|
|
@@ -239,11 +239,12 @@ Status: Draft
|
|
|
where portlist is a comma seperated list of single port numbers or
|
|
|
portranges (e.g. "22,80-88,1024-6000,6667"). Whether the summary
|
|
|
shows the list of accepted ports or the list of rejected ports depends
|
|
|
- on which list is shorter (has a shorter string representation). In case of
|
|
|
- ties we choose the list of accepted ports. Summary items are
|
|
|
- compressed, that is instead of "80-88,89-100" there only is a single
|
|
|
- item of "80-100", similarly instead of "20,21" a summary will say
|
|
|
- "20-21".
|
|
|
+ on which list is shorter (has a shorter string representation). In
|
|
|
+ case of ties we choose the list of accepted ports. As an exception to
|
|
|
+ this rule an allow-all policy is represented as "accept 1-65535"
|
|
|
+ instead of "reject ". Summary items are compressed, that is instead
|
|
|
+ of "80-88,89-100" there only is a single item of "80-100", similarly
|
|
|
+ instead of "20,21" a summary will say "20-21".
|
|
|
|
|
|
Similarly to IP address, ports, and timestamp a consensus should list
|
|
|
the exit policy matching the descriptor digest referenced in the
|
Peter Palfrader