Proposal: Separate streams across circuits by destination port or destination host

Robert Hogan robert at
Sun Aug 8 11:23:06 UTC 2010

On Sunday 08 August 2010 01:10:38 Nick Mathewson wrote:
> ** IsolateBySOCKSUser -- If this boolean option is true, then Tor will
> look at the username field of the SOCKS protocol, and make sure that
> any two streams that were created with different SOCKS usernames will
> be sent over different circuits.  The empty username will be treated
> as its own username different from all other usernames.

Given that the problem is how to use separate circuits per application this 
sounds much closer to the real solution than separating by service port.

Maybe there are other things Tor could do with the SOCKS connection if 
username information is not present:

- Do not share SOCKS4/4a/5 on the same circuit.
- On *nix use the source port to look up the connection's application name 
  in  /proc/pid/cmdline and, if cmdline is readable, treat that as a SOCKS
  username when choosing circuits.

More information about the tor-dev mailing list