Opened 4 years ago

Last modified 2 years ago

#17056 new enhancement

Do we need ExitPolicy private[4|6]:... ?

Reported by: teor Owned by:
Priority: Very Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.7
Severity: Normal Keywords: lorax, tor-relay exit-policy
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In #16069, we changed accept6/reject6 ... so they only produced IPv6 rules. But this doesn't apply to accept6/reject6 private:... , which still produces both IPv4 and IPv6 rules.

#16069 added a warning on accept6/reject6 private, infoming the user they're gettingn IPv4 and IPv6 rules.

Do we need a private4 or private6 alias for IPv4 and IPv6 private addresses, respectively? Does anyone want to specify treatment of IPv4 and IPv6 private addresses separately?

A workaround is to use a policy like:

accept *4:*
reject private:*
accept *6:*

Or to specify each private address range and local server address separately.

Child Tickets

Change History (5)

comment:1 Changed 4 years ago by teor

Priority: MediumVery Low
Severity: Normal
Type: defectenhancement

Given that tor ignores entries for the protocols we're not using, (and removes redundant entries after an accept/reject[6] *) it's unlikely we'll need this feature.

comment:2 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:3 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:4 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:5 Changed 2 years ago by nickm

Keywords: tor-relay exit-policy added
Note: See TracTickets for help on using tickets.