-# SOME DESCRIPTIVE TITLE
-# Copyright (C) YEAR Free Software Foundation, Inc.
-# This file is distributed under the same license as the PACKAGE package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-#
-#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: PACKAGE VERSION\n"
-"POT-Creation-Date: 2020-07-06 11:59+0200\n"
-"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
-"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
-"Language-Team: LANGUAGE <LL@li.org>\n"
+"Project-Id-Version: Nos oignons website\n"
+"POT-Creation-Date: 2020-08-20 18:26+0200\n"
+"PO-Revision-Date: 2020-07-06 11:59+0200\n"
+"Last-Translator: Nos oignons <webmaster@nos-oignons.net>\n"
+"Language-Team: English <webmaster@nos-oignons.net>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
#. type: Plain text
#, no-wrap
msgid "[[!meta title=\"Tor, IPv6 et prises de tête\"]]\n"
-msgstr ""
+msgstr "[[!meta title=\"Tor's IPv6 exit policy idiosyncrasy \"]]\n"
#. type: Plain text
#, no-wrap
msgid "[[!meta date=\"2020-07-06 12:00:00\"]]\n"
-msgstr ""
+msgstr "[[!meta date=\"2020-07-06 12:00:00\"]]\n"
#. type: Plain text
msgid ""
"à ça. En partant du principe que tout le reste soit correctement configuré "
"(`ORPort`, `address`, …), arrivez-vous à débusquer l'erreur?"
msgstr ""
+"At nos-oignons we're running a couple of high-speed [tor exit nodes](https://"
+"nos-oignons.net/Services/index.fr.html), and since it's 2020, most of them "
+"have IPv6 addresses.\n"
+"A particular node, [elenagb](https://metrics.torproject.org/rs.html#details/"
+"F47B13BFCE4EF48CDEF6C4D7C7A99208EBB972B5), named after the Italian feminist "
+"writer and teacher [Elena Gianini Belotti](https://it.wikipedia.org/wiki/"
+"Elena_Gianini_Belotti), hosted by [Aquilenet](https://www.aquilenet.fr/ )was "
+"doing something odd: the consensus thought that its exit policy was `reject "
+"*:*`, while we wanted it to be an exit node.\n"
+"The only major difference with our other servers is that we have some issues "
+"with IPv4 attribution, we agreed with our hoster to only have IPv6 traffic "
+"exiting from the tor network. There was likely a configuration issue "
+"somehow, somewhere.\n"
+"The torrc files looked like this, assuming that everything else (`ORPort`, "
+"`address`, …) was correct, can you spot the mistake?"
#. type: Plain text
-#, no-wrap
+#, fuzzy, no-wrap
+#| msgid ""
+#| "# No exit in ipv4\n"
+#| "\n"
+#| "ExitPolicy reject *:*\n"
+#| "\n"
+#| "\n"
+#| "\n"
+#| "# Reduced exit policy in IPv6\n"
+#| "\n"
+#| "ExitPolicy accept6 *:20-23 # FTP, SSH, telnet\n"
+#| "\n"
+#| "…\n"
+#| "\n"
+#| "ExitPolicy accept6 *:64738 # Mumble\n"
+#| "\n"
+#| "ExitPolicy reject6 *:*\n"
+#| "\n"
msgid ""
"# No exit in ipv4\n"
"\n"
"ExitPolicy reject6 *:*\n"
"\n"
msgstr ""
+"# No exit in ipv4\n"
+"\n"
+"ExitPolicy reject *:*\n"
+"\n"
+"\n"
+"\n"
+"# Reduced exit policy in IPv6\n"
+"\n"
+"ExitPolicy accept6 *:20-23 # FTP, SSH, telnet\n"
+"\n"
+"…\n"
+"\n"
+"ExitPolicy accept6 *:64738 # Mumble\n"
+"\n"
+"ExitPolicy reject6 *:*\n"
+"\n"
#. type: Plain text
msgid ""
"l'IPv4 **ainsi** que l'IPv6 pour des raisons historiques. À ce sujet, la "
"[documentation](https://torproject.org/docs/tor-manual.html.en) indique :"
msgstr ""
+"The trick, as outlined in the [ticket 16069](https://trac.torproject.org/)is "
+"that reject *:* will reject both IPv6 and IPv4, for legacy reasons.On this "
+"topic, the [torrc's documentation](https://torproject.org/docs/tor-manual."
+"html.en) states the following:"
#. type: Plain text
#, no-wrap
"comme IPv6 générique. `accept`/`reject *` sont utilisés comme générique\n"
"concernant IPv4 et IPv6.\n"
msgstr ""
+"> accept6 and reject6 only produce IPv6 exit policy entries. Using an IPv4\n"
+"address with accept6 or reject6 is ignored and generates a warning.\n"
+"accept/reject allows either IPv4 or IPv6 addresses. Use *4 as an IPv4\n"
+"wildcard address, and *6 as an IPv6 wildcard address.\n"
+"accept/reject * expands to matching IPv4 and IPv6 wildcard address rules.\n"
#. type: Plain text
msgid "La bonne configuration ressemblerait donc plutôt à ceci:"
-msgstr ""
+msgstr "So the correct configuration looks like this:"
#. type: Plain text
-#, no-wrap
+#, fuzzy, no-wrap
+#| msgid ""
+#| "# No exit in ipv4\n"
+#| "\n"
+#| "ExitPolicy reject *4:*\n"
+#| "\n"
+#| "\n"
+#| "\n"
+#| "# Reduced exit policy in IPv6\n"
+#| "\n"
+#| "ExitPolicy accept6 *:20-23 # FTP, SSH, telnet\n"
+#| "\n"
+#| "ExitPolicy accept6 *:43 # WHOIS\n"
+#| "\n"
+#| "…\n"
+#| "\n"
+#| "ExitPolicy accept6 *:64738 # Mumble\n"
+#| "\n"
+#| "ExitPolicy accept6 *:64738 # Mumble\n"
+#| "\n"
+#| "ExitPolicy reject6 *:*\n"
+#| "\n"
+#| "\n"
+#| "\n"
msgid ""
"# No exit in ipv4\n"
"\n"
"\n"
"\n"
msgstr ""
+"# No exit in ipv4\n"
+"\n"
+"ExitPolicy reject *4:*\n"
+"\n"
+"\n"
+"\n"
+"# Reduced exit policy in IPv6\n"
+"\n"
+"ExitPolicy accept6 *:20-23 # FTP, SSH, telnet\n"
+"\n"
+"ExitPolicy accept6 *:43 # WHOIS\n"
+"\n"
+"…\n"
+"\n"
+"ExitPolicy accept6 *:64738 # Mumble\n"
+"\n"
+"ExitPolicy accept6 *:64738 # Mumble\n"
+"\n"
+"ExitPolicy reject6 *:*\n"
+"\n"
+"\n"
+"\n"
#. type: Plain text
msgid ""
"l'IPv4 nous était maintenant correctement attribuée, et qu'elenagb pouvait "
"donc avoir du trafic sortant de tor à la fois en IPv4 et en IPv6."
msgstr ""
+"An embarrassingly large portion of the evening was wasted, and of course, as "
+"soon as the mystery was solved, our beloved hoster told us that they solved "
+"the attribution issue, and that we're free to use IPv4 as well for the exit "
+"traffic."