[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Apps which uses outgoing fixed IP-Adrs:AnyPort, forward to Exit-node Then to Internet



Bry8 Star:
> Hi adrelanos,
> thanks for responding & suggestions.
> sorry, NONE are applicable for this case.

Are you sure about this? Why not?

> anyway, let me repeat & explain with another set of words for others,
> again (if some confusion exist in my explanations):

Confusion exists indeed. So much that no one else replies.

I don't understand that trouble with DNS. Can you give a *practical*
example, what you want to do?

For example: "I want to resolve .bit domains over Tor. On Windows XP.
What's the simplest method? Which method involves the least amount of tools?

> my local dns-server (127.0.0.1:53) (in windows xp), is already
> configured to use TCP DNS with Internet DNS Servers, it is sending DNS
> queries/questions (domain-name-to-ip-adrs-conversion) to Internet DNS
> servers via using an "outgoing" network interface ip address. my local
> DNS-Server is using multiple different port(s) to send those queries,
> for that "outgoing" interface (192.168.0.10) to various destinations
> where port is same( TCP DNS port 53), but ip changes to different
> Internet DNS Server's ip address).
> 
> now, how to capture all (TCP) traffic coming from my local dns-server's
> "outgoing" ip-adrs, and send/forward/transport them though/via TOR ?
> i want to send traffic ONLY from that "OUTGOING" ip address (specified
> on local-dns-server), not any other app's, not any other traffic, ALL
> OTHER traffic must go thru DIRECT Internet via using the default
> net-interface adapter's ip address.
> 
> (by the way, i do already have few solutions that involves using other
> extra tools. that is why i mentioned (twice i think), how to use less
> amount of other tools, other than tor & dns-server software itselves).
> 
> what i'm asking is, how to configure *"TOR"*, using the "torrc"
> configuration command-lines to achieve this function. And if there is
> absolutely no other choice, only then use/have a solution that involves
> using a 3rd party tool stuff.
> 
> looking for a solution that will use only tor, local dns-server software
> ("unbound"), nothing else, or use something that by default exist on
> Windows computers.
> 
> my local dns-server is configured to use both tcp & udp dns locally, but
> all upstream is tcp dns, it is also configured to block .onion, .exit,
> .i2p, etc any even accidental or mistakenly done, or mis-configured
> app's any dns leakages. and local dns-server also (need to) using, many
> forward-zones, which are forwarding toward very specific DNS servers on
> Internet.
> 
> it is suppose to be simple ! i dont know why such option already does
> not exist in tor !?! TOR has feature of creating listening dns port and
> act as dns-server, i dont want it, as that cant be configured to suit my
> purpose.

What's wrong with Tor's DnsPort?

> Tor has feature/option to create transparent ip address
> listening on ONE fixed port, i dont want that i guess, unless it can be
> configured to capture that "outgoing" ip address specified local
> dns-server's ALL/any ports.
> why tor cannot listen to a SINGLE fixed ip address's entire port (1 ~
> 65535) range's all traffic ?
> 
> If "tor" can create such an listening ip-address let's say 10.192.0.10,
> then i want to specify that as the "outgoing" interface ip address in
> local dns-server's configuration.

Tor can listen on specific interfaces. Examples:

TransPort 192.168.0.10:9040
DnsPort 192.168.0.10:53
SocksPort 192.168.0.10:9100

will listen on 192.168.0.10 only. Yes, but only on "one" port.

Redirecting traffic from a whole network interface to some other
ip/port, can only be done using firewall rules. Iptables on Linux and no
idea how to do it with Windows. Yes, that involves more software again.

Tor has no "create-a-virtual-interface" feature. Perhaps you could
create a virtual network interface, but yes, that again would involve
more software.

I think if you need to listen on port 1 - 65535 at once, you are doing
something wrong. Never saw anyone in need to do this.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk