Option to close circuit

Vidalia allows that, and that's one thing we at Tails will be missing when we remove it. The main use case is debugging potentially buggy or malicious exit nodes. For example, you get an unexpected HTTPS or SSH warning, write down the info about your exit node, and close that circuit to get a fresh one and confirm your suspicions.

added component::archived/nyx connections owner::atagar priority::low resolution::duplicate severity::normal status::closed type::enhancement labels

Good idea. I've been meaning to expand stem's client usage tutorial with an example of manual path selection (#8728 (closed)), but this would be a great feature to include in arm too.

Will definitely try to slip it into the next release (... whenever I get back to it).

Another use case would be to try to get pass connection failures on chat servers or websites which might ban an IP but not all exit nodes. Like OFTC does for me lately...

Trac:
Reviewer: N/A to N/A
Summary: Please make it possible to close an arbitrary circuit to Option to close circuit
Priority: Medium to Low
Sponsor: N/A to N/A
Severity: N/A to Normal
Keywords: N/A deleted, connections added

you get an unexpected HTTPS or SSH warning, write down the info about your exit node, and close that circuit to get a fresh one and confirm your suspicions. You can already do it with tor-prompt, but it is not straightforward:

1. Run GETINFO stream-status and get a number of the circuit associated to your SSH connection (IP or hostname will be written). It is the third parameter in each stream.
2. Run GETINFO circuit-status and look for the circuit which has that circuit's number (from the step 1). It is the first parameter in each circuit.
3. If you look at the line with the right circuit from the step 2, you can see fingerprint and nickname of your exit node (it was used for your SSH connection).
4. To get more information on the exit node from the step 3, run the command GETINFO ns/id/FINGERPRINT. It will give you IP address. If you want to know also its country, run GETINFO ip-to-country/IP_ADDRESS.

Now, if you want to change that circuit, you can either mark all already used circuits as dirty by typing SIGNAL NEWNYM command, or close only that particular circuit with the command CLOSECIRCUIT CircuitNumber, where CircuitNumber is taken from the step 1 (tor will create new circuit that stream automatically).

You cannot do it with the help of the control interpreter of nyx because the bug https://trac.torproject.org/projects/tor/ticket/28297 prevents you from learning your exit node.

It could be done easily in nyx if its list of circuits include associated streams (somebody already proposed it in https://trac.torproject.org/projects/tor/ticket/5186).

Potentially, you can create a custom circuit for your tests with the help of commands EXTENDCIRCUIT, SETCIRCUITPURPOSE, and ATTACHSTREAM, but if you haven't already automated this task, it may be simpler to temporarily fix your exit node globally (using ExitNodes option in torrc).

Trac:
Username: wagon

Moved to https://github.com/torproject/nyx/issues/11

Trac:
Status: new to closed
Resolution: N/A to duplicate

closed