Hi,
sajolida@??? wrote (31 Aug 2013 14:00:08 GMT) :
> A Whisperback bug report is suggesting us to limit the user i2psvc to
> send UDP through the firewall.
Looks mostly good (once it has comments), only one question below.
> Here is a patch for that.
> It also adds missing ports 7654 7658 for the
> user amnesia to access some i2p services.
Once some commit message tells me what problem this solves, and what
"some i2p services" are, then I'm happy to review this part.
The design doc would need an update, likely, but this can probably
wait for a future iteration.
> + outerface ! lo mod owner uid-owner i2psvc {
> + proto udp ACCEPT;
> + }
Any specific reason to only restrict on !lo?
In other words, does I2P need to do TCP on the loopback interface?
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
