I am running an exit node under reduced exit policy on a VPS. My provider requested that I block a specific IP address due to spam issues. I'm guessing I should add a line in the torrc file. Can anyone tell me the exact line I have to add to the torrc file to block the address?
Something like: "reject 12.34.567.89" ?
On 13-08-26 04:57 PM, Piotrkowska wrote:
I am running an exit node under reduced exit policy on a VPS. My provider requested that I block a specific IP address due to spam issues. I'm guessing I should add a line in the torrc file. Can anyone tell me the exact line I have to add to the torrc file to block the address?
Something like: "reject 12.34.567.89" ?
Yes that exit policy would work, assuming that your provider wants to block traffic from your exit node having that ip address as its *destination*. You could specify a specific port as well, to avoid blocking non-spam traffic of different types to that machine.
If your provider intends for traffic having that ip address as its *origin* to be blocked, you will not be able to do so at your exit node. I don't know of any such thing as an "entry policy" nor recommendations for tor relay operators other than using good security practices to fend off attacks.
For an enter policy, there is the ExcludeNodes config option, which defines relays or locales never to be used in circuits.
On Mon, Aug 26, 2013 at 11:48 PM, krishna e bera keb@cyblings.on.ca wrote:
On 13-08-26 04:57 PM, Piotrkowska wrote:
I am running an exit node under reduced exit policy on a VPS. My provider requested that I block a specific IP address due to spam issues. I'm guessing I should add a line in the torrc file. Can anyone tell me the exact line I have to add to the torrc file to block the address?
Something like: "reject 12.34.567.89" ?
Yes that exit policy would work, assuming that your provider wants to block traffic from your exit node having that ip address as its *destination*. You could specify a specific port as well, to avoid blocking non-spam traffic of different types to that machine.
If your provider intends for traffic having that ip address as its *origin* to be blocked, you will not be able to do so at your exit node. I don't know of any such thing as an "entry policy" nor recommendations for tor relay operators other than using good security practices to fend off attacks. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Also I believe you have to add this "reject" BEFORE any "allow" lines in your torrc (if any). The parsing just stops at the first match, so if an "allow" is matched before this "reject", the traffic will be allowed.
----- My full signature with lots of links etc.https://bittit.info/publicDro/signature.html
On Mon, Aug 26, 2013 at 11:57 PM, Piotrkowska piotrkowska@riseup.netwrote:
I am running an exit node under reduced exit policy on a VPS. My provider requested that I block a specific IP address due to spam issues. I'm guessing I should add a line in the torrc file. Can anyone tell me the exact line I have to add to the torrc file to block the address?
Something like: "reject 12.34.567.89" ? _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays@lists.torproject.org
-
Konstantinos Asimakis -
krishna e bera -
Niles Rogoff -
Piotrkowska