[tor-relays] Reduced exit and not IPv4 exit traffic at all

[Martin Gebhardt]

Hi ,

I would try the following:

ExitPolicy accept [::]:20-21 # FTP, SSH, telnet
ExitPolicy accept [::]:23 # FTP, SSH, telnet
ExitPolicy accept [::]:43 # WHOIS
[..]
ExitPolicy reject *:*

I would recommend that you block outgoing email ports instead of trying 
to block out all IPv4 traffic. I've never had any problems with ISPs and 
I ban outgoing email and SSH.
I'm not happy with it, but it's better than being discredited by ISPs.

On 2/16/22 13:45, yl wrote:
> Hello all,
> how can I used a reduced exit policy and don't allow any IPv4 exit traffic?
> 
> The following line in the top of all the ExitPolicy lines in torrc seems 
> not to work.
> ExitPolicy reject 0.0.0.0:*
> 
> What is the order I needed here, first "reject" and then accept or the 
> other way around?
> 
> Reduced Exit policy like here:
> https://gitlab.torproject.org/legacy/trac/-/wikis/doc/ReducedExitPolicy
> 
> Webtropia was a bit unhappy lately when UCEprotect listed the whole /24 
> for some reason I still don't understand.
> 
> But then I thought, why not disable IPv4 exit traffic, there is so many 
> IPv6 resources that a IPv6 only Exit should still be fine.
> 
> Thanks
> yl
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x5472B866EA6CD3DD.asc
Type: application/pgp-keys
Size: 3151 bytes
Desc: OpenPGP public key
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20220217/763eca45/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20220217/763eca45/attachment-0001.sig>