[tor-bugs] #5376 [Tor Relay]: The ExitPolicyRejectPrivate option seems to be ignored
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Mar 13 13:02:23 UTC 2012
#5376: The ExitPolicyRejectPrivate option seems to be ignored
-----------------------+----------------------------------------------------
Reporter: kevin | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by arma):
Replying to [ticket:5376 kevin]:
> Note that `ExitPolicyRejectPrivate` `0` is implicitly set by enabling
`TestingTorNetwork`.
Right. You haven't shown a descriptor here -- what does the exit policy
section in the descriptor look like?
> A typical client's log shows the following error message when trying to
connect to a destination on a private address:
>
> `Mar 13 07:55:51.000 [notice] No Tor server allows exit to 10.0.6.1:100.
Rejecting.`
My first thought is that the client doesn't know about any relays.
Speaking of which! Tor 0.2.3 uses microdescriptors, rather than
descriptors. So the relay will be publishing a descriptor to the directory
authorities, and the directory authorities will be producing a microdesc-
consensus and microdescs. Clients should have these files:
{{{
-rw------- 1 arma arma 565725 Mar 13 08:44 cached-microdesc-consensus
-rw------- 1 arma arma 2656826 Mar 11 13:42 cached-microdescs
-rw------- 1 arma arma 448091 Mar 13 08:44 cached-microdescs.new
}}}
and microdescs don't specify addresses, just ports.
I wonder if we have broken ExitPolicyRejectPrivate in 0.2.3.x, not just
for TestingTorNetwork.
Suggested workaround for now: set "UseMicrodescriptors 0" in your torrcs.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5376#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list