From: Mark Wooding <mdw@distorted.org.uk>
Date: Mon, 3 Oct 2011 19:01:59 +0000 (+0100)
Subject: hosts.lisp, distorted.lisp: Separate address for anonymity services.
X-Git-Url: https://git.distorted.org.uk/~mdw/zones/commitdiff_plain/04db972978345f878d837a37edd8a0ea677ee771

hosts.lisp, distorted.lisp: Separate address for anonymity services.

With a little luck, this will prevent most arsey Tor-blocking services
from rejecting innocent traffic.
---

diff --git a/distorted.lisp b/distorted.lisp
index 02dd2e3..8325a92 100644
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -42,6 +42,7 @@
   ;; Entry is via little router box.
   (dmz :net dmz)
   (guvnor (inside :svc gate.dmz) (dmz :a guvnor.dmz))
+  (anon (dmz :a anon.dmz))
   (gate (dmz :a gate.dmz))
   (nat (dmz :a nat.dmz))
 
@@ -51,13 +52,17 @@
 
   ;; Local services.
   :svc vampire
-  ((www krb ftp rsync wiki git bugs mail db tor i2p rawk vox www-cache)
+  ((www krb ftp rsync wiki git bugs mail db i2p rawk vox www-cache)
    :svc vampire)
 
   ;; Internal services.
   #+view/inside ((ntp) :svc ibanez.unsafe)
   #+view/inside ((wpad ntp1 news) :svc vampire.unsafe)
 
+  ;; Anonymity services.
+  (tor :svc #+view/inside vampire.unsafe
+	    #-view/inside anon.dmz)
+
   ;; Wired ethernet.
   (wired :net wired)
   (vampire (unsafe :a vampire.unsafe)
diff --git a/hosts.lisp b/hosts.lisp
index 7393a7c..926bbe6 100644
--- a/hosts.lisp
+++ b/hosts.lisp
@@ -41,6 +41,7 @@
 (defhost artist.dmz (dmz 5))
 (defhost vampire.dmz (dmz 6))
 (defhost ibanez.dmz (dmz 9))
+(defhost anon.dmz (dmz 12))
 (defhost gate.dmz (dmz 13))
 (defhost nat.dmz (dmz 14))