summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/bug25596
-rw-r--r--doc/tor.1.txt7
-rw-r--r--src/or/config.c5
-rw-r--r--src/or/connection.c10
-rw-r--r--src/or/or.h5
5 files changed, 22 insertions, 11 deletions
diff --git a/changes/bug2559 b/changes/bug2559
new file mode 100644
index 0000000000..9715eaf6b5
--- /dev/null
+++ b/changes/bug2559
@@ -0,0 +1,6 @@
+ o Minor features:
+ - Ordinarily, Tor does not count traffic from private addresses
+ (like 127.0.0.1 or 10.0.0.1) when calculating rate limits or
+ accounting. There is now a new option, CountPrivateBandwidth, to
+ disable this behavior. Patch from Daniel Cagara.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index eaebf440ae..5a70cd2a5f 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -437,6 +437,12 @@ Other options can be specified either on the command-line (--option
and you're running on Windows, setting this option to 1 will tell Libevent
not to use the Windows IOCP networking API. (Default: 1)
+**CountPrivateBandwidth** **0**|**1**::
+ If this option is set, then Tor's rate-limiting applies not only to
+ remote connections, but also to connections to private addresses like
+ 127.0.0.1 or 10.0.0.1. This is mostly useful for debugging
+ rate-limiting. (Default: 0)
+
CLIENT OPTIONS
--------------
@@ -1342,6 +1348,7 @@ The following options are used for running a testing Tor network.
AuthDirMaxServersPerAuthAddr 0
ClientDNSRejectInternalAddresses 0
ClientRejectInternalAddresses 0
+ CountPrivateBandwidth 1
ExitPolicyRejectPrivate 0
V3AuthVotingInterval 5 minutes
V3AuthVoteDelay 20 seconds
diff --git a/src/or/config.c b/src/or/config.c
index 9d782b9f8e..e6322cb0bd 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2958,11 +2958,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
tor_assert(msg);
*msg = NULL;
- // Cagara: Tell us if we use the private network fix!
- if(options->CountPrivateBandwidth == 1) {
- log_notice(LD_CONFIG, "Private bandwidth will be treated as normal traffic.");
- }
-
if (options->ORPort < 0 || options->ORPort > 65535)
REJECT("ORPort option out of bounds.");
diff --git a/src/or/connection.c b/src/or/connection.c
index 953f402317..33f9af6f4f 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1954,10 +1954,12 @@ static int
connection_is_rate_limited(connection_t *conn)
{
or_options_t *options = get_options();
- if (conn->linked || /* internal connection */
- (options->CountPrivateBandwidth==1 && ( tor_addr_family(&conn->addr) == AF_UNSPEC || /* no address */
- tor_addr_is_internal(&conn->addr, 0)))) /* internal address */
- return 0;
+ if (conn->linked)
+ return 0; /* Internal connection */
+ else if (options->CountPrivateBandwidth &&
+ (tor_addr_family(&conn->addr) == AF_UNSPEC || /* no address */
+ tor_addr_is_internal(&conn->addr, 0)))
+ return 0; /* Internal address */
else
return 1;
}
diff --git a/src/or/or.h b/src/or/or.h
index fb68d4482b..c134d7c7a9 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2868,8 +2868,9 @@ typedef struct {
/** Boolean: if set, we start even if our resolv.conf file is missing
* or broken. */
int ServerDNSAllowBrokenConfig;
- int CountPrivateBandwidth; // Cagara: Flag to allow private addresses counting to bucket size
-
+ /** Boolean: if set, then even connections to private addresses will get
+ * rate-limited. */
+ int CountPrivateBandwidth;
smartlist_t *ServerDNSTestAddresses; /**< A list of addresses that definitely
* should be resolvable. Used for
* testing our DNS server. */