[tor-bugs] #18100 [Core Tor/Tor]: src/or/connection_edge.c typo
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 12 01:08:16 UTC 2017
#18100: src/or/connection_edge.c typo
-------------------------------------------------+-------------------------
Reporter: jirib | Owner:
Type: defect | Status:
| merge_ready
Priority: Medium | Milestone: Tor:
| 0.3.1.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.2.9.9
Severity: Normal | Resolution:
Keywords: isaremoved, nickwants029, lorax, | Actual Points:
tor-03-unspecified-201612 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by d4fq0fQAgoJ):
I've been using the patched version (0001-trans_tproxy.patch) with a
TPROXY iptables setup since I commented here and so far it's been working
as expected for me.
The only real documentation about the TPROXY feature I found is from the
kernel documentation (Documentation/networking/tproxy.txt). Unfortunately
it does not say anything about getsockname() or
getsockopt(SO_ORIGINAL_DST).
It seems that the TPROXY kernel feature enables transparent proxy
capabilities without the need to DNAT (what else would be it's purpose
then?). The above experiment backs this up because TPROXYing works without
conntrack kernel modules loaded (conntracking is required for NAT). This
only works with the above patch applied which utilizes getsockname()
instead of getsockopt(SO_ORIGINAL_DST). Therefore it seems that
getsockname() is the correct way.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18100#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list