From: teor (Tim Wilson-Brown) Date: Tue, 15 Sep 2015 08:57:00 +0000 (+1000) Subject: Log an info-level message for each IP blocked by ExitPolicyRejectPrivate X-Git-Tag: tor-0.2.7.3-rc~33^2^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=eb1759e63cccc9fb870dfb2f87b21ce1e6d4df2d;p=thirdparty%2Ftor.git Log an info-level message for each IP blocked by ExitPolicyRejectPrivate Log an info-level message containing the reject line added to the exit policy for each local IP address blocked by ExitPolicyRejectPrivate: - Published IPv4 and IPv6 addresses - Publicly routable IPv4 and IPv6 interface addresses --- diff --git a/src/or/policies.c b/src/or/policies.c index 1031fc0cca..641b109696 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -1014,6 +1014,8 @@ policies_parse_exit_policy_internal(config_line_t *cfg, smartlist_t **dest, char buf[POLICY_BUF_LEN]; tor_snprintf(buf, sizeof(buf), "reject %s:*", fmt_addr32(local_address)); append_exit_policy_string(dest, buf); + log_info(LD_CONFIG, "Adding a reject ExitPolicy '%s' for our published " + "IPv4 address", buf); } /* Reject our local IPv6 address */ if (ipv6_exit && ipv6_local_address != NULL) { @@ -1025,6 +1027,8 @@ policies_parse_exit_policy_internal(config_line_t *cfg, smartlist_t **dest, tor_snprintf(buf6, sizeof(buf6), "reject %s:*", fmt_addr(ipv6_local_address)); append_exit_policy_string(dest, buf6); + log_info(LD_CONFIG, "Adding a reject ExitPolicy '%s' for our " + "published IPv6 address", buf6); } } /* Reject local addresses from public netblocks on any interface, @@ -1061,6 +1065,8 @@ policies_parse_exit_policy_internal(config_line_t *cfg, smartlist_t **dest, tor_snprintf(bufif, sizeof(bufif), "reject6 %s:*", fmt_addr(a)); append_exit_policy_string(dest, bufif); + log_info(LD_CONFIG, "Adding a reject ExitPolicy '%s' for a local " + "interface's public IPv6 address", bufif); } } SMARTLIST_FOREACH_END(a); free_interface_address6_list(public_addresses);