Opened 5 years ago

Closed 5 years ago

Last modified 4 years ago

#17181 closed defect (duplicate)

Block every ORPort IP address in ExitPolicyRejectPrivate, not just the first one

Reported by: teor Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version: Tor:
Severity: Normal Keywords: security
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


If multiple ORPort IP addresses are configured, block them all in ExitPolicyRejectPrivate.

I don't think this is a very common config, and the recent changes in #17027 probably cover most of these. (Except for multihomed relays behind NATs.)

Child Tickets

Change History (3)

comment:1 Changed 5 years ago by teor

Resolution: duplicate
Severity: Normal
Status: newclosed

#17027 resolves this issue by blocking all configured ports when ExitPolicyRejectPrivate is set.

comment:2 Changed 4 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:3 Changed 4 years ago by nickm

Milestone: Tor: 0.3.???

Milestone deleted

Note: See TracTickets for help on using tickets.