maltrail icon indicating copy to clipboard operation
maltrail copied to clipboard

Published 20 hours ago verified publisher icon stamparm

[Feature Request] All nodes for Tor feed, not only exit nodes

Open clanto007 opened this issue 1 year ago • 5 comments

With the current list of nodes Tor traffic is never recognized. I propose to change the list and use the pfblockerng list to find all IPs of all nodes in the Tor network and make the recognition more accurate.

These are the lists updated daily: https://unlockforus.com/pfblockerng/tor_nodes_ipv4.txt https://unlockforus.com/pfblockerng/tor_nodes_ipv6.txt

clanto007 avatar Jun 23 '23 13:06 clanto007

With the current list of nodes Tor traffic is never recognized. <- with tor exit nodes Tor traffic is never recognized??? aren't tor exit nodes used for accessing sites (e.g. having Maltrail in front)?

stamparm avatar Jun 26 '23 10:06 stamparm

If I use on the other side to control traffic in and out from the office the IP called from Tor browser is not the tor exit node of list included.

Il lun 26 giu 2023, 12:21 Miroslav Stampar @.***> ha scritto:

With the current list of nodes Tor traffic is never recognized. <- with tor exit nodes Tor traffic is never recognized??? aren't tor exit nodes used for accessing sites (e.g. having Maltrail in front)?

— Reply to this email directly, view it on GitHub https://github.com/stamparm/maltrail/issues/19163#issuecomment-1607162777, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKUVEZLGUOBWAW53VJQUH43XNFPBXANCNFSM6AAAAAAZRSALPQ . You are receiving this because you authored the thread.Message ID: @.***>

clanto007 avatar Jun 26 '23 10:06 clanto007

you said With the current list of nodes Tor traffic is never recognized.. right? generally speaking, that means both inbound and outbound

stamparm avatar Jun 26 '23 10:06 stamparm

You could also probably use those lists maybe?

https://tor-relays.0xc0d3.xyz/

exits.txt: Exit relays only, IPv4 and IPv6. Use this list to block traffic to your site from the Tor Network. exits-ipv4.txt: Exit relays only, IPv4 only. exits-ipv6.txt: Exit relays only, IPv6 only. relays.txt: All relays within the Tor Network, exit and non-exit, IPv4 and IPv6. relays-ipv4.txt: All relays, IPv4 only. relays-ipv6.txt: All relays, IPv6 only. updated.txt: The time in UTC when the list was last updated.

scriptzteam avatar Jul 16 '23 13:07 scriptzteam

https://tor-relays.0xc0d3.xyz/ is behind the CloudFlare, so I can smell a problem

stamparm avatar Jul 24 '23 11:07 stamparm