[tor-talk] glibc's DNS lookups fail

douglastskillern at lavabit.com douglastskillern at lavabit.com
Wed Feb 15 20:05:42 UTC 2012


Hi Jérémy,

>> Chain POSTROUTING (policy ACCEPT)
>> target     prot opt source               destination
>> MASQUERADE  tcp  --  192.168.179.0/24    !192.168.179.0/24    masq
>> ports:
>> 1024-65535
>> MASQUERADE  udp  --  192.168.179.0/24    !192.168.179.0/24    masq
>> ports:
>> 1024-65535
>> MASQUERADE  all  --  192.168.179.0/24    !192.168.179.0/24
>> [...]
>> (The POSTROUTING stuff is due to a VM I have running.)
>
> I think your issues might be related to these rules, though. Could you
> try without? Could you try to use SNAT with a specific IP address
> instead of MASQUERADE? Could you try to filter based on output
> interfaces instead of destination addresses?

I tried without, no difference.  In fact, my problem is not related to
iptables at all.  If I start tor with DNSPort set to 53, and set my
nameserver in /etc/resolv.conf to 127.0.0.1, it does not work as well.
(First lookup fails, consequent lookups succeed).

Here's my torrc:

RunAsDaemon 1
Log notice file /tmp/tor/log
DataDirectory /tmp/tor
ClientOnly 1
TransPort 9044
DNSPort 53
SocksPort 0
AutomapHostsOnResolve 1
VirtualAddrNetwork 10.0.0.0/8

This bug is driving me crazy!

Cheers,

Douglas




More information about the tor-talk mailing list