[tor-talk] Tor transparent proxy -> strange behavior regarding .onion
Ivan Markin
twim at riseup.net
Sat Jan 21 09:36:00 UTC 2017
radio_24 at chscene.ch:
> But with Firefox and Safari I don’t see anything — whether with
> wireshark on the client nor with tcpdump on the proxy. Under
> about:networking <about:networking>, DNS-Lookup, Firefox's response
> is NS_ERROR_UNKNOWN_HOST. It seems as if macOS Sierra decided that
> .onion is not a valid DNS name and didn’t make a DNS request at all
> (and yes, I did flush the DNS cache before).
>
> To replicate this behavior, I took an old Macbook with OS X El
> Capitan with exactly the same network configuration (Router:
> 192.168.42.1 / DNS: 192.168.42.1 / Search Domain: local). It worked
> without problems (Firefox / Safari have on both computers exactly the
> same plugins). More tests: It doesn’t work on iOS 10.2 either.
I tried disabling blockDotOnion in Firefox 50.0.1 and it works as
expected: I can see DNS requests to the server from resolv.conf. As long
as you have Chrome working correctly, I can say that OS isn't a problem
here. It's likely Firefox/Safari themselves.
Can you run Firefox with a new clean profile (-P option; don't know how
it works on macOS) and see if it still doesn't issue any DNS requests on
dotonions (with blockDotOnion = false).
Probably Safari has also got implementation for RFC 7686 but I don't
know whether it's possible to go around it.
--
Ivan Markin
More information about the tor-talk
mailing list