Is exit policy broken?

Bob tor at alloy.neomailbox.net
Thu Jun 30 23:06:09 UTC 2005


The version of tor is  0.1.0.10 on winxp sp2, and I did restart it.  I
always get something in the 66.35.250.0/24 range for slashdot, here's a
lookup;

Looking up at the 5 slashdot.org. parent servers:

Server					Response		Time
ns1.osdn.com 	[66.35.250.10]	66.35.250.150 	108ms
ns1.vasoftware.com [12.152.184.135]	66.35.250.150 	109ms
ns2.osdn.com 	[66.35.250.11]	66.35.250.150 	109ms
ns3.vasoftware.com [66.35.250.12]	66.35.250.150 	109ms
ns2.vasoftware.com [12.152.184.136]	[Error: Socket error 10054 [s=4728
tcp=0]]	218ms

So, as far as I know these are the correct address ranges (thereabouts...).
I don't know if the behavior was duplicated  in previous versions.

Btw, for now it is set up with reject *:* (middleman only), until I figure
this out, so are these entries normal for that?

Jun 30 16:04:25.875 [info] connection_edge_finished_connecting(): Exit
connection to 69.44.153.178:2710 established.
Jun 30 16:04:25.890 [info] connection_edge_finished_connecting(): Exit
connection to 83.140.65.130:80 established.

Or, am I misreading what the log means by "Exit connection"?

-Bob

-----Original Message-----
From: owner-or-talk at freehaven.net [mailto:owner-or-talk at freehaven.net] On
Behalf Of Roger Dingledine
Sent: Thursday, June 30, 2005 3:28 PM
To: or-talk at freehaven.net
Subject: Re: Is exit policy broken?

On Thu, Jun 30, 2005 at 12:49:12PM -0700, Bob wrote:
> Hi-
>   I have the following statement in my exit policy:
>
> ExitPolicy reject 66.35.250.0/24
>
> This is the first line in my exit policy.
> Yet, in my info file, I have several entries showing connections
established
> to *.slashdot.org:

Which Tor server is this?

Which version of Tor?

Are you sure it is running with the exit policy you described? That
is, you restarted (or hupped) it after changing the torrc.

Is your DNS server always returning an IP for slashdot.org that's
within the range in your line above, or is it (sometimes) returning some
other IP?

Does this behavior show up for you with earlier versions of Tor too?

Thanks,
--Roger





More information about the tor-talk mailing list