[Tor-BSD] OpenBSD pf rules...

Wed Nov 26 12:47:18 EST 2014

On Tue, 25 Nov 2014 17:20:20 -0800, teor <teor2345 at gmail.com> wrote:
> You could grep/cut the relay lines from tor's cached consensus file to  
> achieve this - it is plain text in a well-defined format.
> You could use the IP/Port pairs, or a unique list of ports.

OK, here's what I've worked up so far

To make a table of tor relays

# grep ^r /var/tor/cached-consensus |awk '{ print $7}' > /etc/tor-relays

To make a list of ORPorts

# grep ^r /var/tor/cached-consensus |awk '{ print $8}' | sort -n | uniq  >  
/etc/or-ports

I've also added an include statement in pf.conf to hide the ORPort and  
exit port macro clutter.

include "/etc/tor-port-macros" # tor_or_ports and tor_exit_ports macros  
defined here

> There are approximately 7000 IP/Port entries in the consensus, so a  
> global permit for the 10 most common ports may speed things up at the  
> cost of some security. This list starts: 9001, 443, …

ORPort distribution fun fact

3411 9001
1869 443
   67 80
   61 9002
   61 8080
   52 9090
   44 444
   31 110
   30 8443
   24 9003
   22 9035
   22 143
   20 22
   19 993
   17 21
   16 9010
   16 4443
   14 9999
   14 9009
   13 9031
   13 9011
   13 59001
   12 9004
   11 9443
   11 9008
   11 19001
   10 9005
    9 9101
    9 9006
    8 995
    8 9007
    7 9030
    7 9029
    7 9020
    7 9000
    6 9201
    6 9200
    6 7654
    6 4433
    5 9913
    5 9666
    5 9091
    5 9052
    5 29001
    5 20
    5 1337
    4 9901
    4 9055
    4 8081
    4 8001
    4 8000
    4 7777
    4 666
    4 61521
    4 53
    4 446
    4 44444
    4 4430
    4 3389
    4 23852
    3 9876
    3 9099
    3 9051
    3 9050
    3 9018
    3 7443
    3 61058
    3 6001
    3 6000
    3 5432
    3 44443
    3 3443
    3 3128
    3 3000
    3 1443
    3 10443
    3 10001
    2 9989
    2 989
    2 9500
    2 9231
    2 9111
    2 9100
    2 9095
    2 9081
    2 9075
    2 9053
    2 9040
    2 9032
    2 9023
    2 9022
    2 9019
    2 9017
    2 9016
    2 9015
    2 9014
    2 9013
    2 9012
    2 8998
    2 88
    2 8526
    2 8345
    2 8181
    2 8008
    2 6969
    2 6666
    2 6443
    2 61214
    2 5901
    2 58840
    2 587
    2 5556
    2 55555
    2 5555
    2 5061
    2 50001
    2 500
    2 49901
    2 4712
    2 465
    2 450
    2 447
    2 440
    2 42042
    2 4001
    2 3971
    2 3784
    2 3767
    2 3306
    2 31337
    2 31001
    2 3002
    2 3001
    2 2443
    2 23425
    2 2342
    2 23
    2 20610
    2 2011
    2 20000
    2 1723
    2 11443
    2 11009
    2 10101
    2 10000
    2 100
    1 9996
    1 9991
    1 9990
    1 9962
    1 9933
    1 991
    1 9909
    1 99
    1 9890
    1 9861
    1 9851
    1 985
    1 9845
    1 9834
    1 9831
    1 9814
    1 9752
    1 9673
    1 9669
    1 9601
    1 9579
    1 953
    1 950
    1 9447
    1 9421
    1 9420
    1 9392
    1 9390
    1 9384
    1 9340
    1 9339
    1 9337
    1 9333
    1 9321
    1 9317
    1 931
    1 9292
    1 9290
    1 9284
    1 9272
    1 9190
    1 9181
    1 9150
    1 9123
    1 9112
    1 9106
    1 9080
    1 9071
    1 9070
    1 9049
    1 9036
    1 9027
    1 9026
    1 9025
    1 9024
    1 9021
    1 901
    1 8995
    1 8900
    1 890
    1 8899
    ....etc