[tor-relays] webiron requesting to block several /24 subnet
Josef 'veloc1ty' Stautner
hello at veloc1ty.de
Mon Nov 16 12:20:42 UTC 2015
Maybe something to add because I ran into a mistake:
ExitPolicy is a first match szenario.
The reject rules for abuse reports and stuff has to be the first one,
afterwards your accept rules and then a reject *:*.
For exampe my current policy is:
ExitPolicy reject 5.133.182.0/24 # WebIron report
ExitPolicy reject 80.14.2.87/16 # [Ticket ID: 960950]
ExitPolicy reject 37.247.48.0/21 # #214673
ExitPolicy reject 62.67.194.130 # [Ticket ID: 869382]
ExitPolicy accept *:53 # DNS
ExitPolicy accept *:80 # HTTP
ExitPolicy accept *:8080 # HTTP
ExitPolicy accept *:443 # HTTPS
ExitPolicy reject *:*
~Josef
Am 16.11.2015 um 13:01 schrieb Tim Wilson-Brown - teor:
>
>> On 16 Nov 2015, at 22:58, Cristian Consonni <kikkocristian at gmail.com
>> <mailto:kikkocristian at gmail.com>> wrote:
>>
>> Ok, so you did block a range for a limited period. I will need to
>> learn how to do that.
>
> Try:
> ExitPolicy reject4 1.2.3.4/24:*
>
> There's an extensive description of ExitPolicy in the tor man page.
>
> Tim
>
> Tim Wilson-Brown (teor)
>
> teor2345 at gmail dot com
> PGP 968F094B
>
> teor at blah dot im
> OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20151116/60d49dec/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20151116/60d49dec/attachment-0001.sig>
More information about the tor-relays
mailing list