-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hi,
I just activated IPv6 support for my two exit relays today, but I do not unterstand/misconfigured the exit policies.
I just want to open certain ports at IPv4 (the common known reduced exit policy) and open all Ports at IPv6 except 25. How do I configure such a thing?
Current sample config is:
[snip] IPv6Exit 1 ExitPolicy accept6 *:* ExitPolicy reject6 *:25
[full reduced exitpolicies snipped out] ExitPolicy accept *:50002 # Electrum Bitcoin SSL ExitPolicy accept *:64738 # Mumble ExitPolicy reject *:*
But at Globe only this is visible: https://globe.torproject.org/#/relay/F5B1FC9038A5A65FF16D6729AAB2AEDD67F D2F2A https://globe.torproject.org/#/relay/D9D7A9C203C99945D0DCBD545A20C0CB936 7C742
Can someone help me out there?
Cheers!
spriver
If I recall correctly: Policies with '*' for the address count as both ipv4 and v6 policies, it is possible to use 0.0.0.0 for v4 and [::] (I think) for v6-specfic policies.
spriver:
Hi,
I just activated IPv6 support for my two exit relays today, but I do not unterstand/misconfigured the exit policies.
I just want to open certain ports at IPv4 (the common known reduced exit policy) and open all Ports at IPv6 except 25. How do I configure such a thing?
Current sample config is:
[snip] IPv6Exit 1 ExitPolicy accept6 *:* ExitPolicy reject6 *:25
[full reduced exitpolicies snipped out] ExitPolicy accept *:50002 # Electrum Bitcoin SSL ExitPolicy accept *:64738 # Mumble ExitPolicy reject *:*
But at Globe only this is visible: https://globe.torproject.org/#/relay/F5B1FC9038A5A65FF16D6729AAB2AEDD67F D2F2A https://globe.torproject.org/#/relay/D9D7A9C203C99945D0DCBD545A20C0CB936 7C742
On 12 Aug 2015, at 08:53 , ncl@cock.li wrote:
If I recall correctly: Policies with '*' for the address count as both ipv4 and v6 policies, it is possible to use 0.0.0.0 for v4 and [::] (I think) for v6-specfic policies.
Or *4 and *6, respectively, which expand to 0.0.0.0 and [::].
So the lines could look like:
IPv6Exit 1
By the way, these two lines are in the wrong order if you intend to block 25 and permit everything else. They permit everything and then the next line is ignored.
ExitPolicy accept6 *6:* ExitPolicy reject6 *6:25
[full reduced exitpolicies snipped out] ExitPolicy accept *4:50002 # Electrum Bitcoin SSL ExitPolicy accept *4:64738 # Mumble ExitPolicy reject *4:*
spriver:
Hi,
I just activated IPv6 support for my two exit relays today, but I do not unterstand/misconfigured the exit policies.
I just want to open certain ports at IPv4 (the common known reduced exit policy) and open all Ports at IPv6 except 25. How do I configure such a thing?
Current sample config is:
[snip] IPv6Exit 1 ExitPolicy accept6 *:* ExitPolicy reject6 *:25
[full reduced exitpolicies snipped out] ExitPolicy accept *:50002 # Electrum Bitcoin SSL ExitPolicy accept *:64738 # Mumble ExitPolicy reject *:*
But at Globe only this is visible: https://globe.torproject.org/#/relay/F5B1FC9038A5A65FF16D6729AAB2AEDD67F D2F2A https://globe.torproject.org/#/relay/D9D7A9C203C99945D0DCBD545A20C0CB936 7C742
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor)
teor2345 at gmail dot com pgp ABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5
teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
tor-relays@lists.torproject.org
-
ncl@cock.li -
spriver -
teor