Meek and ReachableAddresses

This came to my attention through an old StackExchange ticket that the Community accound had bumped: http://tor.stackexchange.com/q/9500

The user appears to have setup some combination of ReachableAddresses,FirewallPorts, and FascistFirewall. While the ports they can reach might be set correctly, when using meek tor sees the destination address as a fake destination. You end up with a log that looks like this:

NOTICE: Bridge at '0.0.2.0:1' isn't reachable by our firewall policy. Skipping.

This happens because they haven't defined 0.0.2.0:1 as being a reachable address, while in reality it's using (most likely) port 443 on some CDN, which might actually be defined reachable.

Maybe not a common issue but an interesting edge case that may be clarified, avoided, or documented somewhere.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information