mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-24 22:58:50 +01:00
Code Issues Projects Releases Wiki Activity

Log an info-level message for each IP blocked by ExitPolicyRejectPrivate

Browse source 
Log an info-level message containing the reject line added to the
exit policy for each local IP address blocked by ExitPolicyRejectPrivate:
 - Published IPv4 and IPv6 addresses
 - Publicly routable IPv4 and IPv6 interface addresses
This commit is contained in:
teor (Tim Wilson-Brown) 2015-09-15 18:57:00 +10:00
parent 098b82c7b2
commit eb1759e63c
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/or/policies.c
View file

@ -1014,6 +1014,8 @@ policies_parse_exit_policy_internal(config_line_t *cfg, smartlist_t **dest,
char buf[POLICY_BUF_LEN];
tor_snprintf(buf, sizeof(buf), "reject %s:*", fmt_addr32(local_address));
append_exit_policy_string(dest, buf);
log_info(LD_CONFIG, "Adding a reject ExitPolicy '%s' for our published "
"IPv4 address", buf);
}
/* Reject our local IPv6 address */
if (ipv6_exit && ipv6_local_address != NULL) {
@ -1025,6 +1027,8 @@ policies_parse_exit_policy_internal(config_line_t *cfg, smartlist_t **dest,
tor_snprintf(buf6, sizeof(buf6), "reject %s:*",
fmt_addr(ipv6_local_address));
append_exit_policy_string(dest, buf6);
log_info(LD_CONFIG, "Adding a reject ExitPolicy '%s' for our "
"published IPv6 address", buf6);
}
}
/* Reject local addresses from public netblocks on any interface,
@ -1061,6 +1065,8 @@ policies_parse_exit_policy_internal(config_line_t *cfg, smartlist_t **dest,
tor_snprintf(bufif, sizeof(bufif), "reject6 %s:*",
fmt_addr(a));
append_exit_policy_string(dest, bufif);
log_info(LD_CONFIG, "Adding a reject ExitPolicy '%s' for a local "
"interface's public IPv6 address", bufif);
}
} SMARTLIST_FOREACH_END(a);
free_interface_address6_list(public_addresses);