Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #16053
Closed
Open
Issue created May 16, 2015 by Damian Johnson@atagar

Stem errors when it sees reject6 or accept6 exit policies

Tor has a couple exit policy keywords (reject6 and accept6) which break just about any bit of Stem that reads exit policies.

10:55 < toralf> atagar: "ExitPolicy reject6 *:*" raises in
controller.get_exit_policy() : ValueError: An exit policy should have
a space separating its accept/reject from the exit pattern: reject6
*:*

11:07 < atagar> toralf: Interesting! I keep an eye on changes to the
control and directory specifications but this didn't include a change
to either so 'reject6' is a surprise for me. Joy, guess this'll
warrant a hotfix for the recent 1.4.0 release.

11:07 < atagar> Thanks for the heads up. :P

Definitely something we should fix. Nyx evidently had a longstanding issue around this too (#10579 (closed)). Not an overly big whoop though. First, they're extremely rare and second, unless I'm missing something they're pointless. Exit policy addresses fall into three camps...

  • wildcard (for instance 'accept *:80')
  • ipv4 (for instance 'accept 0.0.0.0/8:80')
  • ipv6 (for instance 'accept [0000:0000:0000:0000:0000:0000:0000:0000]/64:80')

The first camp (wildcards) match against ipv4 or ipv6. The later two are for ipv4-only or ipv6-only policy rules. Or at least that's how Stem treats it.

Unless I'm missing something reject6 is just an alias for... what? The man page entry added as part of #12878 (moved) is the only description it seems to have ever gotten, and personally can't say I'm finding it too illuminating.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking