[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #21273 [Applications/Tor Launcher]: Proxy settings unecessarily limit guard selection process
#21273: Proxy settings unecessarily limit guard selection process
-------------------------------------------+-------------------
Reporter: pastly | Owner: brade
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Launcher | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------------+-------------------
My use case:
I build an SSH socks5 proxy to a network less restrictive than the one I'm
on. I tell Tor Browser to use that socks5 proxy. I leave "This computer
goes through a firewall that only allows connections to certain ports"
unchecked.
The following lines are added to the torrc.
{{{
Socks5Proxy 127.0.0.1:2343
ReachableAddresses *:80,*:443
ReachableAddresses reject *:*
ReachableAddresses reject *:*
}}}
The reachable address lines seem to be added due to
https://trac.torproject.org/projects/tor/ticket/11405#comment:7
(The duplicate ReachableAddresses reject line is a known issue ...
somewhere. There's a ticket.)
The issue:
I can reach any port on through this socks5 proxy. My guard selection is
being artificially limited to guards that have an ORPort of 443.
I suspect that ReachableAddresses should only be set to 80 and 443 if the
proxy type is HTTP(S). Or not at all unless "This computer goes through a
firewall that only allows connections to certain ports" is checked. In my
very limited experience with proxies, it seems sane to assume only 80/443
for HTTP(S) proxies, but it doesn't seem sane to assume 80/443 for a
socks5 proxy.
The following python script shows that right now about 42% of guards have
the ORPort of 443 (or 80, but most are 443).
{{{
from stem.control import Controller
guards_443 = []
guards_all = []
with Controller.from_port(port = 9151) as c:
c.authenticate()
for stat in c.get_network_statuses():
if 'Guard' in stat.flags:
guards_all.append(stat)
if stat.or_port == 80 or stat.or_port == 443:
guards_443.append(stat)
print "Num 443 ORPort guards:", len(guards_443)
print "Num guards: ", len(guards_all)
print "443/all:", len(guards_443)*1.0/len(guards_all)
}}}
More interesting would be
- what percent by weight am I limited to?
- what is the geographical distribution of these guards?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21273>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs