Bug: improperly bound listen addresses?
grarpamp
grarpamp at gmail.com
Tue Aug 5 19:07:27 UTC 2008
>>>Yes. And it should have the facility to bind to whatever address I
>>>tell it to use for that purpose. Not the primary address on any
>>>given interface, the '*' address, etc. Tor already has facilities
>>>for its OR and DIR 'listeners' and the 'outboundbindaddress'. It
>>>needs one one for DNS resolution as well. I don't want it using .1
>>>for that. Create a -dnssrcport and -dnsbindaddress. -dnssrcport
>>>should allow >=1024 for non-root and anything for root, particularly
>>>53.
>> On 8/1/08, Scott Bennett <bennett at cs.niu.edu> wrote:
>> Perhaps you would explain to us why you wish to be able to use
>>secured ports as client ports rather than server ports. Your example,
>>port 53, is the port to which named binds. The routines in resolv.conf,
>>of course, use whatever port the kernel assigns to them because they
>>are client routines, not the DNS server routines. It's not at all
>>clear what you have in mind.
>Ahh, yes. Ok, Tor is not likely to be a named anytime soon :) I'll
>fire up a named, bind it as desired and point Tor at it.
Hi :) Finished testing...
It is still necessary for Tor to have a -dnsclientaddress option.
If I point resolv.conf to 127.0.0.1, Tor binds as follows:
tor tor 73613 9 udp4 127.0.0.1:2884 127.0.0.1:53
tor tor 73552 9 udp4 127.0.0.1:2884 127.0.0.1:53
This is perfectly fine.
If I point resolv.conf to w.x.y.z on the internet Tor binds as
follows:
tor tor 73613 10 udp4 10.0.0.1:2885 w.x.y.z:53
tor tor 73552 10 udp4 10.0.0.1:2885 w.x.y.z:53
This is not desirable. Because as before, I'm trying to move all
of Tor's activities off of my primary interface address [10.0.0.1]
and onto the secondary [10.0.0.2]. I've been able to use the following
to move everything but this DNS binding to the secondary [10.0.0.2]:
-orlistenaddress 10.0.0.2
-dirlistenaddress 10.0.0.2
-address 10.0.0.2 <-- workaround for bug: Tor not making note
internally of the above two options and failing to run.
-outboundbindaddress 10.0.0.2
Thanks.
More information about the tor-talk
mailing list