Bug: improperly bound listen addresses?

grarpamp grarpamp at gmail.com
Tue Aug 5 19:07:27 UTC 2008 

>>>Yes. And it should have the facility to bind to whatever address I
>>>tell it to use for that purpose. Not the primary address on any
>>>given interface, the '*' address, etc. Tor already has facilities
>>>for its OR and DIR 'listeners' and the 'outboundbindaddress'. It
>>>needs one one for DNS resolution as well. I don't want it using .1
>>>for that. Create a -dnssrcport and -dnsbindaddress. -dnssrcport
>>>should allow >=1024 for non-root and anything for root, particularly
>>>53.

>> On 8/1/08, Scott Bennett <bennett at cs.niu.edu> wrote:
>>    Perhaps you would explain to us why you wish to be able to use
>>secured ports as client ports rather than server ports.  Your example,
>>port 53, is the port to which named binds.  The routines in resolv.conf,
>>of course, use whatever port the kernel assigns to them because they
>>are client routines, not the DNS server routines.  It's not at all
>>clear what you have in mind.

>Ahh, yes. Ok, Tor is not likely to be a named anytime soon :) I'll
>fire up a named, bind it as desired and point Tor at it.


Hi :) Finished testing...

It is still necessary for Tor to have a -dnsclientaddress option.

If I point resolv.conf to 127.0.0.1, Tor binds as follows:
tor      tor      73613    9 udp4 127.0.0.1:2884 127.0.0.1:53
tor      tor      73552    9 udp4 127.0.0.1:2884 127.0.0.1:53

This is perfectly fine.

If I point resolv.conf to w.x.y.z on the internet Tor binds as
follows:

tor      tor      73613   10 udp4 10.0.0.1:2885   w.x.y.z:53
tor      tor      73552   10 udp4 10.0.0.1:2885   w.x.y.z:53

This is not desirable. Because as before, I'm trying to move all
of Tor's activities off of my primary interface address [10.0.0.1]
and onto the secondary [10.0.0.2]. I've been able to use the following
to move everything but this DNS binding to the secondary [10.0.0.2]:

-orlistenaddress 10.0.0.2
-dirlistenaddress 10.0.0.2
-address 10.0.0.2 <-- workaround for bug: Tor not making note
 internally of the above two options and failing to run.
-outboundbindaddress 10.0.0.2

Thanks.

More information about the tor-talk mailing list