[tor-talk] RFC1918 addresses on outside interface
Paul Syverson
syverson at itd.nrl.navy.mil
Fri Nov 30 15:07:49 UTC 2012
On Wed, Nov 28, 2012 at 11:37:29PM -0000, temp5 at tormail.org wrote:
> > Running a non-exit Tor relay on Linux and have iptables set up to block
> > inbound and outbound RFC1918 addresses on the outside interface. Notice in
> > the firewall logs several seemingly random private IP addresses connection
> > attempts to my relay port getting dropped on the outside over the past few
> > months. The MAC address associated with these matches my ISP's default
> > gateway.
> >
> > Does Tor do some type of loopback on the outside int.? Or is my ISP doing
> > something peculiar with NAT?
>
> Assuming it's my ISP, is there any way to configure my relay to discourage
> clients in my AS from using it as an entry point?
Could you say more about why you would want to do that? I ask because
this increases those clients' risk from an AS-level attacker by
mandating an increase in the number of ASes that must be traversed
between client and entry node.
-Paul
More information about the tor-talk
mailing list