On 06 Jul 2016, at 04:29, Ivan Markin twim@riseup.net wrote:
simon:
If I understood the documentation correctly, as a node operator I can't blacklist hosts individually (unless I'm putting them into MyFamily, which I don't want to).
AFAIK, there is no option in tor itself to exclude relays from the routing.
But you're still able to restrict connections with these nodes using plain blocking at your firewall. So circuits through these relays are not able to be built anymore. [Note also, that it makes performance poorer compared to the case when it's defined by policy].
In case of PF it looks like:
{{{ table <bad-onions> { 0.0.0.0 }
block in quick on egress from <bad-onions> to any block out quick on egress from any to <bad-onions> }}}
This is a good way to get marked as a bad relay. Please never actually do this on a relay in the Tor network.