[tor-talk] Disable anything but hidden services

Andreas Krey a.krey at gmx.de
Wed Sep 5 07:15:10 UTC 2012


On Wed, 05 Sep 2012 02:15:21 +0000, Justin Aplin wrote:
...
> ExitPolicy accept 127.0.0.1:*
> ExitPolicy reject *:*
> 
> This will allow exiting (connecting) to the local machine (where the hidden service should be listening) on all ports, and reject all other traffic.

No, you don't need an ExitPolicy; hidden services are independent of
the exit policies, which control non-hidden service access. That
accept line either has unfortunate consequence (allowing acces to
*all* local services), or may be ignored altogether.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800


More information about the tor-talk mailing list