On 5 Sep 2018, at 02:36, Damian Johnson atagar@torproject.org wrote:
Nyx's 'should this be scrubbed' check is pretty simple [1]. Inbound addresses are scrubbed if...
- You're configured to accept user traffic (ie. you set BridgeRelay
in your torrc or have receive the Guard flag). [2]
There are so many edge cases for this check.
Flags are a *recommendation* to clients. They don't force clients to behave a certain way.
For example: * clients connecting via bridges can use a middle node as their second hop. These middle nodes will leak bridge addresses via nyx. * clients and relays can have different consensuses: * if a relay loses the Guard flag, and finds out earlier than its clients, nyx will stop protecting those clients * if a client finds out before the relay, nyx won't protect those clients * some Tor client versions don't check the guard flag at all. Others keep their guards, even if they lose the flag * middle and exit relays can be used as bridges, even if they don't set BridgeRelay * older Tor versions have a non-zero probability of choosing any relay as an entry, even if it doesn't have the guard flag * various config options make tor clients ignore the Guard flag
Please only show an IP if the relay is already public in the consensus.
- The connection doesn't belong to a another tor relay. [3]
[1] https://gitweb.torproject.org/nyx.git/tree/nyx/panel/connection.py#n230 [2] https://gitweb.torproject.org/stem.git/tree/stem/control.py [3] In particular, we check if the address/port is in the consensus.
You could also check if the connection is authenticated to a public relay. But the IP check works in most cases, and if it fails, it's ok to keep more info private.
T