Opened 15 years ago

Last modified 7 years ago

#128 closed enhancement (Fixed)

Private nets should be rejected unless explicitly accepted

Reported by: thomass Owned by:
Priority: Low Milestone:
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: thomass Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Private networks (192.168., 10.0.0, ...) should be rejected unless the administrator explicitly adds an accept policy.

Instead of a exit policy like this:
ExitPolicy accept *:53
ExitPolicy accept *:443
ExitPolicy reject *:*

The current setup forces the administrator to use a unnecessary complex exit policy:
ExitPolicy reject 0.0.0.0/8:*
ExitPolicy reject 169.254.0.0/16:*
ExitPolicy reject 127.0.0.0/8:*
ExitPolicy reject 192.168.0.0/16:*
ExitPolicy reject 10.0.0.0/8:*
ExitPolicy reject 172.16.0.0/12:*
ExitPolicy accept *:53
ExitPolicy accept *:443
ExitPolicy reject *:*

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (4)

comment:1 Changed 14 years ago by phobos

I want to see this taken one step forward and list the entire default exitpolicy in the config file, rather than in code. We can have the default config policy uncommented; and therefore activated. This will allow everyone to clearly see
what is accepted and rejected by default.

comment:2 Changed 14 years ago by arma

With 0.1.1.13-alpha, there's a new config option ExitPolicyRejectPrivate that
defaults to 1. Now you have to explicitly disable this in order to allow
exiting to private IP space.

comment:3 Changed 14 years ago by arma

flyspray2trac: bug closed.

comment:4 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.