[tor-relays] firewalled relays

tagnaq tagnaq at gmail.com
Fri Jun 3 14:13:18 UTC 2011

Hash: SHA512

On 06/03/2011 03:55 PM, Jesus Cea wrote:
> I guess tor.conf could have a directive as "never connect to this port".
> I know my situation is a bit particular, I fully realize, though.

That is what feature request #3028 is all about, but this information
must be published in descriptor because it is the client who selects all
3 hops and their order and the client needs to be aware of these
restrictions when selecting relays.
I suppose a feature like #3028 would only be used by very few relays and
at the same time introduce larger descriptors and more complexity, so
the effort vs. improvement is currently probably not worth the effort.

> Anyway, I am tunneling quite a bit of traffic, so I hope I am being
> useful, even if not useful to everybody. With your comments I am afraid
> that I could be punishing the network because people trying to go thru
> me could be unable to create some circuits in an silent way, bringing
> connection delays and a general sense of unrealibility.
> I accept suggestions.

I think it depends on how many circuits you are actually breaking.
If one out of 1000 circuits through your relay are failing because you
filter 443 while relaying 50Mbit/s I would find it acceptable,
but I fear it are far more. Do you have any stats? (I'm not sure how to
gather them.)
Mikes opinion is also be very valuable on such topics.



More information about the tor-relays mailing list