[tor-relays] IPv6 Only Exit Node

[Martin Kepplinger]

Am 2015-12-15 um 18:23 schrieb Hans Wurscht:
> Hi
> 
> I would like to operate an IPv6 only exit node. I.e. it's fine if tor
> relays through IPv4, but I want exiting traffic only through IPv6
> (because I don't want my (only) IPv4 to be blocked, abused and such).
> 
> The way I thought this would work is with the ExitPolicy set as below.
> But atlas says my IPv6 Exit Policy Summary would be "ExitPolicy reject
> *:*".
> 
> Now I'm wondering if my ExitPolicy is wrong defined or if that's a bug
> of some kind.
> 
> I'm running Tor v0.2.7.5 (git-6184c873e90d93b2) on Linux with Libevent
> 2.0.21-stable, OpenSSL 1.0.1k and Zlib 1.2.8.
> 
> # No IPv4 exit, no exit to my own subnet, no exit to private network, no
> exit to link local
> ExitPolicy reject6 [2A02:168:4A06::]/42:*  # Block my subnet
> ExitPolicy reject6 [FC00::]/7:*            # Block private IPv6
> ExitPolicy reject6 [FE80::]/10:*           # Block link-local IPv6
> ExitPolicy reject6 [2002::]/16:*           # Block 6to4 addresses
> ExitPolicy reject6 *:25                    # SMTP
> ExitPolicy reject6 *:119                   # NNTP
> ExitPolicy reject6 *:135-139               # NetBIOS
> ExitPolicy reject6 *:445                   # Microsoft AD
> ExitPolicy reject6 *:563                   # NNTP over TLS
> ExitPolicy reject6 *:1214                  # Kazaa
> ExitPolicy reject6 *:4661-4666             # ?
> ExitPolicy reject6 *:6346-6429             # Gnutella
> ExitPolicy reject6 *:6699                  # WinMX
> ExitPolicy reject6 *:6881-6999             # BitTorrent
> ExitPolicy accept6 *:*                     # All else
> ExitPolicy reject private:*                # Block private IPv4
> ExitPolicy reject *:*                      # Block all IPv4
> 
> ## If set, and we are an exit node, allow client to use us for IPv6 traffic
> IPv6Exit 1
> 
> 

See
https://lists.torproject.org/pipermail/tor-relays/2015-August/007612.html