Clarification of the ReachableAddresses option

I have "ReachableAddresses reject :" in torrc and start Tor. Tor obviously cannot connect. Then I add a bridge through Vidalia, and, voila, Tor connects to the Tor network through the bridge, ignoring ReachableAddresses.

Is this expected behaviour? Are bridges exempt from the ReachableAddresses option? My reading of that option in the man page is that it should prevent ALL connections, bridges included. Is this a bug, an error in the man page, or an error in my head?

changed milestone to %Tor: 0.2.2.x-final

added component::core tor/tor milestone::Tor: 0.2.2.x-final owner::arma priority::medium resolution::not a bug status::closed tor-bridge type::defect version::tor 0.2.1.26 labels

We should figure out what we want to do here by 0.2.2.x, and document it, and document the current behavior if they differ. If we don't like the current behavior, we should see about fixing #2357 (moved) too.

Trac:
Milestone: N/A to Tor: 0.2.2.x-final

Trac:
Actualpoints: N/A to N/A
Cc: anonym to anonym, amnesia@boum.org
Points: N/A to N/A

Trac:
Component: Tor Client to Tor Bridge
Description: I have "ReachableAddresses reject :" in torrc and start Tor. Tor obviously cannot connect. Then I add a bridge through Vidalia, and, voila, Tor connects to the Tor network through the bridge, ignoring ReachableAddresses.

Is this expected behaviour? Are bridges exempt from the ReachableAddresses option? My reading of that option in the man page is that it should prevent ALL connections, bridges included. Is this a bug, an error in the man page, or an error in my head?

to

I have "ReachableAddresses reject :" in torrc and start Tor. Tor obviously cannot connect. Then I add a bridge through Vidalia, and, voila, Tor connects to the Tor network through the bridge, ignoring ReachableAddresses.

Is this expected behaviour? Are bridges exempt from the ReachableAddresses option? My reading of that option in the man page is that it should prevent ALL connections, bridges included. Is this a bug, an error in the man page, or an error in my head?

Trac:
Priority: normal to major
Owner: N/A to arma
Status: new to assigned

When I reproduce all of this leaving Vidalia out of the loop, it works as expected:

Apr 28 18:50:43.884 [notice] Bridge at '188.x.x.x:443' isn't reachable by our firewall policy. Skipping.

When I use Vidalia to set the bridge, it looks like Vidalia is doing a resetconf on our reachableaddresses config option.

Before:

getconf reachableaddresses
250 ReachableAddresses=reject *:*

After:

getconf reachableaddresses
250 ReachableAddresses

To be fair, I bet your Vidalia settings don't have "My firewall only lets me connect to certain ports" clicked. So you have told Vidalia that you can reach all addresses. Not totally crazy that it would correct your Tor to match your Vidalia settings.

When I click the "My firewall only lets me connect to certain ports" and set it to 1, I get the behavior you wanted.

(Ok to close?)

Trac:
Priority: major to normal

Replying to arma:

When I use Vidalia to set the bridge, it looks like Vidalia is doing a resetconf on our reachableaddresses config option.

Aah. My experience with Vidalia controlling Tor (but not starting it) was that all Vidalia options that the user hasn't set explicitly are set according to the corresponding options in torrc. I suppose that behaviour isn't as consistent as I thought so my assumption doesn't hold in general.

As a side note, perhaps it's worth making Vidalia's options handling vs the options in torrc more consistent?

Replying to arma:

(Ok to close?)

Yeah, case closed.

Replying to arma:

(Ok to close?) Yeah, case closed.

So closing. Please re-open if there was something going on that I missed here.

Trac:
Resolution: N/A to not a bug
Status: assigned to closed

Trac:
Keywords: N/A deleted, tor-bridge added

Trac:
Component: Tor Bridge to Tor

closed

mentioned in issue #2357 (moved)

moved to tpo/core/tor#2356 (closed)

mentioned in issue tpo/core/tor#2357 (closed)