[tor-bugs] #10067 [Tor]: Have `reject *` as the default exit policy
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 5 15:55:26 UTC 2013
#10067: Have `reject *` as the default exit policy
-----------------------------+--------------------------------
Reporter: lunar | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-relay
Actual Points: | Parent ID:
Points: |
-----------------------------+--------------------------------
Comment (by atagar):
> Are there very many such nodes?
Just realized working with the default policy via stem is a little clunky.
I should fix that. Anyway, in practice policies seem to mostly stick to
reject-all or the default...
{{{
% python default_exit_policy_count.py
4705 reject *:*
1417 default
2 accept 173.213.78.126:443, reject *:*
2 accept *:9980, accept *:9981, accept 192.0.2.80:*, accept 10.8.6.1:*,
default
2 accept 78.47.218.190:80, accept 5.9.28.163:80, accept 5.9.28.163:443,
accept 5.9.28.186/30:80, accept 5.9.28.186/30:443, accept 5.9.30.12:80,
accept 5.9.30.12:443, accept 5.9.236.224/28:80, accept 5.9.236.224/28:443,
reject *:*
2 accept 173.213.78.125:80, reject *:*
2 accept 173.213.78.126:443, reject *:*
...
}}}
{{{
from stem.descriptor import remote
# prefix of the default policy that's static
STATIC_DEFAULT = "reject 0.0.0.0/8:*, reject 169.254.0.0/16:*, reject
127.0.0.0/8:*, reject 192.168.0.0/16:*, reject 10.0.0.0/8:*, reject
172.16.0.0/12:*"
def replace_default(policy):
"""
Quick and dirty method to replace the default exit policy with
'default'.
Without this most policies are unique, since they include a reject
clause for
their own IP.
"""
policy_str = str(policy)
static_prefix = policy_str.find(STATIC_DEFAULT)
if static_prefix == -1:
return policy_str
elif static_prefix == 0:
return 'default'
else:
return policy_str[:static_prefix] + 'default'
policy_counts = {}
for desc in remote.DescriptorDownloader().get_server_descriptors():
policy = replace_default(desc.exit_policy)
policy_counts[policy] = policy_counts.setdefault(policy, 0) + 1
# exit policies sorted by their count
counts = sorted(policy_counts.values(), reverse = True)
for count in counts:
for policy, policy_count in policy_counts.items():
if count == policy_count:
print "%i %s" % (count, policy)
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10067#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list