"Actually they are horrible."<br><br>Why?<br><br>"They already are out of date and would reject proper directory requests."<br><br>OK, good to know.<br>Do you think better rules, or rules that don't break server requests, could be achieved?
<br><div><span class="gmail_quote"><br>"</span>Please don't do stuff like this."<br><br>Why not? I don't see any problem in validating/checking the behavior or request/fingerprints of incoming connections to Tor, so long as it doesn't break Tor (hence QA testing after R&D). Why would checking input be a bad thing?
<br><br><br><br><br><span class="gmail_quote">On 8/14/07, <b class="gmail_sendername">Peter Palfrader</b> <<a href="mailto:peter@palfrader.org">peter@palfrader.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Tue, 14 Aug 2007, Kyle Williams wrote:<br><br>>> SecRule REQUEST_URI "!^/tor/server/authority$" "chain,msg:'Badly formed uri'"<br>>> SecRule REQUEST_URI "!^/tor/status/all$" "chain"
<br>>> SecRule REQUEST_URI "!^/tor/running-routers$" "chain"<br>>> SecRule REQUEST_URI "!^/tor/dir\.z$" "chain"
<br>>> SecRule REQUEST_URI "!^/tor/server/(?>d|fp)/(?>[A-F0-9]{40})(?>\+[A-F0-9]{40})*\.z$" "chain"<br>>> SecRule REQUEST_URI "!^/tor/status/fp/[A-F0-9]{40}(?>\+[A-F0-9]{40})*\.z$"
<br><br>> Nice! Thank you for that helpful information.<br>> I will definitely take note of that with the next version of JanusVM.<br>> Strict rules such as these are a very good idea, because it never hurts to<br>
> check your input before processing it.<br><br>Actually they are horrible. They already are out of date and would<br></blockquote><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
reject proper directory requests. Please don't do stuff like this.<br><br>--<br> | .''`. ** Debian GNU/Linux **<br> Peter Palfrader | : :' : The universal<br> <a href="http://www.palfrader.org/">
http://www.palfrader.org/</a> | `. `' Operating System<br> | `- <a href="http://www.debian.org/">http://www.debian.org/</a><br></blockquote></div><br>