No port IPv4 80 so not an called exit even when 443 open wide.
It is now out of date that Tor servers are required to have port 80 IPv4 open, even if limited to a single Class A network in order that the relay can be labelled as an exit. Port 443 should be enough. For reasons I do not understand, if I open port IPv4 80 to a wider range I get abuse notices within a day, usually DMCA, as if some man in the middle is scanning the html! So far, wide open IPv6 port 80 attracts zero attention from those alleging abuse. http://example.com called as an IPv4 address cannot be reached by my tor exits as port 80 IPv4 too limited. Port 443 IPv4 and IPv6 on my exits are wide open to all, and we should all be on https anyway. https://example.com can be reached from my exits. Example.com does have an IPv6 address so in theory can be reached from my exits on port 80 as IPv6 port 80 is wide open I assume not used as the DNS requested for example.com gives IPv4 address. Can an Exits now be defined as an exit with port 443 open IPv4? And then tested that is an exit with https requests not http. Gerry Bulger
No response! It seems I am alone in feeling it is an anachronism to require IPv4 open to Class A at least for a relay to be called an exit. Is it not an issue for anyone else? I got bad exit badge, to my shame, because of a narrow port 80 exit, despite 443 being wide open on IPv4 and IPv6 and port 80 wide open on IPv6. 443 should be the marker as an exit these days. Gerry From: tor-relays <tor-relays-bounces@lists.torproject.org> On Behalf Of Dr Gerard Bulger Sent: 11 December 2020 17:14 To: tor-relays@lists.torproject.org Subject: [tor-relays] No port IPv4 80 so not an called exit even when 443 open wide. It is now out of date that Tor servers are required to have port 80 IPv4 open, even if limited to a single Class A network in order that the relay can be labelled as an exit. Port 443 should be enough. For reasons I do not understand, if I open port IPv4 80 to a wider range I get abuse notices within a day, usually DMCA, as if some man in the middle is scanning the html! So far, wide open IPv6 port 80 attracts zero attention from those alleging abuse. http://example.com called as an IPv4 address cannot be reached by my tor exits as port 80 IPv4 too limited. Port 443 IPv4 and IPv6 on my exits are wide open to all, and we should all be on https anyway. https://example.com can be reached from my exits. Example.com does have an IPv6 address so in theory can be reached from my exits on port 80 as IPv6 port 80 is wide open I assume not used as the DNS requested for example.com gives IPv4 address. Can an Exits now be defined as an exit with port 443 open IPv4? And then tested that is an exit with https requests not http. Gerry Bulger
On 13.12.2020 18:32, Dr Gerard Bulger wrote:
It seems I am alone in feeling it is an anachronism to require IPv4 open to Class A at least for a relay to be called an exit. Is it not an issue for anyone else?
I got bad exit badge, to my shame, because of a narrow port 80 exit, despite 443 being wide open on IPv4 and IPv6 and port 80 wide open on IPv6.
443 should be the marker as an exit these days.
The Tor Dev's are currently working on full IPv6 support. An IPv6 exit with port 53,80,443 and only port 443 for IPv4 should then be allowed, my humble opinion. By the way, because of the abuse I have exit Port 22 only for IPv6.
It is now out of date that Tor servers are required to have port 80 IPv4 open, even if limited to a single Class A network in order that the relay can be labelled as an exit. Port 443 should be enough.
For reasons I do not understand, if I open port IPv4 80 to a wider range I get abuse notices within a day, usually DMCA, as if some man in the middle is scanning the html! So far, wide open IPv6 port 80 attracts zero attention from those alleging abuse.
http://example.com called as an IPv4 address cannot be reached by my tor exits as port 80 IPv4 too limited. Port 443 IPv4 and IPv6 on my exits are wide open to all, and we should all be on https anyway. https://example.com can be reached from my exits. Example.com does have an IPv6 address so in theory can be reached from my exits on port 80 as IPv6 port 80 is wide open I assume not used as the DNS requested for example.com gives IPv4 address.
Can an Exits now be defined as an exit with port 443 open IPv4? And then tested that is an exit with https requests not http.
-- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!
participants (2)
-
Dr Gerard Bulger -
lists@for-privacy.net