[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #2765 [- Select a component]: Wrong source port for dns replies when query is sent to an alias interface

#2765: Wrong source port for dns replies when query is sent to an alias interface
--------------------------------------+-------------------------------------
 Reporter:  soma                      |          Owner:                     
     Type:  defect                    |         Status:  new                
 Priority:  normal                    |      Milestone:                     
Component:  - Select a component      |        Version:  Tor: 0.2.2.22-alpha
 Keywords:  alias dns dnsport source  |         Parent:                     
   Points:                            |   Actualpoints:                     
--------------------------------------+-------------------------------------
 I just found a bug with the internal tor dns server. It seems to be
 present in 0.2.2.22-alpha (on openwrt) as well as on 0.2.1.29 (debian
 squeeze).

 PC A - this is where tor runs with a minimal default config:

  SocksPort 9050
  SocksListenAddress 127.0.0.1
  DNSPort 9053
  DNSListenAddress 0.0.0.0

 There are two ips setup on eth0

  eth0:
      inet 192.168.0.135/24 brd 192.168.0.255 scope global eth0
      inet 192.168.22.1/24 scope global eth0

 And port 53 is redirected to 9053:

  iptables -t nat -I PREROUTING -p udp --dport 53 -j REDIRECT --to-ports
 9053

 PC B - The client, has also two IPs assigned.

  br0:
      inet 192.168.0.30/24 brd 192.168.0.255 scope global br0
      inet 192.168.22.2/24 scope global br0

 from the client i did nslookups on the PC1 to the two different IPs:

  $ nslookup heise.de 192.168.0.135
  Server:         192.168.0.135
  Address:        192.168.0.135#53
  Non-authoritative answer:
  Name:   heise.de
  Address: 193.99.144.80

  $ nslookup heise.de 192.168.22.1
  ;; reply from unexpected source: 192.168.22.1#9053, expected
 192.168.22.1#53

 So its quite clear, tor sends from the wrong source port when i ask for
 dns-lookup on the alias ip, which can also be seen in the tcpdump output:

  05:16:30.689341 IP 192.168.0.30.51175 > 192.168.0.135.53: 39142+ A?
 heise.de. (26)
  05:16:30.689874 IP 192.168.0.135.53 > 192.168.0.30.51175: 39142 1/0/0 A
 193.99.144.80 (42)
  05:16:45.430093 IP 192.168.22.2.51321 > 192.168.22.1.53: 16078+ A?
 heise.de. (26)
  05:16:45.430513 IP 192.168.22.1.9053 > 192.168.22.2.51321: UDP, length 42

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2765>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs