DETACHED streams

slush slush at slush.cz
Wed Apr 8 20:37:17 UTC 2009


My algorithm is very simple - Im walking thru list of exit nodes
(filtered with some flags, not important in this case) and select
random relay to every exit. So final circuits are like:

[random_relay1, exit1]
[random_relay2, exit2] ...

These pairs are generated on each start of script, but behaviour
related to specific exit is the same - for example, today's morning
was this issue related to Fireduck - with any random_relay I choosed.
So I dont think that it is specific to /16 subnet restriction.

By the way - thank you for your tips, Vasily :-). I didnt know about
/16 restriction before.

Marek

2009/4/8 Василий Озеров <fr33m2n at gmail.com>:
> Hmm... there are another options that must be set.. For default, tor
> won't use circuits, that have two nodes in one /16 subnet. Is it
> clear?
>
> 2009/4/8 slush <slush at slush.cz>:
>> Yes, Im attaching streams by myself. Should it be a reason for problems?
>>
>> Marek
>>
>>
>> 2009/4/8 Василий Озеров <fr33m2n at gmail.com>:
>>> Have you specified option in torrc:
>>>
>>> __LeaveStreamsUnattached=1
>>>
>>> ?
>>>
>>> 2009/4/8 slush <slush at slush.cz>:
>>>> Thanks to reply. For now, I found one exit, which do it permanently -
>>>> Fireduck. From router description you can see below, that Fireduck is
>>>> exit router and has 80 port open. But Im not succesfull to create
>>>> circuit to Fireduck (doesnt matter, which relays I choose).
>>>>
>>>> From log of my app you see, that I create circuit by standard way, but
>>>> for some exits (example - Fireduck), after attaching stream to
>>>> circuit, circuit fails. Have to notice, that my code works for tons of
>>>> exits without this problem.
>>>>
>>>> Anybody have tips, what mean "DETACHED" in this case? Is Fireduck "bad exit"?
>>>>
>>>> Marek
>>>>
>>>> -------------------------------------------
>>>> Waiting to circuit: 63, timeout 14, vallenator
>>>> (7FB47171747D21E9827C2283C59EC1690B058BC6), Fireduck
>>>> (068C00C57DC0AA342EE7E387686639475822A793))
>>>> 63 EXTENDED ['vallenator', 'Fireduck']
>>>> 63 BUILT ['vallenator', 'Fireduck']
>>>> Status: BUILT
>>>>>>> thread #000, timestamp 1239156444.522074, Circuit 63 is ready (exit 068C00C57DC0AA342EE7E387686639475822A793)
>>>>>>> thread #000, timestamp 1239156444.522186, IP for www.seznam.cz is: 77.75.76.3
>>>>>>> thread #000, timestamp 1239156444.522325, Connecting to proxy
>>>>>>> thread #000, timestamp 1239156444.522418, Connecting to final destination
>>>> Attach stream 218  to circuit 63
>>>> STREAM 218 NEW 0 77.75.76.3
>>>> STREAM 218 SENTCONNECT 63 77.75.76.3
>>>> STREAM 218 DETACHED 63 77.75.76.3
>>>> 63 CLOSED ['vallenator', 'Fireduck']
>>>>>>> thread #000, timestamp 1239156474.525524, Failed to connect destination, timed out
>>>>
>>>> ------------------------------
>>>> AUTHENTICATE
>>>> 250 OK
>>>> getinfo desc/name/Fireduck
>>>> 250+desc/name/Fireduck=
>>>> router Fireduck 69.31.13.209 1443 0 9030
>>>> platform Tor 0.2.0.34 (r18423) on Windows XP Service Pack 3
>>>> [workstation] {terminal services, single user}
>>>> opt protocols Link 1 2 Circuit 1
>>>> published 2009-04-07 23:41:45
>>>> opt fingerprint 068C 00C5 7DC0 AA34 2EE7 E387 6866 3947 5822 A793
>>>> uptime 85449
>>>> bandwidth 307200 1024000 95793
>>>> opt extra-info-digest F8A279CA6558420C3BB1859954F124912750BAA5
>>>> onion-key
>>>> reject 0.0.0.0/8:*
>>>> reject 169.254.0.0/16:*
>>>> reject 127.0.0.0/8:*
>>>> reject 192.168.0.0/16:*
>>>> reject 10.0.0.0/8:*
>>>> reject 172.16.0.0/12:*
>>>> reject 69.31.13.209:*
>>>> reject *:25
>>>> reject *:119
>>>> reject *:135-139
>>>> reject *:445
>>>> reject *:465
>>>> reject *:563
>>>> reject *:587
>>>> reject *:1214
>>>> reject *:4661-4666
>>>> reject *:6346-6429
>>>> reject *:6699
>>>> reject *:6881-6999
>>>> accept *:*
>>>> router-signature
>>>> ----------------------------
>>>>
>>>> 2009/4/7 Василий Озеров <fr33m2n at gmail.com>:
>>>>> I think, that the exit node of your circuit can't be exit node.
>>>>> Can you post servers descriptors wich are in the circuit?
>>>>>
>>>>> something like this: "getinfo desc/name/youservername".
>>>>>
>>>>> 2009/4/7 slush <slush at slush.cz>:
>>>>>> Hi,
>>>>>>
>>>>>> Im playing around Tor control port, own streams and own circuits. Im
>>>>>> surprised, that Tor sometimes say me "STREAM xxx is DETACHED from
>>>>>> circuit xxx" just few seconds after I obtain "SENTCONNECT" message. Do
>>>>>> anybody know why?
>>>>>>
>>>>>> Im trying to build own circuit, but when Tor detach my stream in some
>>>>>> cases, my connection is broken...
>>>>>>
>>>>>> Thanx,
>>>>>> Marek
>>>>>>
>>>>>> P.S. Sorry for english, 3am here...
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> WBR, Ozerov Vasiliy aka fr33man.
>>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> WBR, Ozerov Vasiliy aka fr33man.
>>>
>>
>
>
>
> --
> WBR, Ozerov Vasiliy aka fr33man.
>



More information about the tor-talk mailing list