vidalia and new firewall config

Robert Hogan robert at
Sun Aug 26 14:47:14 UTC 2007

On Thursday 23 August 2007 07:38:25 Roger Dingledine wrote:
> Hi Matt, others,
> Here are some early thoughts on GUI layout for Tor's firewall features.
> There are four features we'd like to get in sometime:
> 1) ReachableAddresses with a set of allowed ports, defaulting to 80,443.
> 2) Http{,s}Proxy with a username/password option.
> 3) I need to use a bridge.
> 4) I want to be a bridge.
> So I propose changes to two places:
> ---------------------------------------------------------------------
> First, a new page of Settings, perhaps between General and Server,
> named "Firewall" or maybe "Network".
> 1) At the top, there's a checkbox named
> "My firewall only lets certain ports out". When clicked, there's a
> textbox that defaults to "80, 443". Maybe the textbox is greyed out when
> it's not clicked, or maybe it's not there at all. When the textbox is
> at the default, we can setconf FascistFirewall=1, otherwise we setconf
> ReachableAddresses to *:"these ports".

So is fascistfirewall no longer deprecated?

> 4) The other change is to the 'Server' window. Right now it has only one
> main option, which is 'Relay traffic for the Tor network'. It should
> have a second choice, right under that, which is 'Help censored users
> reach the Tor network'.
> If either of the checkboxes is checked (you can't check both), then the
> rest of the window shows up as it does now (but a little bit farther down
> to accomodate that extra line). If we're choosing the 'help censored
> users' one, then the defaults are different: the ORPort is 443, the
> dirport is on (but still 9030), the exit policies are all 'reject',
> and the bandwidth is on its lowest setting (which appears to be 256 Kbps).

Choosing 443 makes this hard to implement because Tor has to be started as 
root to bind to it.  Would it be as well to suggest a popular high-numbered 
port such as 8080? 

Does the bridge still need to do  PublishServerDescriptor 0?


Browse Anonymously Anywhere	-
TorK	- KDE Anonymity Manager	-
KlamAV	- KDE Anti-Virus 	-

More information about the tor-dev mailing list