summaryrefslogtreecommitdiff
path: root/src/or/or.h
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2012-10-24 15:03:29 -0400
committerNick Mathewson <nickm@torproject.org>2012-11-14 23:16:21 -0500
commita96c0affcb4cda1a2e0d83d123993d10efc6e396 (patch)
tree179be96049286cae1b9b1aa4b633f60da2c29023 /src/or/or.h
parent2eb7eafc9d789cb5063dd36021412434b656bf75 (diff)
downloadtor-a96c0affcb4cda1a2e0d83d123993d10efc6e396.tar.gz
tor-a96c0affcb4cda1a2e0d83d123993d10efc6e396.zip
Better policy support for IPv6
Now, "accept *:80" means "accept all addresses on port 80", and not just IPv4. For just v4, say "accept *4:80"; for just v6 say "accept *6:80". We can parse these policies from torrc just fine, and we should be successfully keeping them out of descriptors for now. We also now include appropriate IPv6 addresses in "reject private:*"
Diffstat (limited to 'src/or/or.h')
-rw-r--r--src/or/or.h10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/or/or.h b/src/or/or.h
index 6510725f69..42bf0a8ea7 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1730,7 +1730,15 @@ typedef struct addr_policy_t {
maskbits_t maskbits; /**< Accept/reject all addresses <b>a</b> such that the
* first <b>maskbits</b> bits of <b>a</b> match
* <b>addr</b>. */
- tor_addr_t addr; /**< Base address to accept or reject. */
+ /** Base address to accept or reject.
+ *
+ * Note that wildcards are treated
+ * differntly depending on address family. An AF_UNSPEC address means
+ * "All addresses, IPv4 or IPv6." An AF_INET address with maskbits==0 means
+ * "All IPv4 addresses" and an AF_INET6 address with maskbits == 0 means
+ * "All IPv6 addresses".
+ **/
+ tor_addr_t addr;
uint16_t prt_min; /**< Lowest port number to accept/reject. */
uint16_t prt_max; /**< Highest port number to accept/reject. */
} addr_policy_t;