[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor transparent proxy -> strange behavior regarding .onion

> But with Firefox and Safari I don’t see anything — whether with
> wireshark on the client nor with tcpdump on the proxy. Under
> about:networking <about:networking>, DNS-Lookup, Firefox's response
> is NS_ERROR_UNKNOWN_HOST. It seems as if macOS Sierra decided that
> .onion is not a valid DNS name and didn’t make a DNS request at all
> (and yes, I did flush the DNS cache before).
> To replicate this behavior, I took an old Macbook with OS X El
> Capitan with exactly the same network configuration (Router:
> / DNS: / Search Domain: local). It worked
> without problems (Firefox / Safari have on both computers exactly the
> same plugins). More tests: It doesn’t work on iOS 10.2 either.

I tried disabling blockDotOnion in Firefox 50.0.1 and it works as
expected: I can see DNS requests to the server from resolv.conf. As long
as you have Chrome working correctly, I can say that OS isn't a problem
here. It's likely Firefox/Safari themselves.
Can you run Firefox with a new clean profile (-P option; don't know how
it works on macOS) and see if it still doesn't issue any DNS requests on
dotonions (with blockDotOnion = false).
Probably Safari has also got implementation for RFC 7686 but I don't
know whether it's possible to go around it.

Ivan Markin
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to