[tor-talk] Does the Tor DNS transparent proxy code use clients nameservers?

Allen allenpmd at gmail.com
Wed Oct 25 21:20:31 UTC 2017


I don't know what this thing is that you're referring to as a
"torport" and what kind of behavior you expect from it.  But maybe you
could try what the tor documentation refers to as the DNSPort

from https://www.torproject.org/docs/tor-manual.html.en

DNSPort [address:]port|auto [isolation flags]

If non-zero, open this port to listen for UDP DNS requests, and
resolve them anonymously. This port only handles A, AAAA, and PTR
requests---it doesn’t handle arbitrary DNS request types. Set the port
to "auto" to have Tor pick a port for you. This directive can be
specified multiple times to bind to multiple addresses/ports. See
SocksPort for an explanation of isolation flags. (Default: 0)


On Wed, Oct 25, 2017 at 5:01 PM, Rob van der Hoeven
<robvanderhoeven at ziggo.nl> wrote:
> On Wed, 2017-10-25 at 16:50 -0400, Allen wrote:
>> and what happens if you use dig alone to talk directly to tor?
>> something like "dig -p torport hostname +tcp" (see man dig)
>>
>
> A good idea, but the Tor daemon expects that all traffic arriving on
> torport has been redirected by iptables. It asks IP tables for the
> original destination, which is not there when you use dig directly with
> torport.
>
> Rob,
> https://hoevenstein.nl
>
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


More information about the tor-talk mailing list