Block Tor Nodes...

here is a script that blocks tor nodes

Code:

#!/bin/bash

# A simple bash script to block IP traffic from TOR exit nodes.
# written by Andrew Vetlugin (antrew at gmail com)

wget='/usr/bin/wget'
iptables='/sbin/iptables'
url='https://torstat.xenobite.eu/export/tor_exitnodes.csv'

iptables_target='DROP'
#iptables_target='REJECT'

# Quick guide:

# 1. add a separate chain for a list of TOR exit nodes
# (this should be done by hand once)
# iptables -N TOR_EXIT

# 2. add a rule to INPUT chain
# Note: if you want to be able to connect to any TOR exit node yourself
# (e.g., if $url is a exit node you should be able to fetch a list of exit
# nodes from it) then you should add this rule AFTER accepting established
# and related connections)
# iptables -A INPUT -j TOR_EXIT

# 3. add this script to crontab (I think 10-20 minutes interval should be OK)

# flush chain
$iptables -F TOR_EXIT

# add TOR exit nodes to TOR_EXIT chain with $iptables_target rule
for node in `$wget -q --no-check-certificate -O - $url | sort | uniq`; do
********$iptables -A TOR_EXIT -s $node -j $iptables_target
done

# return to parent chain if the source is not TOR exit node
$iptables -A TOR_EXIT -j RETURN

or get it http://antrew.mooo.com/pub/block_tor_exit_nodes.sh

I've just started exploring Tor, and I'm curious to know what is the reason for doing this?

Please excuse my ignorance, but I'm just trying to understand a bit more about Tor.

Thanks

Sill using iptables we've talked about this write one for Suse

This is wrong do it every time, unless you provide a Suse Way.

Code:

# 1. add a separate chain for a list of TOR exit nodes
# (this should be done by hand once)
# iptables -N TOR_EXIT

Pretty sure if you look at the existing chains none of this would match any way, as default on input is to accept then to redirect to the correct chains mainly input_ext.

Next really don't get the purpose I think its highly unlikely you're getting traffic from an exit node and if you are. You could well be blocking people who have a very good reason to use it.

Next you send me to site with a self signed cert that doesn't even match the site mmm disturbing.

Think you'll find you at least need a director from input_ext to even make this work. I also suspect this would go into the input chain after drop too iptables -A INPUT -j TOR_EXIT

If your whole purpose is security then this page says it better than I can https://www.torproject.org/faq-abuse.html use a decent blocklist like the one from bluetack.co.uk

Short version its highly unlikely to work, you expect me to trust a list that can't even get a self signed cert to match the ip, and its highly unlikely to reduce any abuse.

http://forums.suselinuxsupport.de/index.ph...t=0#entry243479 perhaps this will help you write a Suse specific one.

@Myrlin
This is trying to block users like you unsure of the reasons why as for understanding a bit more about tor i suspect the main site is best, not a lot to really understand though, tor's exit node will be your ip address. If when running tor you go to a whats my ip site it won't be your one but the exit nodes one, which can make google interesting as it will be in the locale of the exit node.

Quote:

@Myrlin
This is trying to block users like you unsure of the reasons why as for understanding a bit more about tor i suspect the main site is best, not a lot to really understand though, tor's exit node will be your ip address. If when running tor you go to a whats my ip site it won't be your one but the exit nodes one, which can make google interesting as it will be in the locale of the exit node.
[/b]

Thanks, Feathermonkey.

I know what you mean about google being interesting. I just got a response in Greek!!! :blink:

Quote:

Sill using iptables we've talked about this write one for Suse

This is wrong do it every time, unless you provide a Suse Way.

Code:

# 1. add a separate chain for a list of TOR exit nodes
# (this should be done by hand once)
# iptables -N TOR_EXIT

Pretty sure if you look at the existing chains none of this would match any way, as default on input is to accept then to redirect to the correct chains mainly input_ext.

Next really don't get the purpose I think its highly unlikely you're getting traffic from an exit node and if you are. You could well be blocking people who have a very good reason to use it.

Next you send me to site with a self signed cert that doesn't even match the site mmm disturbing.

Think you'll find you at least need a director from input_ext to even make this work. I also suspect this would go into the input chain after drop too iptables -A INPUT -j TOR_EXIT

If your whole purpose is security then this page says it better than I can https://www.torproject.org/faq-abuse.html use a decent blocklist like the one from bluetack.co.uk

Short version its highly unlikely to work, you expect me to trust a list that can't even get a self signed cert to match the ip, and its highly unlikely to reduce any abuse.

http://forums.suselinuxsupport.de/index.ph...t=0#entry243479 perhaps this will help you write a Suse specific one.

@Myrlin
This is trying to block users like you unsure of the reasons why as for understanding a bit more about tor i suspect the main site is best, not a lot to really understand though, tor's exit node will be your ip address. If when running tor you go to a whats my ip site it won't be your one but the exit nodes one, which can make google interesting as it will be in the locale of the exit node.
[/b]

i did not right the script, if you look in comment it is not me, it was written by freeciv community to stop spamers

Ignorance then read the tor page spammers can't even use tor.

All in all a pretty useless tip then?

Quote:

Ignorance then read the tor page spammers can't even use tor.
[/b]

sure sure, u can run anything using tor via

Code:

torify <program_name>

then they can use it

Read up its blocked on the tor network

https://www.torproject.org/faq-abuse...tAboutSpammers

Quote:

Read up its blocked on the tor network

https://www.torproject.org/faq-abuse...tAboutSpammers
[/b]

ok, more like cheaters then... ppl who use tor to connect to freeciv, screw with settings and / or play game under proxy prentending to be noob and then winning. and also getting past bans and such...

Quote:

ok, more like cheaters then... ppl who use tor to connect to freeciv, screw with settings and / or play game under proxy prentending to be noob and then winning. and also getting past bans and such...
[/b]

does the tor network even provide enough bandwidth for one to play games with?