I have brought the exitpolicy list up to date to follow with the conversations, if you want to be moderately restrictive.<br>
Of course this isn't blocking the kazaa, azureus etc data from entering
the network and slowing us down, only passing the buck. Is there a more
effective way to keep unwanted data from entering the network at all?<br>
<br>
ExitPolicy reject <a href="http://0.0.0.0/255.0.0.0:*">0.0.0.0/255.0.0.0:*</a><br>
ExitPolicy reject <a href="http://127.0.0.0/255.0.0.0:*">127.0.0.0/255.0.0.0:*</a><br>
ExitPolicy reject <a href="http://10.0.0.0/255.0.0.0:*">10.0.0.0/255.0.0.0:*</a><br>
ExitPolicy reject <a href="http://172.16.0.0/255.240.0.0:*">172.16.0.0/255.240.0.0:*</a><br>
ExitPolicy reject <a href="http://192.168.0.0/255.255.0.0:*">192.168.0.0/255.255.0.0:*</a><br>
ExitPolicy reject <a href="http://169.254.0.0/255.255.0.0:*">169.254.0.0/255.255.0.0:*</a><br>
<br>
# reject ports officially used for protocols that were never meant to be<br>
# anonymous (e.g. email, usenet) because of the spam risk, thus reducing<br>
# our worry that the world would associate Tor with pro-spam advocacy.<br>
<br>
ExitPolicy reject *:25<br>
ExitPolicy reject *:119<br>
<br>
# reject ports officially used for poorly-designed protocols that are<br>
# always attacked by script kiddies.<br>
<br>
ExitPolicy reject *:135-139<br>
ExitPolicy reject *:445<br>
<br>
# reject ports commonly used by widely-adopted P2P filesharing programs.<br>
# Tor does not take a stand on the ethics or legality of P2P<br>
# filesharing, either in theory or in practice. We have simply observed<br>
# that encouraging P2P filesharing presently makes our network less<br>
# useful to those for whom Tor was designed.<br>
<br>
ExitPolicy reject *:1214<br>
ExitPolicy reject *:4661-4666<br>
ExitPolicy reject *:6346-6429<br>
ExitPolicy reject *:6881-6999<br>
<br>
# Block IRC<br>
ExitPolicy reject *:6667-6669<br>
<br>
# RFC 1918: IANA Private Use<br>
ExitPolicy reject <a href="http://10.0.0.0/8">10.0.0.0/8</a> <br>
<br>
# Link Local<br>
ExitPolicy reject <a href="http://169.254.0.0/16">169.254.0.0/16</a><br>
<br>
# Test Net<br>
ExitPolicy reject <a href="http://192.0.2.0/24">192.0.2.0/24</a><br>
<br>
# RFC 3068: 6to4 anycast<br>
ExitPolicy reject <a href="http://192.88.99.0/24">192.88.99.0/24</a><br>
<br>
# Private Use<br>
ExitPolicy reject <a href="http://192.168.0.0/16">192.168.0.0/16</a><br>
ExitPolicy reject <a href="http://10.0.0.0/8">10.0.0.0/8</a> <br>
ExitPolicy reject <a href="http://169.254.0.0/16">169.254.0.0/16</a> <br>
ExitPolicy reject <a href="http://172.16.0.0/12">172.16.0.0/12</a> <br>
ExitPolicy reject <a href="http://192.0.2.0/24">192.0.2.0/24</a><br>
ExitPolicy reject <a href="http://192.88.99.0/24">192.88.99.0/24</a><br>
ExitPolicy reject <a href="http://192.168.0.0/16">192.168.0.0/16</a><br>
<br>
# Reserved for benchmarks<br>
ExitPolicy reject <a href="http://198.18.0.0/15">198.18.0.0/15</a><br>
<br>
#Multicast<br>
ExitPolicy reject <a href="http://224.0.0.0/4">224.0.0.0/4</a><br>
<br>
ExitPolicy accept *:*<br>
<br>
<br>
Steve<br>