Servers and ReachableAddresses
A server operator did set FascistFirewall because he filtered incoming connections. Maybe Tor should do something, like warn or not let you be a server, when you have a restrictive ReachableAddresses list.
should Tor allow you to be a server when you have FascistFirewall set? weasel: Probably not. But it's hard to enforce, since it's reasonable to allow servers when ReachableAddresses is set. And FascistFirewall aliases to that./ is it reasonable? Sure ok :) If I say "all ports 1024-65535 are reachable", I'm a fine server. this specific config would mean you can only access one of the auth directory servers well, that would suck. actually... okay, adding proposed rule to TODO. maybe Tor should warn if your ReachableAddresses prevents you from reaching one of the dirservers? let me know what you think If you're a directory cache, you need to be able to reach all the directory authorities. If you're an OR, you should be able to reach (oh, say) 85% of the other ORs. and you need to be able to reach at least one directory authority. hm, true, to bootstrap. I suspect this is not an earthshaking problem as it is: you'll either bootstrap or you wont; you'll either be able to build a connection to yourself or you're right, it's not. it would just be nice to give the operator some feedback that what he's doing is probably not a good idea :) as it turned out in this case the user didn't realize FascistFirewall was for outgoing, not incoming connections.
[Automatically added by flyspray2trac: Operating System: All]