Opened 3 years ago

Closed 3 years ago

#19792 closed defect (not a bug)

Exiting through undocumented nodes (IPs not listed)

Reported by: cypherpunks Owned by:
Priority: Medium Milestone:
Component: Core Tor/TorDNSEL Version: Tor:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


The following IP addresses are not in the microdesc DB and also unknown to Atlas and, yet Tor built circuits that exit through them:

I will attach a sample screenshot from

Child Tickets

Attachments (1)

nontor_ip_46.166.137.241_2016-07-30.png (33.8 KB) - added by cypherpunks 3 years ago.
screenshot of tor status from a "torsocks" prefixed browser command

Download all attachments as: .zip

Change History (2)

Changed 3 years ago by cypherpunks

screenshot of tor status from a "torsocks" prefixed browser command

comment:1 Changed 3 years ago by teor

Component: Core Tor/TorCore Tor/TorDNSEL
Resolution: not a bug
Status: newclosed

It is a supported configuration for an Exit to use a different IP address for its ORPort/DirPort and exit traffic.

This is likely due to an Exit using the OutboundBindAddress option, or doing the moral equivalent using iptables, NAT, or a VPN.

From the tor manual page:

OutboundBindAddress IP

Make all outbound connections originate from the IP address
specified. This is only useful when you have multiple network
interfaces, and you want all of Tor's outgoing connections to use a
single one. This option may be used twice, once with an IPv4
address and once with an IPv6 address. This setting will be ignored
for connections to the loopback addresses ( and ::1).

Therefore, the source IP of exit traffic is not something we tend to worry about. (And if the exit has enough consensus weight, we will pick it up eventually in the exit list.)

But if you have evidence that the content of Exit traffic is being modified or inspected, please write to bad-relays@…

Note: See TracTickets for help on using tickets.