iptables and tor
Dominik Schaefer
schaedpq2 at gmx.de
Sun Feb 10 23:07:55 UTC 2008
Tom Hek schrieb:
> By default are all the private ranges already blocked in the exitpolicy.
Yes, the private or non-routable nets. I should have been more precise what I
meant. ;-) (or should have avoided the term "private")
Suppose you have 87.78.1.170 as exit node and its subnet is 87.78.1.128/26.
Suppose your organization has the net 87.78.1.1/24 and you have some services
for internal use running on various hosts in that Class-C net.
Then AFAIK you have to take care yourself of the appropriate exit policies,
because tor can't possibly know this, e.g. explicitly disallow 87.78.1.1/24.
Dominik
More information about the tor-talk
mailing list