Commit 4c1c2a31 authored by teor's avatar teor Committed by teor (Tim Wilson-Brown)
Browse files

Add Fallback Directory Candidate Selection Script 

"Tor has included a feature to fetch the initial consensus from nodes
 other than the authorities for a while now. We just haven't shipped a
 list of alternate locations for clients to go to yet.

 Reasons why we might want to ship tor with a list of additional places
 where clients can find the consensus is that it makes authority
 reachability and BW less important.

 We want them to have been around and using their current key, address,
 and port for a while now (120 days), and have been running, a guard,
 and a v2 directory mirror for most of that time."

Features:
* whitelist and blacklist for an opt-in/opt-out trial.
* excludes BadExits, tor versions that aren't recommended, and low
  consensus weight directory mirrors.
* reduces the weighting of Exits to avoid overloading them.
* places limits on the weight of any one fallback.
* includes an IPv6 address and orport for each FallbackDir, as
  implemented in #17327. (Tor won't bootstrap using IPv6 fallbacks
  until #17840 is merged.)
* generated output includes timestamps & Onionoo URL for traceability.
* unit test ensures that we successfully load all included default
  fallback directories.

Closes ticket #15775. Patch by "teor".
OnionOO script by "weasel", "teor", "gsathya", and "karsten".
parent f3ed5ec0

.gitignore

+5 −0
Original line number Diff line number Diff line
@@ -28,6 +28,11 @@ cscope.* 
# OSX junk

*.dSYM

.DS_Store

# updateFallbackDirs.py temp files

details-*.json

uptime-*.json

*.full_url

*.last_modified



# /

/Makefile

changes/feature15775-fallback

0 → 100644
+19 −0
Original line number Diff line number Diff line 
  o Major features (directory mirrors):

    - Include an opt-in trial list of Default Fallback Directories in

      add_default_fallback_dir_servers().

      "Tor has included a feature to fetch the initial consensus from nodes

       other than the authorities for a while now. We just haven't shipped a

       list of alternate locations for clients to go to yet.

       Reasons why we might want to ship tor with a list of additional places

       where clients can find the consensus is that it makes authority

       reachability and BW less important.

       We want them to have been around and using their current key, address,

       and port for a while now (120 days), and have been running, a guard,

       and a v2 directory mirror for most of that time."

      We exclude BadExits and tor versions that aren't recommended.

      We include an IPv6 address for each FallbackDir (#8374).

      (Tor might not use IPv6 fallbacks until #6027 is merged.)

      The unit test ensures that we successfully load all included

      default fallback directories.

      Closes ticket #15775. Patch by "teor".

      OnionOO script by "weasel", "teor", "gsathya", and "karsten".

scripts/maint/fallback.blacklist

0 → 100644
+19 −0
Original line number Diff line number Diff line 
# updateFallbackDirs.py directory mirror blacklist

#

# Format:

# [ IPv4[:DirPort] ] [ orport=<ORPort> ] [ id=<ID> ] ...

#   [ ipv6=<IPv6>[:<IPv6 ORPort>] ]

#

# If a sufficiently specific group of attributes matches, the directory mirror

# will be excluded: (each group is listed on its own line)

# <IPv4>, <DirPort>

# <IPv4>, <ORPort>

# <ID>

# <IPv6>, <DirPort>

# <IPv6>, <IPv6 ORPort>

# If DirPort and ORPort are not present, the entire IP address is blacklisted.

# (The blacklist overrides the whitelist.)



# If a relay operator doesn't want their relay to be a FallbackDir,

# enter the following information here:

# <IPv4>:<DirPort> orport=<ORPort> id=<ID> ipv6=<IPv6>:<IPv6 ORPort>

scripts/maint/fallback.whitelist

0 → 100644
+13 −0
Original line number Diff line number Diff line 
# updateFallbackDirs.py directory mirror whitelist

#

# Format:

# IPv4:DirPort orport=<ORPort> id=<ID> [ ipv6=<IPv6>:<IPv6 ORPort> ]

#

# All attributes must match for the directory mirror to be included.

# If the fallback has an ipv6 key, the whitelist line must also have

# it, and vice versa, otherwise they don't match.

# (The blacklist overrides the whitelist.)



# If a relay operator wants their relay to be a FallbackDir,

# enter the following information here:

# <IPv4>:<DirPort> orport=<ORPort> id=<ID> [ ipv6=<IPv6>:<IPv6 ORPort> ]

scripts/maint/updateFallbackDirs.py

0 → 100755
+1225 −0

File added.

Preview size limit exceeded, changes collapsed.