[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor transparent proxy -> strange behavior regarding .onion

> radio_24@xxxxxxxxxx <mailto:radio_24@xxxxxxxxxx>:
>> Firefox message:
>> Server not found
>> Firefox can’t find the server at facebookcorewwwi.onion
> Can you check whether Firefox sends actual DNS requests? If it does then
> what response it gets (e.g. via tcpdump/wireshark)? What server replies
> to the requests?
> Also check whether DNS settings are not overridden in your OS/browser
> (e.g. by DHCP).

Thanks, Ivan for your answer.

On my client (macOS Sierra,, wireshark shows me for Google Chrome following request/response ( is the IP of the transparent Tor proxy):	DNS	  82	Standard query 0x9692 A deepdot35wvmeyd5.onion	DNS	  98	Standard query response 0x9692 A deepdot35wvmeyd5.onion A

In other words: it works as expected. 

But with Firefox and Safari I don’t see anything — whether with wireshark on the client nor with tcpdump on the proxy. Under about:networking <about:networking>, DNS-Lookup, Firefox's response is NS_ERROR_UNKNOWN_HOST. 
It seems as if macOS Sierra decided that .onion is not a valid DNS name and didn’t make a DNS request at all (and yes, I did flush the DNS cache before).

To replicate this behavior, I took an old Macbook with OS X El Capitan with exactly the same network configuration (Router: / DNS: / Search Domain: local). It worked without problems (Firefox / Safari have on both computers exactly the same plugins).
More tests: It doesn’t work on iOS 10.2 either.


tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to