[tor-relays] IPv6 vs IPv4 exit policies
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, I just activated IPv6 support for my two exit relays today, but I do not unterstand/misconfigured the exit policies. I just want to open certain ports at IPv4 (the common known reduced exit policy) and open all Ports at IPv6 except 25. How do I configure such a thing? Current sample config is: [snip] IPv6Exit 1 ExitPolicy accept6 *:* ExitPolicy reject6 *:25 [full reduced exitpolicies snipped out] ExitPolicy accept *:50002 # Electrum Bitcoin SSL ExitPolicy accept *:64738 # Mumble ExitPolicy reject *:* But at Globe only this is visible: https://globe.torproject.org/#/relay/F5B1FC9038A5A65FF16D6729AAB2AEDD67F D2F2A https://globe.torproject.org/#/relay/D9D7A9C203C99945D0DCBD545A20C0CB936 7C742 Can someone help me out there? Cheers! spriver -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJVyNfsAAoJEMkUf8VoejgPiEEP/jS0fkncI8EWdnNm6mWvOB2Z GybS2ZpzKMYzXTx277gp5AXsySBYsMjVDpxKLsWnfhejbKiv5SxgOYipnfROLoyd uTiqP+Ha+SB83DLM9/x9/OWOImT5qdEhKHVZVrW5UeQQJ9kZPO2R7eQ5w2aQfpVd wJ5nv8iSOuL79LPDVidNcAbFrqZ07R1DW/XUMXdlgdWjNd3ToJEBxussIQFMkQLH l6mQf8lF44Hau+udwiOvmKW6xjkMMPcg16jd/hHmimcQ1pgYV0sVS3XKxJifjKKQ VLIGa1oR1rV6rJEpE+F+6f+8HGJsoilda+eDMdgLzkD0Mi+/kHNbKEokyhAEqmxd fTyY5tt10ypXprYr75F6KEvBEP9h0qHY1NRt38YbLW2J4UCGDcW9ZB3xggFCa2iz 14twdT7qnyu8QuFUzox4DaxEyzeTeZXkKpjHsNABAPlGgenDhDkNldeuQnv4n3xc mBGhoobtDKRsi9aKg+9n1qgePOk7kJVUzEyi1Vwk8RdXwu8AyucejVoC7m7cgakW bFWGyNumezGlY2jMz+ARAEDJfG0LrgpEalJ06qZovUibLBCcOludI0Xdp7Y04vH0 PnWotybn7YZjOa69oJ7HGxiAHEoNgT4SeRM/NIvVWTOdgLPbE1Nr2o1drYpmMyjR aoSklTseBiKF+b1bex1L =Bo5q -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] IPv6 vs IPv4 exit policies
If I recall correctly: Policies with '*' for the address count as both ipv4 and v6 policies, it is possible to use 0.0.0.0 for v4 and [::] (I think) for v6-specfic policies. spriver: > Hi, > > I just activated IPv6 support for my two exit relays today, but I do > not unterstand/misconfigured the exit policies. > > I just want to open certain ports at IPv4 (the common known reduced > exit policy) and open all Ports at IPv6 except 25. How do I configure > such a thing? > > Current sample config is: > > [snip] > IPv6Exit 1 > ExitPolicy accept6 *:* > ExitPolicy reject6 *:25 > > [full reduced exitpolicies snipped out] > ExitPolicy accept *:50002 # Electrum Bitcoin SSL > ExitPolicy accept *:64738 # Mumble > ExitPolicy reject *:* > > But at Globe only this is visible: > https://globe.torproject.org/#/relay/F5B1FC9038A5A65FF16D6729AAB2AEDD67F > D2F2A > https://globe.torproject.org/#/relay/D9D7A9C203C99945D0DCBD545A20C0CB936 > 7C742 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] IPv6 vs IPv4 exit policies
> On 12 Aug 2015, at 08:53 , n...@cock.li wrote: > > If I recall correctly: Policies with '*' for the address count as both > ipv4 and v6 policies, it is possible to use 0.0.0.0 for v4 and [::] (I > think) for v6-specfic policies. Or *4 and *6, respectively, which expand to 0.0.0.0 and [::]. So the lines could look like: >> IPv6Exit 1 By the way, these two lines are in the wrong order if you intend to block 25 and permit everything else. They permit everything and then the next line is ignored. >> ExitPolicy accept6 *6:* >> ExitPolicy reject6 *6:25 >> [full reduced exitpolicies snipped out] >> ExitPolicy accept *4:50002 # Electrum Bitcoin SSL >> ExitPolicy accept *4:64738 # Mumble >> ExitPolicy reject *4:* > > spriver: >> Hi, >> >> I just activated IPv6 support for my two exit relays today, but I do >> not unterstand/misconfigured the exit policies. >> >> I just want to open certain ports at IPv4 (the common known reduced >> exit policy) and open all Ports at IPv6 except 25. How do I configure >> such a thing? >> >> Current sample config is: >> >> [snip] >> IPv6Exit 1 >> ExitPolicy accept6 *:* >> ExitPolicy reject6 *:25 >> >> [full reduced exitpolicies snipped out] >> ExitPolicy accept *:50002 # Electrum Bitcoin SSL >> ExitPolicy accept *:64738 # Mumble >> ExitPolicy reject *:* >> >> But at Globe only this is visible: >> https://globe.torproject.org/#/relay/F5B1FC9038A5A65FF16D6729AAB2AEDD67F >> D2F2A >> https://globe.torproject.org/#/relay/D9D7A9C203C99945D0DCBD545A20C0CB936 >> 7C742 > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays Tim Wilson-Brown (teor) teor2345 at gmail dot com pgp ABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7 signature.asc Description: Message signed with OpenPGP using GPGMail ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
