Hey all,
I was wondering what the minimum exit policy was (wrt port 80 and 443) for a Tor exit relay. I cant find any documentation about the minimum exit policy.
Is it possible to have an exit relay exit only to a /16 or a /8 on port 80 and 443?
I've tried having an exit policy that allows exiting to just a /16 on port 80 and 443 and it seems to not stick.
Best
I was wondering what the minimum exit policy was (wrt port 80 and 443) for a Tor exit relay.
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2294
"A router is called an 'Exit' iff it allows exits to at least two of the ports 80, 443, and 6667 and allows exits to at least one /8 address space."
As an aside, I just noticed there's a typo in the spec there at line 2294 -- it reads"iff" instead of "if".
"iff" is shorthand for "if and only if", as opposed to "if [and maybe otherwise]"
On 02/03/2017 12:16 AM, anondroid wrote:
I was wondering what the minimum exit policy was (wrt port 80 and 443) for a Tor exit relay.
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2294
"A router is called an 'Exit' iff it allows exits to at least two of the ports 80, 443, and 6667 and allows exits to at least one /8 address space."
As an aside, I just noticed there's a typo in the spec there at line 2294 -- it reads"iff" instead of "if".
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 3 Feb 2017, at 16:16, anondroid tor@anondroid.com wrote:
I was wondering what the minimum exit policy was (wrt port 80 and 443) for a Tor exit relay.
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2294
"A router is called an 'Exit' iff it allows exits to at least two of the ports 80, 443, and 6667 and allows exits to at least one /8 address space."
With the introduction of microdescriptors, exits that reject more than 2 IPv4 /8s are considered not to exit to "most addresses". So they are given port summaries that say they reject all ports, and clients won't use them.
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2110
For IPv6, Exits summarise their own ports in descriptors, and this is copied into their microdescriptor: * in master, Exits that reject more than an IPv6 /16 claim they reject all ports, * in all released versions of tor, Exits that reject any IPv6 address mistakenly say they reject all ports. This happens by default for IPv6 Exits with an ORPort on 0.2.8 and later.
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n565 https://trac.torproject.org/projects/tor/ticket/21357
As an aside, I just noticed there's a typo in the spec there at line 2294 -- it reads"iff" instead of "if".
"iif" is shorthand for "if and only if".
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------
tor-relays@lists.torproject.org
-
anondroid -
JovianMallard -
Mass Tor -
teor