commit 1a49fdecf89c44cb4b2975caf5a22b16f15a2a83 Author: Nick Mathewson nickm@torproject.org Date: Tue Apr 5 15:01:19 2011 -0400

Tweaks to Cagara's CountPrivateBandwidth patch:

- Document it in the manpage - Add a changes entry - No need to log when it is set: we don't log for other options. - Use doxygen to document the new flag. - Test truth of C variables with "if (x)", not "if (x == 1)". - Simplify a complex boolean expression by breaking it up. --- changes/bug2559 | 6 ++++++ doc/tor.1.txt | 7 +++++++ src/or/config.c | 5 ----- src/or/connection.c | 10 ++++++---- src/or/or.h | 5 +++-- 5 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/changes/bug2559 b/changes/bug2559 new file mode 100644 index 0000000..9715eaf --- /dev/null +++ b/changes/bug2559 @@ -0,0 +1,6 @@ + o Minor features: + - Ordinarily, Tor does not count traffic from private addresses + (like 127.0.0.1 or 10.0.0.1) when calculating rate limits or + accounting. There is now a new option, CountPrivateBandwidth, to + disable this behavior. Patch from Daniel Cagara. + diff --git a/doc/tor.1.txt b/doc/tor.1.txt index eaebf44..5a70cd2 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -437,6 +437,12 @@ Other options can be specified either on the command-line (--option and you're running on Windows, setting this option to 1 will tell Libevent not to use the Windows IOCP networking API. (Default: 1)

+**CountPrivateBandwidth** **0**|**1**:: + If this option is set, then Tor's rate-limiting applies not only to + remote connections, but also to connections to private addresses like + 127.0.0.1 or 10.0.0.1. This is mostly useful for debugging + rate-limiting. (Default: 0) + CLIENT OPTIONS --------------

@@ -1342,6 +1348,7 @@ The following options are used for running a testing Tor network. AuthDirMaxServersPerAuthAddr 0 ClientDNSRejectInternalAddresses 0 ClientRejectInternalAddresses 0 + CountPrivateBandwidth 1 ExitPolicyRejectPrivate 0 V3AuthVotingInterval 5 minutes V3AuthVoteDelay 20 seconds diff --git a/src/or/config.c b/src/or/config.c index 9d782b9..e6322cb 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -2958,11 +2958,6 @@ options_validate(or_options_t *old_options, or_options_t *options, tor_assert(msg); *msg = NULL;

- // Cagara: Tell us if we use the private network fix! - if(options->CountPrivateBandwidth == 1) { - log_notice(LD_CONFIG, "Private bandwidth will be treated as normal traffic."); - } - if (options->ORPort < 0 || options->ORPort > 65535) REJECT("ORPort option out of bounds.");

diff --git a/src/or/connection.c b/src/or/connection.c index 953f402..33f9af6 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -1954,10 +1954,12 @@ static int connection_is_rate_limited(connection_t *conn) { or_options_t *options = get_options(); - if (conn->linked || /* internal connection */ - (options->CountPrivateBandwidth==1 && ( tor_addr_family(&conn->addr) == AF_UNSPEC || /* no address */ - tor_addr_is_internal(&conn->addr, 0)))) /* internal address */ - return 0; + if (conn->linked) + return 0; /* Internal connection */ + else if (options->CountPrivateBandwidth && + (tor_addr_family(&conn->addr) == AF_UNSPEC || /* no address */ + tor_addr_is_internal(&conn->addr, 0))) + return 0; /* Internal address */ else return 1; } diff --git a/src/or/or.h b/src/or/or.h index fb68d44..c134d7c 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2868,8 +2868,9 @@ typedef struct { /** Boolean: if set, we start even if our resolv.conf file is missing * or broken. */ int ServerDNSAllowBrokenConfig; - int CountPrivateBandwidth; // Cagara: Flag to allow private addresses counting to bucket size - + /** Boolean: if set, then even connections to private addresses will get + * rate-limited. */ + int CountPrivateBandwidth; smartlist_t *ServerDNSTestAddresses; /**< A list of addresses that definitely * should be resolvable. Used for * testing our DNS server. */