[tor-talk] Tor web browsing http connection establish procedures

jiang song luolisongjiang at gmail.com
Tue Nov 13 15:00:35 UTC 2012


>
> If the browser is using socks, it establishes a TCP connection to the
> Tor client, sends a socks request that contains the destination address,
> (optionally) waits for the Tor client to confirm with a socks reply that
> the connection to the destination has been established and sends the
> HTTP request on the same connection.
>
> The DNS resolution is transparent to the browser.
>
>

-----------------------------------------------------------------------------------------
It occurs to me that: before a DNS query, the socks/browser don't know the
destination IP address, so when the exit node get the DNS answer, will it
return the answer(destination IP) to the socks/browser, and then the
socks/browser inform the exit node to connect to that destination IP.

 I user the loopback network interface "lo"  to capture packets.  I notice
that the first time the destination address(dns answer) appears is in a
packet sent from Tor control port 9501 to an unknow port. And after this
packet, the tor browser immediately send the HTTP GET.
so it seems to me that the socks/browser didn't even send a socket request
that contains the destination address to the Tor client(and so relayed to
the exit node).


More information about the tor-talk mailing list