<div dir="ltr"><div><div>>If you do lines like the above, your Tor relay will be unable to reach<br>>other Tor relays that chose port 80 or port 110 for their ORPort or<br>>their DirPort. (People choose those ports because some users are behind<br>

>firewalls that only allow connections to those ports.)<br></div></div><br><span id="result_box" class="" lang="en"><span class="">indeed.</span> <span class="">By</span> <span class="">personal choice</span><span>, I</span> <span class="">have</span> <span class="">found it more</span> <span class="">convenient</span> <span class="">to exclude</span> <span class="">this traffic</span> <span class="">leaving my</span> <span class="">relay</span><span>.</span> <br>

<span class="">I'll make</span> <span class="">scrips</span> <span class="">that create</span> <span class="">rules</span> <span class="">with</span> <span class="">these</span> <span class="">output</span> <span class="">ports only for</span> <span class="">Tor</span> <span class="">relays</span><span>.</span> <br>

<br><span class="">Thanks a</span> <span class="">lot</span> <span class="">mr</span><span>.</span> <span class="">Roger</span><span>.</span></span><br><div><div><br></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">

On Fri, May 23, 2014 at 7:30 PM, Roger Dingledine <span dir="ltr"><<a href="mailto:arma@mit.edu" target="_blank">arma@mit.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

On Fri, May 23, 2014 at 06:16:56PM -0300, Noilson Caio wrote:<br>
> Block all output like http and smtp in my netfilter (Gnu Linux);<br>
><br>
> -A OUTPUT -p tcp -m tcp --dport 80 -j DROP<br>
> -A OUTPUT -p tcp -m tcp --dport 110 -j DROP<br>
> etc ..<br>
<br>
Relays need to allow connections to all outgoing ports.<br>
<br>
If you do lines like the above, your Tor relay will be unable to reach<br>
other Tor relays that chose port 80 or port 110 for their ORPort or<br>
their DirPort. (People choose those ports because some users are behind<br>
firewalls that only allow connections to those ports.)<br>
<br>
<a href="https://www.torproject.org/docs/faq#OutboundPorts" target="_blank">https://www.torproject.org/docs/faq#OutboundPorts</a><br>
<br>
--Roger<br>
<br>
_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</blockquote></div><br><br clear="all"><br>-- <br><div dir="ltr"><div style="margin-left:40px"><font size="1"><span style="font-family:courier new,monospace">Noilson Caio Teixeira de Araújo<br><a href="http://ncaio.ithub.com.br" target="_blank">https://ncaio.<font size="1">wordpress</font></a><a href="http://ncaio.ithub.com.br" target="_blank">.com</a><br>

<a href="http://br.linkedin.com/in/ncaio" target="_blank">https://br.linkedin.com/in/ncaio</a><br></span></font></div><div style="margin-left:40px"><span style="font-family:courier new,monospace"><a href="https://twitter.com/noilsoncaio" target="_blank"><font size="1">https://twitter.com/noilsoncaio</font></a></span><br>

</div><div style="margin-left:40px"><br></div> </div>
</div>