diff options
author | Jacob Appelbaum <jacob@appelbaum.net> | 2010-09-24 12:52:07 -0700 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2010-09-30 11:39:34 -0400 |
commit | 6bbbe88afe4df4e26c948e384c2ce0eb50f2dfc8 (patch) | |
tree | 70efdfc030ebdc087c99080458d96cfbe836e2a9 /tor-fw-helper-spec.txt | |
parent | 0f1b95d37c338190b4d81dd24587b923c89f299c (diff) | |
download | torspec-6bbbe88afe4df4e26c948e384c2ce0eb50f2dfc8.tar.gz torspec-6bbbe88afe4df4e26c948e384c2ce0eb50f2dfc8.zip |
Changes to tor-fw-helper, some based on Nick's review
* MINIUPNPC rather than the generic UPNP
* Nick suggested a better abstraction model for tor-fw-helper
* Fix autoconf to build with either natpmp or miniupnpc
* Add AM_PROG_CC_C_O to fix automake complaint
* update spec to address nickm's concern
* refactor nat-pmp to match upnp state
* we prefer tor_snprintf to snprintf
* link properlty for tor_snprintf
* rename test_commandline_options to log_commandline_options
* cast this uint as an int
* detect possible FD_SETSIZE errors
* make note about future enhancements for natpmp
* add upnp enhancement note
* ChangeLog entry
* doxygen and check-spaces cleanup
* create tor-fw-helper.1.txt
Diffstat (limited to 'tor-fw-helper-spec.txt')
-rw-r--r-- | tor-fw-helper-spec.txt | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/tor-fw-helper-spec.txt b/tor-fw-helper-spec.txt index 684f50f..0068b26 100644 --- a/tor-fw-helper-spec.txt +++ b/tor-fw-helper-spec.txt @@ -33,12 +33,25 @@ tor-fw-helper: FAILURE All informational messages are printed to standard output; all error messages - are printed to standard error. + are printed to standard error. Messages other than SUCCESS and FAILURE + may be printed by any compliant tor-fw-helper. + +2.2 Output format stability + + The above SUCCESS and FAILURE messages are the only stable output formats + provided by this specification. tor-fw-helper-spec compliant implementations + must return SUCCESS or FAILURE as defined above. 3. Security Concerns It is probably best to hand configure port forwarding and in the process, we - suggest disabling NAT-PMP and/or UPnP. + suggest disabling NAT-PMP and/or UPnP. This is of course absolutely confusing + to users and so we support automatic, non-authenticated NAT port mapping + protocols with compliant tor-fw-helper applications. + + NAT should not be considered a security boundary. NAT-PMP and UPnP are hacks + to deal with the shortcomings of user education about TCP/IP, IPv4 shortages, + and of course, NAT devices that suffer from horrible user interface design. [0] http://en.wikipedia.org/wiki/NAT_Port_Mapping_Protocol [1] http://en.wikipedia.org/wiki/Universal_Plug_and_Play |