Opened 3 years ago

Closed 3 years ago

#20154 closed defect (not a bug)

If you specify a exit node you can not connect to url that contain the port number

Reported by: qqqqw Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In tor browser 6.0.5, if i try to connect to site.com:182 i have no problem, but if i add in torrc:

ExitNodes node
StrictNodes 1

or

AllowDotExit 1
MapAddress site.com site.com.node.exit

i can NOT connect to site.com:182, but only to site.com
so i think that when you modify torrc as above, you can not connect to url that contain the port number

Child Tickets

Change History (1)

comment:1 Changed 3 years ago by dcf

Resolution: not a bug
Status: newclosed

Thanks for reporting this. In this case, while it might be surprising, Tor Browser is only doing what you instructed.

Every exit node has an "exit policy" that says what destinations and ports it is willing to connect to. An exit policy that only allows access to ports 22, 80, and 443 would look like this:

accept *:22
accept *:80
accept *:443
reject *:*

It must be that the exit node you chose does not allow access to port 182. Tor cannot build a circuit that violates the exit policy, so it gives up. When you remove your ExitNodes setting, Tor is free to choose a different exit node, one that does allow access to port 182, which is why Tor works in that case. When you omit the port number, Tor Browser uses the default port number 80, which is allowed by almost all exits.

You can check the exit policy of your chosen exit node by searching for it at https://atlas.torproject.org/. If the exit does not allow the port you want, there's nothing you can do—you have to choose a different exit.

Note: See TracTickets for help on using tickets.