Re: [tor-relays] How to block IP address on exit node relay

2013-08-29 Thread Konstantinos Asimakis 
Also I believe you have to add this "reject" BEFORE any "allow" lines in
your torrc (if any). The parsing just stops at the first match, so if an
"allow" is matched before this "reject", the traffic will be allowed.

-
My full signature with lots of links
etc.


On Mon, Aug 26, 2013 at 11:57 PM, Piotrkowska wrote:

> I am running an exit node under reduced exit policy on a VPS. My provider
> requested that I block a specific IP address due to spam issues. I'm
> guessing I should add a line in the torrc file. Can anyone tell me the
> exact line I have to add to the torrc file to block the address?
>
> Something like: "reject 12.34.567.89" ?
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] How to block IP address on exit node relay

2013-08-26 Thread Niles Rogoff 
For an enter policy, there is the ExcludeNodes config option, which defines
relays or locales never to be used in circuits.


On Mon, Aug 26, 2013 at 11:48 PM, krishna e bera  wrote:

> On 13-08-26 04:57 PM, Piotrkowska wrote:
> > I am running an exit node under reduced exit policy on a VPS. My
> > provider requested that I block a specific IP address due to spam
> > issues. I'm guessing I should add a line in the torrc file. Can
> > anyone tell me the exact line I have to add to the torrc file to
> > block the address?
> >
> > Something like: "reject 12.34.567.89" ?
>
> Yes that exit policy would work, assuming that your provider wants to
> block traffic from your exit node having that ip address as its
> *destination*.  You could specify a specific port as well, to avoid
> blocking non-spam traffic of different types to that machine.
>
> If your provider intends for traffic having that ip address as its
> *origin* to be blocked, you will not be able to do so at your exit node.
>  I don't know of any such thing as an "entry policy" nor recommendations
> for tor relay operators other than using good security practices to fend
> off attacks.
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] How to block IP address on exit node relay

2013-08-26 Thread krishna e bera 
On 13-08-26 04:57 PM, Piotrkowska wrote:
> I am running an exit node under reduced exit policy on a VPS. My
> provider requested that I block a specific IP address due to spam
> issues. I'm guessing I should add a line in the torrc file. Can
> anyone tell me the exact line I have to add to the torrc file to
> block the address?
> 
> Something like: "reject 12.34.567.89" ?

Yes that exit policy would work, assuming that your provider wants to
block traffic from your exit node having that ip address as its
*destination*.  You could specify a specific port as well, to avoid
blocking non-spam traffic of different types to that machine.

If your provider intends for traffic having that ip address as its
*origin* to be blocked, you will not be able to do so at your exit node.
 I don't know of any such thing as an "entry policy" nor recommendations
for tor relay operators other than using good security practices to fend
off attacks.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] How to block IP address on exit node relay

2013-08-26 Thread Piotrkowska 
I am running an exit node under reduced exit policy on a VPS. My provider 
requested that I block a specific IP address due to spam issues. I'm guessing I 
should add a line in the torrc file. Can anyone tell me the exact line I have 
to add to the torrc file to block the address?

Something like: "reject 12.34.567.89" ?
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays