BM-2cTjsegDfZQNGQWUQjSwro6jrWLC9B3MN3@xxxxxxxxxxxxx: > It appears the nice firewall prompt has been removed in TBB 4.0. For > those of us who block all but a couple outgoing ports (and all the > incoming), is the only way to retain this functionality to edit the > "torrc" file with something like below for every new download? > > ReachableAddresses accept *:80 > ReachableAddresses accept *:443 You can still configure this option through the Network Settings available from the onion menu. The ReachableAddress setting is a bonus: Tor will try to connect to relays in turn until it succeeds, so it should eventually try to connect to a relay that listens on the right port. The rationale from removing the option is the amount of headaches for users and support: how many users know what a firewall is? How many users know the difference between an outgoing and an incoming firewall? How many users actually *have* an outgoing firewall? So they would enable ReacheableAddress for the two ports you mention, and then configure bridges. And so Tor was not ever able to connect because it wasn't allowed to connect to the configured bridges. > Compared to the menu item, this seems rather inconvenient for linux > users who (quite surprisingly) don't have any well-developed means > to block outgoing traffic on a per-application basis, and resort to the > less effective, though slightly more cautious practice of just opening a > couple outgoing ports? If it's about networw security, how about configuring bridges and only allowing these specific IP and port in the firewall? -- Lunar <lunar@xxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: Digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk