From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 8 Dec 2005 19:58:14 +0000 (+0000)
Subject: Oops. 0.0.0.0/8 and 169.254.0.0/16 are also special.
X-Git-Tag: tor-0.1.1.10-alpha~19
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=338f23114faf35f9965dd9de6ee08376db905533;p=thirdparty%2Ftor.git

Oops. 0.0.0.0/8 and 169.254.0.0/16 are also special.


svn:r5536
---

diff --git a/doc/tor.1.in b/doc/tor.1.in
index 6eb658e451..352c0655f8 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -387,11 +387,12 @@ For example, "reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept *:*" would
 reject any traffic destined for localhost and any 192.168.1.* address, but
 accept anything else.
 
-To specify all internal networks (including 169.254.0.0/16,
-127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8, and 172.16.0.0/12), you can use
-the "private" alias instead of an address.  For example, to allow HTTP
-to 127.0.0.1 and block all other connections to internal networks, you
-can say "accept 127.0.0.1:80,reject private:*".  See RFC 3330 for more
+To specify all internal and link-local networks (including 0.0.0.0/8,
+169.254.0.0/16, 127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8, and
+172.16.0.0/12), you can use the "private" alias instead of an address.
+For example, to allow HTTP to 127.0.0.1 and block all other
+connections to internal networks, you can say "accept
+127.0.0.1:80,reject private:*".  See RFC 1918 and RFC 3330 for more
 details about internal and reserved IP address space.
 
 This directive can be specified multiple times so you don't have to put
diff --git a/src/or/config.c b/src/or/config.c
index 68da7e0af1..c664026b96 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2777,6 +2777,7 @@ static int
 config_expand_exit_policy_aliases(smartlist_t *entries)
 {
   static const char *prefixes[] = {
+    "0.0.0.0/8", "169.254.0.0/16",
     "127.0.0.0/8", "192.168.0.0/16", "10.0.0.0/8", "172.16.0.0/12",NULL };
   int i;
   char *pre=NULL, *post=NULL;