Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 327
    • Issues 327
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 31
    • Merge requests 31
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #40676
Closed
Open
Issue created Sep 20, 2022 by cypherpunks@cypherpunks

ExitPolicy should apply to already established outbound connections (with a config option, off by default)

To reduce the impact of tor running out of free TCP source ports (see pending comment in #26646) we added a reject entry for the destination causing most outbound TCP connections to the ExitPolicy and restarted tor.

ExitPolicy reject 1.2.3.4:*  <<<< added to avoid outbound connections to this target
ExitPolicy accept *:80
ExitPolicy accept *:443
ExitPolicy reject *:*

Expected: Tor should not create any connections to 1.2.3.4

Even after changing the torrc and restarting tor we see established TCP connections to 1.2.3.4, this is unexpected.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking