On 8/30/13, Andrea Shepard andrea@torproject.org wrote:
On Tue, Aug 27, 2013 at 11:08:34AM -0500, Jon Gardner wrote:
Then why have exit policies? Exit nodes regularly block "unwelcome" traffic like bittorrent, and there's only a slight functional difference between that and using a filter in front of the node to block things like porn
There's a considerable functional difference: an exit policy is a defined list of specific hosts and ports to accept/reject, and it's advertised in the exit's descriptor. Your client can just pick a different exit node if the connection it wants to make is not permitted by a given exit's policy. A "porn filter" is inherently fuzzy and unpredictable, so couldn't be implemented without breaking clients trying to use that node. Filtering traffic other than as declared by your exit policy should and will get your exit the BadExit flag.
This is why we need to implement extended exit flags for exits that want to run post-exit filtering/enhancement policies, say for example "noporn" that way we can get all the religious groups dumping their tithes into not just beaming reruns of the 700 club around the world, but a pile of uber fast exits too.
And how about "novirus" delivered by microsoft "doublesyourcoins" propped up by the donations of fools "trusted" run by legit governments