Exit policy for ASN-based allow
We need to integrate ASNs into configurations for exit nodes. This should allow ln5 to set an exit policy that allows for policies based on a single ASN or a list of ASNs.
A very easy way to accomplish this is to modify the exit policy checking code on the exit node and before the last policy is applied.
As an example, we'd add the right headers for IP to ASN and then after a DNS resolve, we check the IP:port against the IP to ASN database and if it matches the allowed ASNs, we pass the policy test.
This does not actually enable the client or any client to use these exits but it does mean that the exit can signal, locally, a policy related to ASN.
We should also write a proposal to decide how clients use ASN exit policies safely.