Gentoo Archives: gentoo-user

From: Rich Freeman <rich0@g.o>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] How can I block incomming tor-traffic?
Date: Sat, 06 Jun 2015 11:16:33
Message-Id: CAGfcS_n2MKw2vdTMB-6qsiQ8JCWSu=8rUM+OSBS8LRR_tMqtAQ@mail.gmail.com
In Reply to: [gentoo-user] How can I block incomming tor-traffic? by Jarry
1 On Sat, Jun 6, 2015 at 7:04 AM, Jarry <mr.jarry@×××××.com> wrote:
2 > Hi Gentoo-users,
3 >
4 > my web-server gets constantly abused by users which appear to be
5 > using tor-network (ip-lookup of source addresses always points
6 > to tor-exit.watever). How can I block this tor-traffic completely?
7 >
8 > I know I can get the list of tor exit-nodes on:
9 > check.torproject.org/exit-addresses
10 >
11 > How can I feed this list to iptables? Is there some ready-to-use
12 > solution, or do I have to parse this list through some script
13 > I have to write first?
14 >
15
16 However you do it, please don't use whatever approach half the
17 websites seem to be using, which ends up blocking relay nodes as well
18 as exit nodes. I run a relay-only node and it seems like random
19 websites block me all the time. So, I just route all my non-server
20 traffic through an anonymous vpn, which works fine, though likely
21 being the source of just as much abuse (by others).
22
23 There seem to be ip reputation services out there which don't
24 distinguish between tor exits and relay nodes.
25
26 Every once in a while I force a new dhcp lease on the IP used by tor,
27 and I'm sure some other random user on my ISP then wonders why half
28 the internet no longer works.
29
30 The website you listed does appear to list only exit nodes - my node
31 doesn't appear on the list.
32
33 --
34 Rich