diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-10-26 15:17:48 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-10-26 15:17:48 +0000 |
commit | 5272b27b9373a21884fde643a7d582df6b3b421b (patch) | |
tree | 3c2ce2549e203c099ddf07386fa53122471f4f49 /src/exit | |
parent | 87b7d2bc3d9cc8c4da313e5dc60fa497d65eb0e2 (diff) | |
download | gnunet-5272b27b9373a21884fde643a7d582df6b3b421b.tar.gz gnunet-5272b27b9373a21884fde643a7d582df6b3b421b.zip |
-make proper use of new policy parser
Diffstat (limited to 'src/exit')
-rw-r--r-- | src/exit/exit.conf | 18 | ||||
-rw-r--r-- | src/exit/gnunet-daemon-exit.c | 4 |
2 files changed, 11 insertions, 11 deletions
diff --git a/src/exit/exit.conf b/src/exit/exit.conf index aadcee47f..46851420d 100644 --- a/src/exit/exit.conf +++ b/src/exit/exit.conf | |||
@@ -5,7 +5,7 @@ BINARY = gnunet-daemon-exit | |||
5 | # must be within the global IPv6 range of your system!) | 5 | # must be within the global IPv6 range of your system!) |
6 | IPV6ADDR = 2001:DB8::1 | 6 | IPV6ADDR = 2001:DB8::1 |
7 | 7 | ||
8 | # Prefix for our IPv6 subnet on the TUN interface. | 8 | # Prefix for our IPv6 subnet on the TUN interface. |
9 | IPV6PREFIX = 64 | 9 | IPV6PREFIX = 64 |
10 | 10 | ||
11 | # IPv4 address to use on our TUN interface (may need to be | 11 | # IPv4 address to use on our TUN interface (may need to be |
@@ -16,13 +16,13 @@ IPV4ADDR = 169.254.86.1 | |||
16 | # Netmask for the IPv4 subnet on the TUN interface. | 16 | # Netmask for the IPv4 subnet on the TUN interface. |
17 | IPV4MASK = 255.255.255.0 | 17 | IPV4MASK = 255.255.255.0 |
18 | 18 | ||
19 | # Regular expression matching IPv4 addresses in binary (32 values of 0 or 1) | 19 | # IPv4 networks to which we are allowed to exit. |
20 | # format for which this system is willing to serve as an exit. | 20 | # The format is "(network[/netmask][:[!]SPORT-DPORT];)*" |
21 | EXIT_RANGE_IPV4_REGEX = (0|1)* | 21 | EXIT_RANGE_IPV4_POLICY = 0.0.0.0/0:!25; |
22 | 22 | ||
23 | # Regular expression matching IPv4 addresses in binary (128 values of 0 or 1) | 23 | # IPv6 networks to which we are allowed to exit. |
24 | # format for which this system is willing to serve as an exit. | 24 | # The format is "(network[/netmask][:[!]SPORT-DPORT];)*" |
25 | EXIT_RANGE_IPV6_REGEX = (0|1)* | 25 | EXIT_RANGE_IPV6_POLICY = ::/0:!25; |
26 | 26 | ||
27 | 27 | ||
28 | # Name of the (virtual) tunnel interface the exit daemon will manage | 28 | # Name of the (virtual) tunnel interface the exit daemon will manage |
@@ -43,10 +43,10 @@ EXIT_IPV4 = NO | |||
43 | # Set this to YES to allow exiting this system via IPv6 to the Internet | 43 | # Set this to YES to allow exiting this system via IPv6 to the Internet |
44 | EXIT_IPV6 = NO | 44 | EXIT_IPV6 = NO |
45 | 45 | ||
46 | # This option should be set to YES to allow the DNS service to | 46 | # This option should be set to YES to allow the DNS service to |
47 | # perform lookups against the locally configured DNS resolver. | 47 | # perform lookups against the locally configured DNS resolver. |
48 | # (set to "NO" if no normal ISP is locally available and thus | 48 | # (set to "NO" if no normal ISP is locally available and thus |
49 | # requests for normal ".com"/".org"/etc. must be routed via | 49 | # requests for normal ".com"/".org"/etc. must be routed via |
50 | # the GNUnet VPN (the GNUNET PT daemon then needs to be configured | 50 | # the GNUnet VPN (the GNUNET PT daemon then needs to be configured |
51 | # to intercept and route DNS queries via mesh). | 51 | # to intercept and route DNS queries via mesh). |
52 | # Set this to YES to allow using this system for DNS queries. | 52 | # Set this to YES to allow using this system for DNS queries. |
diff --git a/src/exit/gnunet-daemon-exit.c b/src/exit/gnunet-daemon-exit.c index 9c095b34e..2de707133 100644 --- a/src/exit/gnunet-daemon-exit.c +++ b/src/exit/gnunet-daemon-exit.c | |||
@@ -3719,7 +3719,7 @@ run (void *cls, | |||
3719 | if (GNUNET_OK != | 3719 | if (GNUNET_OK != |
3720 | GNUNET_CONFIGURATION_get_value_string (cfg, | 3720 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3721 | "exit", | 3721 | "exit", |
3722 | "EXIT_RANGE_IPV4_REGEX", | 3722 | "EXIT_RANGE_IPV4_POLICY", |
3723 | &policy)) | 3723 | &policy)) |
3724 | regex = NULL; | 3724 | regex = NULL; |
3725 | else | 3725 | else |
@@ -3745,7 +3745,7 @@ run (void *cls, | |||
3745 | if (GNUNET_OK != | 3745 | if (GNUNET_OK != |
3746 | GNUNET_CONFIGURATION_get_value_string (cfg, | 3746 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3747 | "exit", | 3747 | "exit", |
3748 | "EXIT_RANGE_IPV6_REGEX", | 3748 | "EXIT_RANGE_IPV6_POLICY", |
3749 | &policy)) | 3749 | &policy)) |
3750 | regex = NULL; | 3750 | regex = NULL; |
3751 | else | 3751 | else |