
> to block outgoing traffic on a per-application basis, and resort to the
> less effective, though slightly more cautious practice of just opening a
> couple outgoing ports?

If it's about networw security, how about configuring bridges and only
allowing these specific IP and port in the firewall?

Lunar                                             <lunar@xxxxxxxxxxxxxx>

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to