Proposal: Separate streams across circuits by destination port or destination host
robert at roberthogan.net
Sun Aug 8 11:23:06 UTC 2010
On Sunday 08 August 2010 01:10:38 Nick Mathewson wrote:
> ** IsolateBySOCKSUser -- If this boolean option is true, then Tor will
> look at the username field of the SOCKS protocol, and make sure that
> any two streams that were created with different SOCKS usernames will
> be sent over different circuits. The empty username will be treated
> as its own username different from all other usernames.
Given that the problem is how to use separate circuits per application this
sounds much closer to the real solution than separating by service port.
Maybe there are other things Tor could do with the SOCKS connection if
username information is not present:
- Do not share SOCKS4/4a/5 on the same circuit.
- On *nix use the source port to look up the connection's application name
in /proc/pid/cmdline and, if cmdline is readable, treat that as a SOCKS
username when choosing circuits.
More information about the tor-dev