On Wednesday, February 16, 2022 1:45:51 PM CET yl wrote:
how can I used a reduced exit policy and don't allow any IPv4 exit traffic?
I don't think IPv6 only works. AFAIK, exits must have at least port 80,443 and 53 open on IPv4.
The following line in the top of all the ExitPolicy lines in torrc seems not to work. ExitPolicy reject 0.0.0.0:*
What are you putting them for? All private addresses are rejected by default.
What is the order I needed here, first "reject" and then accept or the other way around?
No, as always, first come first served.
Reduced Exit policy like here: https://gitlab.torproject.org/legacy/trac/-/wikis/doc/ReducedExitPolicy
You can also take it like this. I would also delete port 22, then there would be fewer abuse mails.
Before changing exit policies, read 'man torrc' carefully. SERVER OPTIONS ExitPolicy* and IPv6Exit.
But then I thought, why not disable IPv4 exit traffic, there is so many IPv6 resources that a IPv6 only Exit should still be fine.
Unfortunately, the IPv6 traffic on my relays is often close to 0 for months.