#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-

PROG=exclude_badExits.py
SOCKS_PORT=9050
CAFILE=/etc/ssl/certs/ca-certificates.crt

# an example of running exclude_badExits with full debugging
# expected to take an hour or so
declare -a LARGS
LARGS=(
    --log_level 10
    )
# you may have a special python for installed packages
EXE=`which python3.bash`
LARGS+=(
    --strict_nodes 1
    --points_timeout 120
    --proxy-host 127.0.0.1
    --proxy-port $SOCKS_PORT
    --https_cafile $CAFILE
)

if [ -f '/run/tor/control' ] ; then
    LARGS+=(--proxy-ctl '/run/tor/control' )
else
    LARGS+=(--proxy-ctl 9051 )
fi

ddg=duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad
# for example, whitelist the introduction points to DuckDuckGo
LARGS+=( --white_onions $ddg )

# you may need to be the tor user to read /run/tor/control
grep -q ^debian-tor /etc/group && TORU=debian-tor || {
    grep -q ^tor /etc/group && TORU=tor
}
sudo -u $TORU $EXE exclude_badExits.py "${LARGS[@]}" \
   2>&1|tee exclude_badExits6.log

# The DEBUG statements contain the detail of why the relay was considered bad.