On Sun, 06 Jul 2025 19:13:36 +0000 admin--- via tor-relays <tor-relays@lists.torproject.org> wrote:
I've noticed that the non-publicly routable CGNAT subnet of 100.64.0.0/10 is not in the default exit policy reject list like 192.168/16 and 10/8 are. This range is not publicly routed, and should never need to be accessed from a Tor exit.
Sorry for the late answer, I noticed that this range has been added in tor_addr_is_internal_() now. Anyway, shouldn't TOR ExitPolicy reject all special IP ranges? See https://en.wikipedia.org/wiki/Reserved_IP_addresses DS-Lite (192.0.0.0/24) seems to be some kind of CG-nat too. Isn't 198.18.0.0/15 a private range, like RFC 1918? 224.0.0.0/4 and 255.255.255.255 should be probably be blocked too, as well as ff00::/8 I did not look deep into all the IPv6 special ranges. Currently reserved IP ranges are not routed but may be revived later and have security consequences My 2 ¢