logs archiveIRC Archive / Oftc / #tor / 2015 / July / 30 / 1
_aeris_
hi #tor
how to enable ipv6 on tor client ?
currently, i enable ipv6 on trans/dns/socks port, set ClientUseIPv6 and ClientPreferIPv6ORPort, but
curl --socks5-hostname '[::1]':9050 ipv6.google.com
curl: (7) Can't complete SOCKS5 connection to
and in tor log : Have tried resolving or connecting to address '[scrubbed]' at 3 different places. Giving up.
:(
kernelcorn
is your connection to the Internet otherwise fine?
_aeris_
yep
$ curl -I ipv6.google.com
HTTP/1.1 200 OK
kernelcorn
can you connect to ipv6.google.com over Tor?
oh
_aeris_
with torify or curl socks, nope
$ curl --socks5-hostname '[::1]':9050 ipv6.google.com
curl: (7) Can't complete SOCKS5 connection to
$ torify curl ipv6.google.com
[juil. 29 23:35:01] ERROR torsocks[10892]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:657)
curl: (6) Could not resolve host: ipv6.google.com
(same with torsocks)
$ curl -I --socks5-hostname '[::1]':9050 google.com
HTTP/1.1 302 Found
so, just ipv6 is broken
kernelcorn
have you tried loading it in the Tor Browser?
_aeris_
when my kitten release the trackball, i can test :D
sp4rtacus
[Problem exists between kitteh and chair]?
_aeris_
(upgrade in progress of the tor browser)
nope, unable to connect with TB
same message « Have tried resolving or connecting to address »
         

kernelcorn
I don't know if there are Tor exits on IPv6
gamambel
there are
you need to explicitly enable support still
kwadronaut
and there should be more
gamambel
https://trac.torproject.org/projects/tor/wiki/doc/IPv6RelayHowto
_aeris_
exit ipv6 is cool, but if client cant use it& :D
gamambel
the best way to force-enable ipv6 at the moment is to add another SocksPort XYZ NoIPv4Traffic IPv6Traffic
(client side)
_aeris_: the cool thing with tor is that you don't need ipv6 on the client end to reach ipv6 destinations
only the exits need ipv6
(and more should) (they need to explictly enable it) ( https://lists.torproject.org/pipermail/tor-relays/2015-May/006964.html )
srg
hmm
i can't seem to connect to ipv6.google.com in the TBB on a ipv4 host
It's a generic "unable to connect" error
gamambel
srg: you need to explicitly enable ipv6 in the torrc, see links
_aeris_
srg > cant connect to on an ipv6 host
srg
oh, TBB doesn't have ipv6 enabled by default?
gamambel
read.
srg
Both my relays have IPv6 enabled
gamambel
" As long as the number of public relays publishing an IPv6 address is low we want to protect users from accidently using them. Configuration option ClientUseIPv6 (default 0) needs to be set in order for a client to pick an IPv6 address for an entry relay. For testing purposes, setting ClientPreferIPv6ORPort to 1 might be good in order to increase the chance of a client picking an IPv6 OR port. " https://trac.torproject.org/
projects/tor/wiki/doc/IPv6RelayHowto
_aeris_
https://paste.imirhil.fr/?9c0afdc7931522b2#ZuEqTkP3lfCFLmxLmgdFKpBEURcqIO+EDTgeshV+/so=
my current torrc
gamambel
_aeris_: weird config. you bind one unrestricted socksport to * and one ipv6-only to the ipv6 loopback
now you need to explicitly point $whatever at that ipv6 loopback to use ipv6
_aeris_
gamambel > https://paste.imirhil.fr/?8b18d403d36c3d5e#laNi5fnnd6QDULNjTVh2FimIR9jdd9s1B9WB804b/gw=
gamambel
you either want to use a different local port for the ipv6 socks
_aeris_
only 127.0.0.1, not 0.0.0.0 by default :)
gamambel
or, it should just work with ClientUseIPv6 1 and ClientPreferIPv6ORPort 1, but i don't know
ye still
why not have, say, SocksPort 9050 \n SocksPort 9051 NoIPv4Traffic IPv6Traffic
_aeris_
i try
oh, seems working this way !
seems working too with SocksPort 127.0.0.1:9050 \n SocksPort [::1]:9050 NoIPv4Traffic IPv6Traffic
seems complicated in all case, you have to explicitly choose the right proxy to do ipv6
not transparent for user :'(
you cant have a single proxy to do both ipv4 and ipv6
         

gamambel
it's not supposed to yet work for everyone
see comment above
but yes, there's some things that need to be evened out along the way
_aeris_
gamambel > i test, i test :D
its not for production :)
gamambel
ipv6 is also great because you circumvent most tor/ipv4 blocks/reputation systems (for now anyway)
cacahuatl
Is there any plan to make exitmap compatible with python3?
woossa
is it worth it to make a tor node on a free amazon instance?
or do they limit the bandwidth too much
cacahuatl
How much bandwidth do they offer?
woossa
dunno is why im asking :)
cacahuatl
It's hard to make a judgement call if "dunno" is "too much" :(
woossa
aww hell naw this signup sh*t wants a phone number
i thought i could just use a pp card
s7r
how does Tor remember the Guard relay to keep it for the rotation period? Is it using just the fingerprint (router identity) or IP address as well?
if my guard changes its IP address but keeps the old fingerprint, will my Tor choose again when I connect or use the same guard (of course if rotation period is not yet expired).
cacahuatl
fingerprint
look at /var/lib/tor/state
s7r
so an ip address change on my guard won't force me to choose again
if the identity remains untouched
cacahuatl
I don't believe so, no. It's not storing the IP, just the FP.
alberodrea
WWW.EXPOSINGCOMMUNISM.COM
woossa
who is yelling at me
jager
so now my provider is saying that they want me to allow only 80, 443, and 53 to exit
(Action) sighs
kernelcorn
hey, that will work for an exit
jager
i will write more text later about how the web is not the whole internet and that eg email users deserve privacy too
they have backpedaled a lot already maybei can convince them yet
ryonaloli_
jager: what ports have they been giving frequent abuse from?
*getting
jager
every abuse report they have forwarded to me has been web exploit crap :P
stupid bastards
ryonaloli_
so port 80 and 443 anyway?
jager
yeah
« prev 1 2 3 next »