hosts.lisp, distorted.lisp: Separate address for anonymity services.

With a little luck, this will prevent most arsey Tor-blocking services
from rejecting innocent traffic.

diff --git a/distorted.lisp b/distorted.lisp
index 02dd2e3..8325a92 100644 (file)
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -42,6 +42,7 @@
   ;; Entry is via little router box.
   (dmz :net dmz)
   (guvnor (inside :svc gate.dmz) (dmz :a guvnor.dmz))
+  (anon (dmz :a anon.dmz))
   (gate (dmz :a gate.dmz))
   (nat (dmz :a nat.dmz))
 
@@ -51,13 +52,17 @@
 
   ;; Local services.
   :svc vampire
-  ((www krb ftp rsync wiki git bugs mail db tor i2p rawk vox www-cache)
+  ((www krb ftp rsync wiki git bugs mail db i2p rawk vox www-cache)
    :svc vampire)
 
   ;; Internal services.
   #+view/inside ((ntp) :svc ibanez.unsafe)
   #+view/inside ((wpad ntp1 news) :svc vampire.unsafe)
 
+  ;; Anonymity services.
+  (tor :svc #+view/inside vampire.unsafe
+           #-view/inside anon.dmz)
+
   ;; Wired ethernet.
   (wired :net wired)
   (vampire (unsafe :a vampire.unsafe)

diff --git a/hosts.lisp b/hosts.lisp
index 7393a7c..926bbe6 100644 (file)
--- a/hosts.lisp
+++ b/hosts.lisp
@@ -41,6 +41,7 @@
 (defhost artist.dmz (dmz 5))
 (defhost vampire.dmz (dmz 6))
 (defhost ibanez.dmz (dmz 9))
+(defhost anon.dmz (dmz 12))
 (defhost gate.dmz (dmz 13))
 (defhost nat.dmz (dmz 14))