Opened 6 months ago

Last modified 6 months ago

#33861 new task

vanguards: circ_max_megabytes applied to all connection

Reported by: cypherpunks Owned by:
Priority: High Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords:
Cc: mikeperry, asn Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

# This means that applications that require large data submission (eg
# SecureDrop or onionshare) should set this much higher
# (or set to 0 to disable):
circ_max_megabytes = 8

My site is less than 4MB so above config is okay.

I thought vanguards only applies this limit to:

  1. My onion service <--- Tor user (incoming)
  2. My onion service ---> Tor user (outgoing)

However your vanguards is breaking other connections such as:

  1. apt with Tor[1]
  2. wget download over Tor to clearnet site
  3. curl POST something over Tor to clearnet site

Problem 1. I don't want to stop vanguards just for apt and other thing.
Problem 2. I don't want to increase circ_max value just for this.

So could you please add a switch to limit only my-onion-site related connection and ignore else?

say,

# If true, vanguards will not apply max_mega limit non-onion connections.
# If false(default) vanguards will apply max_mega limit to all Tor connections.
# If your circ_max_megabytes is already 0, this settings does nothing.
circ_max_mega_ignore_clearnet_destination = true

Child Tickets

Change History (8)

comment:1 Changed 6 months ago by cypherpunks

# apt update
Get:1 http://lol.google/what what Release [XX.0 kB]
Hit:2 http://lol.google/what what Release
Get:3 http://lol.google/what what/what what Packages [XX.0 MB]
Ign:3 http://lol.google/what what/what what Packages
Get:3 http://lol.google/what what/what what Packages [XX.3 MB]
Ign:3 http://lol.google/what what/what what Packages
Get:3 http://lol.google/what what/what what Packages [78.1 MB]
Err:3 http://lol.google/what what/what what Packages
  Undetermined Error [IP: 127.0.0.1 9X5X]
Fetched XX.0 kB in XX XX

Above is reproducible with apt-transport.

comment:2 Changed 6 months ago by teor

Cc: mikeperry asn added
Component: ApplicationsCore Tor/Tor

Hi, please file vanguards bugs at:
https://github.com/mikeperry-tor/vanguards/issues/

comment:3 Changed 6 months ago by cypherpunks

Hey teor, if you're really Tor user you would notice Github's abusive behavior.

comment:4 Changed 6 months ago by cypherpunks

Why not have Application/Vanguards section?

comment:5 in reply to:  4 Changed 6 months ago by teor

Replying to cypherpunks:

Hey teor, if you're really Tor user you would notice Github's abusive behavior.

Wow. Please stop making assumptions about people's values. And then attacking them based on your assumptions.

I hope that our gitlab migration project will reduce our dependency on GitHub (and Trac):
https://lists.torproject.org/pipermail/tor-project/2020-March/002794.html

But migrations take time.

So don't start your feature requests by attacking people.

Even if someone agrees with your values, they may make different choices. For a whole range of reasons. When that happens, it's best to try to negotiate a compromise. Tell people what you don't want to do. And ask for alternatives.

You probably don't realise, but this isn't even my project. I'm just trying to be helpful.

Replying to cypherpunks:

Why not have Application/Vanguards section?

That's a question for mikeperry and maybe asn.

You can see mikeperry's previous answer to a similar ticket here:
https://trac.torproject.org/projects/tor/ticket/33811#comment:3

I've seen other people submit bugs via tor-dev@… . Is that an option for you?

comment:6 Changed 6 months ago by cypherpunks

Please stop making assumptions about people's values.

I didn't attack you. I'm just telling the fact that Github is automatically blocking accounts if you create one over Tor.

And I already know that github URL. I'm just posting here because this is Tor related project.

I'm just trying to be helpful.

Yes I know. Carry on.

comment:7 Changed 6 months ago by dgoulet

Milestone: Tor: unspecified

comment:8 in reply to:  6 Changed 6 months ago by cypherpunks

Replying to cypherpunks:

I didn't attack you. I'm just telling the fact that Github is automatically blocking accounts if you create one over Tor.

Hey, i created over a year ago and used my github only with tor enabled torsocks git and this didn't happen to me yet. Is there more information?

Note: See TracTickets for help on using tickets.