Opened 3 weeks ago

Last modified 2 weeks ago

#32529 new defect

Tor transparent IPv6 destination_from_socket(): Bug

Reported by: avengermsoft Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version: Tor: 0.4.1.6
Severity: Normal Keywords: Tor Transparent Proxy
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Configuration file torrc

User root
PidFile /opt/var/run/tor.pid
#Log info file /opt/var/log/tor.log
Log notice file /opt/var/log/tor.log
ExcludeExitNodes {RU},{UA},{AM},{KG},{BY}
StrictNodes 1
TransPort 192.168.97.97:9151
TransPort [::]:9151
ExitRelay 0
GeoIPFile /opt/share/tor/geoip
GeoIPv6File /opt/share/tor/geoip6
DataDirectory /opt/var/lib/tor
VirtualAddrNetwork 10.192.0.0/10
VirtualAddrNetworkIPv6 [fc00::]/7
DNSPort 127.0.0.1:9153
DNSPort [::1]:9153
AutomapHostsOnResolve 1
ClientUseIPv4 0
ClientUseIPv6 1

Redirecting traffic to the port 9151 goes through ip6tables.

ip6tables -t filter -A INPUT -p tcp --dport 9040 -j ACCEPT 
ip6tables -t nat -A PREROUTING -p tcp -d fc00::/7 -j REDIRECT --to-port 9151 
ip6tables -t nat -A OUTPUT -p tcp -d fc00::/7 -j REDIRECT --to-port 9151

I start curl -6 -v http://www.flibustahezeous3.onion/ and get an error

Nov 18 01:04:06.000 [notice] Tor 0.4.1.6 opening new log file.
Nov 18 01:04:06.589 [notice] Tor 0.4.1.6 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1d, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.

Nov 18 01:08:27.257 [notice] Opening Socks listener on 127.0.0.1:9050
Nov 18 01:08:27.257 [notice] Opened Socks listener on 127.0.0.1:9050
Nov 18 01:08:27.257 [notice] Opening DNS listener on 127.0.0.1:9153
Nov 18 01:08:27.257 [notice] Opened DNS listener on 127.0.0.1:9153
Nov 18 01:08:27.257 [notice] Opening DNS listener on [::1]:9153
Nov 18 01:08:27.257 [notice] Opened DNS listener on [::1]:9153
Nov 18 01:08:27.257 [notice] Opening Transparent pf/netfilter listener on 192.168.97.97:9151
Nov 18 01:08:27.257 [notice] Opened Transparent pf/netfilter listener on 192.168.97.97:9151
Nov 18 01:08:27.257 [notice] Opening Transparent pf/netfilter listener on [::]:9151
Nov 18 01:08:27.257 [notice] Opened Transparent pf/netfilter listener on [::]:9151
Nov 18 01:08:38.000 [notice] Bootstrapped 100% (done): Done

Nov 18 10:23:58.000 [warn] destination_from_socket(): Bug: Received transparent data from an unsuported socket family 10 (on Tor 0.4.1.6 )
Nov 18 10:23:58.000 [warn] Fetching original destination failed. Closing.

I start curl -4 -v http://www.flibustahezeous3.onion/ and everything is fine. IPv4 IS OK.

How to fix?

Child Tickets

Change History (3)

comment:1 Changed 2 weeks ago by avengermsoft

Compiled with the Linux Kernel version 4.9 and Tor is works. The thing is compilation flags - HAVE_LINUX_NETFILTER_IPV6_IP6_TABLES_H, TRANS_NETFILTER and TRANS_NETFILTER_IPV6. Please close ticket.

Last edited 2 weeks ago by avengermsoft (previous) (diff)

comment:2 Changed 2 weeks ago by arma

Maybe we should improve the log message to indicate likely problems with missing headers or missing kernel functionality?

We are in theory supposed to have zero "Bug:" logs in Tor -- they indicate that we are not handling failures well internally.

comment:3 Changed 2 weeks ago by arma

Severity: CriticalNormal
Note: See TracTickets for help on using tickets.