mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
go back to a single exitpolicy parameter
if your exitpolicy includes " *:*" then it is final, else we append the default exit policy. (thanks weasel) svn:r1105
This commit is contained in:
parent
4e178907ab
commit
67c0c64aa4
@ -19,13 +19,10 @@ SocksBindAddress 127.0.0.1 # accept connections only from localhost
|
|||||||
#ORPort 9001 # where to listen for cell-speaking connections
|
#ORPort 9001 # where to listen for cell-speaking connections
|
||||||
#ORBindAddress 0.0.0.0 # accept connections from anywhere
|
#ORBindAddress 0.0.0.0 # accept connections from anywhere
|
||||||
|
|
||||||
## A comma-separated list of exit policies. Define this if you
|
## A comma-separated list of exit policies. If you want to *replace*
|
||||||
## want to *augment* the default exit policy.
|
## the default exit policy, end this with either a reject *:* or an
|
||||||
## These entries are considered before the default exit policy.
|
## accept *:*. Otherwise, you're *augmenting* (prepending to) the
|
||||||
#ExitPolicyPrepend accept 18.244.0.188:25
|
## default exit policy.
|
||||||
|
#ExitPolicy accept 18.244.0.188:25,accept 18.244.0.114:25
|
||||||
## A comma-separated list of exit policies. Define this if you
|
|
||||||
## want to *replace* the default exit policy.
|
|
||||||
## They're considered in order, first match wins.
|
|
||||||
#ExitPolicy reject *:*
|
#ExitPolicy reject *:*
|
||||||
|
|
||||||
|
@ -165,7 +165,6 @@ static void config_assign(or_options_t *options, struct config_line *list) {
|
|||||||
config_compare(list, "ExitNodes", CONFIG_TYPE_STRING, &options->ExitNodes) ||
|
config_compare(list, "ExitNodes", CONFIG_TYPE_STRING, &options->ExitNodes) ||
|
||||||
config_compare(list, "EntryNodes", CONFIG_TYPE_STRING, &options->EntryNodes) ||
|
config_compare(list, "EntryNodes", CONFIG_TYPE_STRING, &options->EntryNodes) ||
|
||||||
config_compare(list, "ExitPolicy", CONFIG_TYPE_STRING, &options->ExitPolicy) ||
|
config_compare(list, "ExitPolicy", CONFIG_TYPE_STRING, &options->ExitPolicy) ||
|
||||||
config_compare(list, "ExitPolicyPrepend",CONFIG_TYPE_STRING, &options->ExitPolicyPrepend) ||
|
|
||||||
config_compare(list, "ExcludedNodes", CONFIG_TYPE_STRING, &options->ExcludedNodes) ||
|
config_compare(list, "ExcludedNodes", CONFIG_TYPE_STRING, &options->ExcludedNodes) ||
|
||||||
|
|
||||||
config_compare(list, "Group", CONFIG_TYPE_STRING, &options->Group) ||
|
config_compare(list, "Group", CONFIG_TYPE_STRING, &options->Group) ||
|
||||||
@ -244,7 +243,6 @@ void free_options(or_options_t *options) {
|
|||||||
tor_free(options->EntryNodes);
|
tor_free(options->EntryNodes);
|
||||||
tor_free(options->ExcludedNodes);
|
tor_free(options->ExcludedNodes);
|
||||||
tor_free(options->ExitPolicy);
|
tor_free(options->ExitPolicy);
|
||||||
tor_free(options->ExitPolicyPrepend);
|
|
||||||
tor_free(options->SocksBindAddress);
|
tor_free(options->SocksBindAddress);
|
||||||
tor_free(options->ORBindAddress);
|
tor_free(options->ORBindAddress);
|
||||||
tor_free(options->DirBindAddress);
|
tor_free(options->DirBindAddress);
|
||||||
@ -260,8 +258,7 @@ void init_options(or_options_t *options) {
|
|||||||
options->ExitNodes = tor_strdup("");
|
options->ExitNodes = tor_strdup("");
|
||||||
options->EntryNodes = tor_strdup("");
|
options->EntryNodes = tor_strdup("");
|
||||||
options->ExcludedNodes = tor_strdup("");
|
options->ExcludedNodes = tor_strdup("");
|
||||||
options->ExitPolicy = tor_strdup("reject 0.0.0.0/8,reject 169.254.0.0/16,reject 127.0.0.0/8,reject 192.168.0.0/16,reject 10.0.0.0/8,reject 172.16.0.0/12,accept *:20-22,accept *:53,accept *:79-80,accept *:110,accept *:143,accept *:443,accept *:873,accept *:993,accept *:995,accept *:1024-65535,reject *:*");
|
options->ExitPolicy = tor_strdup("");
|
||||||
options->ExitPolicyPrepend = tor_strdup("");
|
|
||||||
options->SocksBindAddress = tor_strdup("127.0.0.1");
|
options->SocksBindAddress = tor_strdup("127.0.0.1");
|
||||||
options->ORBindAddress = tor_strdup("0.0.0.0");
|
options->ORBindAddress = tor_strdup("0.0.0.0");
|
||||||
options->DirBindAddress = tor_strdup("0.0.0.0");
|
options->DirBindAddress = tor_strdup("0.0.0.0");
|
||||||
|
@ -497,7 +497,6 @@ typedef struct {
|
|||||||
char *EntryNodes;
|
char *EntryNodes;
|
||||||
char *ExcludedNodes;
|
char *ExcludedNodes;
|
||||||
char *ExitPolicy;
|
char *ExitPolicy;
|
||||||
char *ExitPolicyPrepend;
|
|
||||||
char *SocksBindAddress;
|
char *SocksBindAddress;
|
||||||
char *ORBindAddress;
|
char *ORBindAddress;
|
||||||
char *DirBindAddress;
|
char *DirBindAddress;
|
||||||
|
@ -286,9 +286,15 @@ static void router_add_exit_policy_from_config_helper(char *s, routerinfo_t *rou
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define DefaultExitPolicy "reject 0.0.0.0/8,reject 169.254.0.0/16,reject 127.0.0.0/8,reject 192.168.0.0/16,reject 10.0.0.0/8,reject 172.16.0.0/12,accept *:20-22,accept *:53,accept *:79-80,accept *:110,accept *:143,accept *:443,accept *:873,accept *:993,accept *:995,accept *:1024-65535,reject *:*"
|
||||||
|
|
||||||
static void router_add_exit_policy_from_config(routerinfo_t *router) {
|
static void router_add_exit_policy_from_config(routerinfo_t *router) {
|
||||||
router_add_exit_policy_from_config_helper(options.ExitPolicyPrepend, router);
|
|
||||||
router_add_exit_policy_from_config_helper(options.ExitPolicy, router);
|
router_add_exit_policy_from_config_helper(options.ExitPolicy, router);
|
||||||
|
if(strstr(options.ExitPolicy," *:*") == NULL) {
|
||||||
|
/* if exitpolicy includes a *:* line, then we're done. Else, append
|
||||||
|
* the default exitpolicy. */
|
||||||
|
router_add_exit_policy_from_config_helper(DefaultExitPolicy, router);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Return false if my exit policy says to allow connection to conn.
|
/* Return false if my exit policy says to allow connection to conn.
|
||||||
|
Loading…
Reference in New Issue
Block a user