[tor-bugs] #11264 [Tor]: Relay has Exit flag but short policy says reject *?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Oct 17 15:56:41 UTC 2014
#11264: Relay has Exit flag but short policy says reject *?
-------------------------+-------------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: needs_revision
Priority: normal | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-auth, 026-triaged-1, nickm-
Actual Points: | patch needs-proposal
Points: | Parent ID:
-------------------------+-------------------------------------------------
Comment (by teor):
In the meantime, where can we (more clearly) document the difference
between policy_summarize() and Exit? It's obviously causing some
confusion.
What do you think of this draft?
* policy_summarize() lists exit ports that are allowed to the whole
internet; or exit ports that are blocked to one or more internet addresses
(whichever list is shorter).
* Exit is applied to routers that allow exits to at least two of the HTTP,
HTTPS, and IRC ports; and allow exits to at least 1/256 of the IPv4
internet.
To check:
* does policy_summarize() work the same for IPv4 and IPv6?
* how does "Exit" work for IPv6?
Next Steps:
* Put my white hat on and determine a set of pathological cases
* Create test cases for these cases (?)
* Check the current consensus for cases with: Exit & Reject 1-65535; No
Exit & Accept 1-65535 (?)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11264#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list