oh, I don't understand this


what you mean is, for example, when browsing webpages

browser application                sock                        Tor                            Ethernet interface
       
         send   packet ---------->    forward -------------> encrypt and   -----------------> send to the entry node
                                                                         make tor cells


         receive packet<---------   forward<-------------- decrypt tor cells <---------------  receive from the entry node

                                                                                                  tcpdump -i eth0(this is my capturing)

 but you mean I can capture between the browser application and the sock£¿



so I used tcpdump on the ethernet interface
the packets are  encrypted
you mean I can capture the packets before

2012/10/31 Damian Johnson <atagar@torproject.org>
> OK, thank you very much!
> besides,  is it possible to get the cypher key for decoding the tcpdump
> captured packets on the TOR client??

I don't follow, do you mean the traffic between tor and the first hop?
Why not just intercept the communication with the socks port?
_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev