[tor-bugs] #8728 [Stem]: Expand tutorial to include exit scanning

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat May 25 03:52:33 UTC 2013 

#8728: Expand tutorial to include exit scanning
-------------------------+--------------------------------------------------
 Reporter:  atagar       |          Owner:  atagar        
     Type:  enhancement  |         Status:  needs_revision
 Priority:  normal       |      Milestone:                
Component:  Stem         |        Version:                
 Keywords:  website      |         Parent:                
   Points:               |   Actualpoints:                
-------------------------+--------------------------------------------------

Comment(by atagar):

 > Should the info text showcasing the stream events go as well?

 That's definitely an interesting idea, but lets initially keep the example
 simple initially. Maybe just printing the exits as we use them (with a
 message if we encounter an issue).

 > Turns out exit_policy.can_exit_to() responds in an interesting manner
 when only the port parameter is provided, and when I run your script
 against the US locale, it returned ~10 exit nodes, none of them being
 really usable as far as I can tell

 Oops, I should have included the strict flag. Those relays are being
 returned because they *do* allow exiting on port 443... but only for one
 IP.

 {{{
 Exit policy of 810962DC3C058C757070420E9A9497532BB8185A:
   accept 69.28.72.78:443
   accept 69.28.72.78:6697
   reject *:*

 Exit policy of 315D5684D5343580D409F16119F78D776A58AEFB:
   accept 173.236.34.122:80
   accept 173.236.34.122:443
   accept 173.236.34.123:80
   accept 173.236.34.123:443
   reject *:*
 }}}

 Originally 'strict' was the default so it would only match if the relay
 accepted all 443 traffic but some users found that unintuitive.

 > Anyhow passing strict = True along (or specifying the address) with
 desired port solves the issue and gives us a healthy number of exit nodes.

 Glad to hear! When you provide an IP address the 'strict' flag doesn't do
 anything. As the pydocs mention that only effects how an undefined address
 or port is handled.

 > I'm yet unsure how to get the cert checking in urllib with socks but I
 should figure it out in a few days' time and deliver the code,
 pep8-approved this time around ;).

 Great. Looking forward to it!

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8728#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list