[tbb-dev] Tor unable to parse Bridge setting if using domain

Hikari tux at hikari.me
Wed Aug 28 10:01:33 UTC 2019 

Hello.

I was also suspecting that firewall was detecting and blocking Tor 
protocol. But I've found a few BridgeDB bridges that I was able to use, 
most of them on port 443. I'm also unable to make obfs4 work on Windows 
client so I'm unable to further test it.

Currently my ORport is on 80 but I had already tried other ports too. 
The problem is that my IP is blocked, regadless of any port or protocol, 
so if I don't use a domain it won't work.

So, I won't be able to use my relay, and will need to find public or 
BridgeDB ones whose IPs aren't blocked?

I'm gonna read this ticket. If it is intended, maybe I'll open one 
suggesting that domain parsing be accepted back with option to enable it 
and leave it disabled by default.


On 28/08/2019 02:24 AM, David Fifield wrote:
> On Tue, Aug 27, 2019 at 08:29:08PM -0300, Hikari wrote:
>> Hello everybody! Sorry if I'm asking on the wrong list.
> This is more of a Tor issue than a Tor Browser issue. But looking at
> https://lists.torproject.org/cgi-bin/mailman/listinfo, I don't
> immediately see an appropriate list. I know questions like this would be
> welcome on the #tor IRC channel.
>
>> I had setup a Tor bridge on my home server. When I test it using 4G it works.
>> It happens that my ISP's dynamic IPs are blocked too. I managed to find a
>> domain I can use and isn't blocked, so when I go to my server's web server
>> using its IP I get blocked, but when I go using my domain I'm able to browse
>> it.
>>
>> Now I'm strugging to get Tor client at office to connect to my Tor bridge at
>> home. If I use Bridge 51.113.0.17:80 (a obfuscated IP, not the current one) it
>> fails as happens with most bridges on BridgeDB.
>>
>> But when I use Bridge hikari.mydomain.com:80 (which works if accessed from a
>> browser on port 8080) I get Error parsing Bridge address
>> 'hikari.mydomain.com:80'. Failed to parse/validate config: Bridge line did not
>> parse.
>>
>> Any idea why it's not parsing domains on bridge setting?
> About five years ago, tor would accept hostnames in bridge lines, but
> stopped doing that here: https://bugs.torproject.org/10801.
>
> I suspect that your problem is nothing really to do with hostname versus
> IP address. After all, after resolving the name, tor is still just going
> to connect to the IP address. More likely it is related to the port
> and/or protocol. You say that tor on port 80 is blocked but HTTP on port
> 8080 works; it could be that the firewall is dynamically detecting the
> Tor protocol and blocking it, while allowing HTTP. Try using an unlisted
> obfs4 bridge from https://bridges.torproject.org/options and see if it
> works.

More information about the tbb-dev mailing list