nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Get rid of the notion of a separate default default exit policy.

Browse Source 
Create ExitPolicyPrepend config parameter, to customize the default
exit policy.


svn:r1103
This commit is contained in:
Roger Dingledine 2004-02-18 03:56:12 +00:00
parent c9d9b9b2a7
commit 7562a62ef0
4 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/config/torrc.in
View File

@ -19,7 +19,13 @@ SocksBindAddress 127.0.0.1 # accept connections only from localhost
#ORPort 9001 # where to listen for cell-speaking connections
#ORBindAddress 0.0.0.0 # accept connections from anywhere
## A comma-separated list of exit policies. They're considered in
## order, first match wins.
#ExitPolicy reject 0.0.0.0/8,reject 169.254.0.0/16,reject 127.0.0.0/8,reject 192.168.0.0/16,reject 10.0.0.0/8,reject 172.16.0.0/12,accept *:20-22,accept *:53,accept *:79-80,accept *:110,accept *:143,accept *:443,accept *:873,accept *:1024-65535,reject *:*
## A comma-separated list of exit policies. Define this if you
## want to *augment* the default exit policy.
## These entries are considered before the default exit policy.
#ExitPolicyPrepend accept 18.244.0.188:25
## A comma-separated list of exit policies. Define this if you
## want to *replace* the default exit policy.
## They're considered in order, first match wins.
#ExitPolicy reject *:*

7
src/or/config.c
View File

@ -165,6 +165,7 @@ static void config_assign(or_options_t *options, struct config_line *list) {
config_compare(list, "ExitNodes", CONFIG_TYPE_STRING, &options->ExitNodes) ||
config_compare(list, "EntryNodes", CONFIG_TYPE_STRING, &options->EntryNodes) ||
config_compare(list, "ExitPolicy", CONFIG_TYPE_STRING, &options->ExitPolicy) ||
config_compare(list, "ExitPolicyPrepend",CONFIG_TYPE_STRING, &options->ExitPolicyPrepend) ||
config_compare(list, "ExcludedNodes", CONFIG_TYPE_STRING, &options->ExcludedNodes) ||
config_compare(list, "Group", CONFIG_TYPE_STRING, &options->Group) ||
@ -243,6 +244,7 @@ void free_options(or_options_t *options) {
tor_free(options->EntryNodes);
tor_free(options->ExcludedNodes);
tor_free(options->ExitPolicy);
tor_free(options->ExitPolicyPrepend);
tor_free(options->SocksBindAddress);
tor_free(options->ORBindAddress);
tor_free(options->DirBindAddress);
@ -258,7 +260,8 @@ void init_options(or_options_t *options) {
options->ExitNodes = tor_strdup("");
options->EntryNodes = tor_strdup("");
options->ExcludedNodes = tor_strdup("");
options->ExitPolicy = tor_strdup("reject *:25,reject 127.0.0.0/8:*,reject 0.0.0.0/8,accept *:*");
options->ExitPolicy = tor_strdup("reject 0.0.0.0/8,reject 169.254.0.0/16,reject 127.0.0.0/8,reject 192.168.0.0/16,reject 10.0.0.0/8,reject 172.16.0.0/12,accept *:20-22,accept *:53,accept *:79-80,accept *:110,accept *:143,accept *:443,accept *:873,accept *:1024-65535,reject *:*");
options->ExitPolicyPrepend = tor_strdup("");
options->SocksBindAddress = tor_strdup("127.0.0.1");
options->ORBindAddress = tor_strdup("0.0.0.0");
options->DirBindAddress = tor_strdup("0.0.0.0");
@ -271,7 +274,7 @@ void init_options(or_options_t *options) {
options->DirFetchPostPeriod = 600;
options->KeepalivePeriod = 300;
options->MaxOnionsPending = 100;
options->NewCircuitPeriod = 60; /* once a minute */
options->NewCircuitPeriod = 30; /* twice a minute */
options->BandwidthRate = 800000; /* at most 800kB/s total sustained incoming */
options->BandwidthBurst = 10000000; /* max burst on the token bucket */
options->NumCpus = 1;

1
src/or/or.h
View File

@ -497,6 +497,7 @@ typedef struct {
char *EntryNodes;
char *ExcludedNodes;
char *ExitPolicy;
char *ExitPolicyPrepend;
char *SocksBindAddress;
char *ORBindAddress;
char *DirBindAddress;

11
src/or/router.c
View File

@ -253,8 +253,8 @@ void router_upload_desc_to_dirservers(void) {
}
}
static void router_add_exit_policy_from_config(routerinfo_t *router) {
char *s = options.ExitPolicy, *e;
static void router_add_exit_policy_from_config_helper(char *s, routerinfo_t *router) {
char *e;
int last=0;
char line[1024];
@ -286,6 +286,11 @@ static void router_add_exit_policy_from_config(routerinfo_t *router) {
}
}
static void router_add_exit_policy_from_config(routerinfo_t *router) {
router_add_exit_policy_from_config_helper(options.ExitPolicyPrepend, router);
router_add_exit_policy_from_config_helper(options.ExitPolicy, router);
}
/* Return false if my exit policy says to allow connection to conn.
* Else return true.
*/
@ -296,7 +301,7 @@ int router_compare_to_my_exit_policy(connection_t *conn) {
return router_compare_addr_to_exit_policy(conn->addr, conn->port,
desc_routerinfo->exit_policy);
}
const char *router_get_my_descriptor(void) {