LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
LinkBack Search this Thread
Old 11-01-2005, 09:23 PM   #1
theCSapprentice
LQ Newbie
 
Registered: Nov 2005
Posts: 5

Rep: Reputation: 0
Unhappy tor and privoxy not working, yet all configs seem right


Hey I wonder if anyone out there can figure out whats wrong with my configs:

I've just installed tor and privoxy after much torment and now I find that privoxy doesn't seem to connect to anything. All of my configs are correct (I think!) and I don't see any errors except for when I try to load a site. And even then it's something like this:

Quote:
No such domain

Your request for www_google_com/ could not be fulfilled, because the domain name www_google_com could not be resolved.

This is often a temporary failure, so you might just try again.
I'm thinking that somewhere privoxy is having trouble talking with DNS, but I don't know if it is because of tor or something else.

I have these lines in my privoxy config:
Quote:
forward-socks4a / localhost:9050 .
confdir /etc
logdir /log
actionsfile standard
actionsfile default
actionsfile user
filterfile default.filter
trust-info-url www_example_com/why_we_block.html
trust-info-url www_example_com/what_we_allow.html
debug 4096
debug 8192
listen-address 127.0.0.1:8118
toggle 1
enable-remote-toggle 1
enable-edit-actions 1
buffer-limit 4096
tor is configured for port 9050.
Firefox is pointed at 127.0.0.1:8118

I don't know what is wrong here. I opened the ports 80, 443, 9001, and 9030 in my firewall as well. Please if someone could help me out I would be very grateful.
 
Old 11-01-2005, 11:52 PM   #2
YetAnotherDave
Member
 
Registered: Feb 2005
Posts: 94

Rep: Reputation: 17
Here are a couple of things you might want to check:

Are tor and privoxy running ? Use 'ps' to verify.
Is localhost in your /etc/hosts file?
Does privoxy work if you take out the line that enables tor ? ( "forward-socks4a / localhost:9050 ." )
Did you mean to open port 9050 in your firewall? You said you opened port 9030 (among others ).

- Dave
 
Old 11-02-2005, 04:15 AM   #3
theCSapprentice
LQ Newbie
 
Registered: Nov 2005
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks for responding.

Quote:
Are tor and privoxy running ? Use 'ps' to verify.
Is localhost in your /etc/hosts file?
Does privoxy work if you take out the line that enables tor ? ( "forward-socks4a / localhost:9050 ." )
Did you mean to open port 9050 in your firewall? You said you opened port 9030 (among others ).
In answer to your questions:
yes
yes
yes
I don't think my firewall( I'm using the one that comes with Suse 10) blocks internal connections, but I opened the port anyway - it gives the same error.

How would I go about checking for logged errors? I asume there must be a way to check what happens when privoxy or tor try to establish connections. And a thought just came to me: would I need to open a port for DNS or should privoxy slip that request out through tor and its channels?
 
Old 11-02-2005, 04:25 AM   #4
theCSapprentice
LQ Newbie
 
Registered: Nov 2005
Posts: 5

Original Poster
Rep: Reputation: 0
New info!

Curious, I did a port scan on 127.0.0.1 and guess what? No open port 9050. So how would I go about opening this port on Suse 10?

edit: oh never mind, netstat reports 8118 and 9050 as open and listening. false alarm.

edit again:I've just checked with ethereal and it says there is no socks traffic on my loopback address. The only traffic that appears is from firefox to privoxy and privoxy reporting an error back to firefox. Since I would asume an attempt on privoxy's account to communicate with tor would be recorded, what would cause privoxy not to even make the attempt? Is there another setting in the config file to add?

edit # 3:
I've added extra debug statements to privoxy. I found that it could not resolve localhost, yet the entry was in the hosts file. So I changed the forward command from localhost:9050 to 127.0.0.1:9050 and it seemed to connect better, as in it talked to tor. But it still doesn't work. Here is the new error message from privoxy:
Quote:
Nov 02 06:22:36 Privoxy(46912504111008) Connect: accept connection ...
Nov 02 06:22:36 Privoxy(1075841376) Request: www.google.com/
Nov 02 06:22:36 Privoxy(1075841376) Connect: to www.google.com
Nov 02 06:23:36 Privoxy(1075841376) Connect: socks4_connect: SOCKS request rejected or failed ...
Nov 02 06:23:36 Privoxy(1075841376) Connect: connect to: www.google.com failed: Invalid argument
Nov 02 06:23:36 Privoxy(46912504111008) Connect: OK
Nov 02 06:23:36 Privoxy(46912504111008) Connect: accept connection ...
Nov 02 06:23:36 Privoxy(1075841376) Request: config.privoxy.org/send-stylesheet cgi call
Nov 02 06:23:36 Privoxy(1075841376) Request: config.privoxy.org/send-stylesheet crunch!

Last edited by theCSapprentice; 11-02-2005 at 05:29 AM.
 
Old 11-02-2005, 10:18 AM   #5
YetAnotherDave
Member
 
Registered: Feb 2005
Posts: 94

Rep: Reputation: 17
As a point of reference, I am able to use privoxy/tor with configs that are essentially identical to what you describe. I'm using privoxy version 3.0.3 and tor version v0.0.9.2 . Here is my privoxy configuration :

Quote:
forward-socks4a / localhost:9050 .
confdir /etc/privoxy
logdir /var/log/privoxy
actionsfile standard # Internal purpose, recommended
actionsfile default # Main actions file
actionsfile user # User customizations
filterfile default.filter
logfile logfile
jarfile jarfile
user-manual /usr/share/doc/privoxy/user-manual
debug 1 # show each GET/POST/CONNECT request
debug 4096 # Startup banner and warnings
debug 8192 # Errors - *we highly recommended enabling this*
listen-address 127.0.0.1:8118
toggle 1
enable-remote-toggle 0
enable-edit-actions 0
buffer-limit 4096
The only thing I added to this config is the first line for tor. It looks like the only potentially significant difference between your config and mine is the confdir and logdir. Are your privoxy config files in /etc or /etc/privoxy ?

What are you using privoxy as a proxy for. I'm just proxying http and ssl.

You mentioned DNS in an earlier message. According to: http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ , you need to take extra measures to make DNS work through tor so this should not be a concern ( DNS should not be affected by tor at all ).

- Dave
 
Old 11-02-2005, 10:32 AM   #6
ehawk
Senior Member
 
Registered: Jul 2003
Posts: 1,257

Rep: Reputation: 48
maybe helpful

Here is some info from my privoxy config file:

# 4.1. listen-address
# ===================
#
# Specifies:
#
# The IP address and TCP port on which Privoxy will listen for
# client requests.
#
# Type of value:
#
# [IP-Address]:Port
#
# Default value:
#
# 127.0.0.1:8118


# forward / anon-proxy.example.org:8080
# forward :443 .
#
# Everything goes to our example ISP's caching proxy, except for
# requests to that ISP's sites:
#
# forward / caching-proxy.example-isp.net:8000
# forward .example-isp.net .
#

#
# 5.2. forward-socks4 and forward-socks4a
# =======================================
#
# Specifies:
#
# Through which SOCKS proxy (and to which parent HTTP proxy)
# specific requests should be routed.
#
# Type of value:
#
# target_pattern socks_proxy[ort] http_parent[ort]
#
# where target_pattern is a URL pattern that specifies to which
# requests (i.e. URLs) this forward rule shall apply. Use / to
# denote "all URLs". http_parent and socks_proxy are IP addresses
# in dotted decimal notation or valid DNS names (http_parent may
# be "." to denote "no HTTP forwarding"), and the optional port
# parameters are TCP ports, i.e. integer values from 1 to 64535
#
# Default value:
#
# Unset
#
# Effect if unset:
#
# Don't use SOCKS proxies.
#
# Notes:
#
# Multiple lines are OK, they are checked in sequence, and the
# last match wins.
#
# The difference between forward-socks4 and forward-socks4a
# is that in the SOCKS 4A protocol, the DNS resolution of the
# target hostname happens on the SOCKS server, while in SOCKS 4
# it happens locally.
#
# If http_parent is ".", then requests are not forwarded to another
# HTTP proxy but are made (HTTP-wise) directly to the web servers,
# albeit through a SOCKS proxy.
#
# Examples:
#
# From the company example.com, direct connections are made to all
# "internal" domains, but everything outbound goes through their
# ISP's proxy by way of example.com's corporate SOCKS 4A gateway
# to the Internet.
#
# forward-socks4a / socks-gw.example.com:1080 www-cache.example-isp.net:8080
# forward .example.com .
#
# A rule that uses a SOCKS 4 gateway for all destinations but no
# HTTP parent looks like this:
#
# forward-socks4 / socks-gw.example.com:1080 .
#

#

Here is some info from my tor config file:

# This is the configuration for libtsocks (transparent socks) for use
# with tor, which is providing a socks server on port 9050 by default.
#
# See tsocks.conf(5) and torify(1) manpages.

server = 127.0.0.1
server_port = 9050

I have firefox using proxy settings of localhost 8118

Things seem to be working for me, judging from the output of showmyip.com
 
Old 11-02-2005, 11:37 AM   #7
theCSapprentice
LQ Newbie
 
Registered: Nov 2005
Posts: 5

Original Poster
Rep: Reputation: 0
Yeah, I think my settings are fine. Looking at tor's error output I find that all of its connections to the other onion routers are failing. Thats why I can't connect. i just don't know cause of the failures.

Quote:
Nov 02 10:46:41.671 [info] choose_good_exit_server_general(): Chose exit server
'Planetdungeon'
Nov 02 10:46:41.671 [debug] onion_extend_cpath(): Path is 0 long; we want 3
Nov 02 10:46:41.672 [debug] onion_extend_cpath(): Chose router moria2 for hop 1
(exit is Planetdungeon)
Nov 02 10:46:41.672 [debug] onion_extend_cpath(): Path is 1 long; we want 3
Nov 02 10:46:41.672 [debug] choose_good_middle_server(): Contemplating intermedi
ate hop: random choice.
Nov 02 10:46:41.672 [debug] onion_extend_cpath(): Chose router notorious for hop
2 (exit is Planetdungeon)
Nov 02 10:46:41.672 [debug] onion_extend_cpath(): Path is 2 long; we want 3
Nov 02 10:46:41.672 [debug] onion_extend_cpath(): Chose router Planetdungeon for
hop 3 (exit is Planetdungeon)
Nov 02 10:46:41.672 [debug] onion_extend_cpath(): Path is complete: 3 steps long
Nov 02 10:46:41.672 [debug] circuit_handle_first_hop(): Looking for firsthop '18
.244.0.114:443'
Nov 02 10:46:41.673 [debug] connection_connect(): Connecting to [scrubbed]:443.
Nov 02 10:46:41.674 [info] connection_add(): new conn type OR, socket 8, nfds 3.
Nov 02 10:46:41.674 [debug] connection_connect(): connect in progress, socket 8.
Nov 02 10:46:41.674 [debug] circuit_handle_first_hop(): connecting in progress (
or finished). Good.
Nov 02 10:46:41.706 [debug] conn_write_callback(): socket 8 wants to write.
Nov 02 10:46:41.706 [info] connection_or_finished_connecting(): OR connect() to
router at 18.244.0.114:443 finished.
Nov 02 10:46:41.706 [debug] connection_tls_start_handshake(): starting the hands
hake
Nov 02 10:46:41.706 [debug] connection_tls_continue_handshake(): wanted read
Nov 02 10:46:41.706 [debug] connection_tls_continue_handshake(): wanted read
Nov 02 10:46:41.745 [debug] conn_read_callback(): socket 8 wants to read.
Nov 02 10:46:41.753 [debug] connection_tls_continue_handshake(): wanted read
Nov 02 10:46:41.791 [debug] conn_read_callback(): socket 8 wants to read.
Nov 02 10:46:41.791 [debug] connection_tls_finish_handshake(): tls handshake don
e. verifying.
Nov 02 10:46:41.792 [debug] connection_tls_finish_handshake(): Other side (18.24
4.0.114:443) claims to be router 'moria2'
Nov 02 10:46:41.792 [debug] connection_tls_finish_handshake(): The router's cert
is valid.
Nov 02 10:46:41.792 [debug] circuit_n_conn_done(): or_conn to moria2, status=1
Nov 02 10:46:41.792 [debug] circuit_n_conn_done(): Found circ 0, sending create
cell.
Nov 02 10:46:41.792 [debug] circuit_send_next_onion_skin(): First skin; sending
create cell.
Nov 02 10:46:41.795 [debug] circuit_deliver_create_cell(): Chosen circID 29999.
Nov 02 10:46:41.795 [debug] write_to_buf(): added 512 bytes to buf (now 512 tota
l).
Nov 02 10:46:41.795 [debug] circuit_send_next_onion_skin(): first skin; finished
sending create cell.
Nov 02 10:46:41.795 [debug] connection_or_process_cells_from_inbuf(): 8: startin
g, inbuf_datalen 0 (0 pending in tls object).
Nov 02 10:46:41.795 [debug] conn_read_callback(): socket 8 wants to read.
Nov 02 10:46:41.795 [debug] connection_read_to_buf(): 8: starting, inbuf_datalen
0 (0 pending in tls object). at_most 4096.
Nov 02 10:46:41.795 [debug] read_to_buf_tls(): start: 0 on buf, 0 pending, at_most 4096.
Nov 02 10:46:41.795 [debug] read_to_buf_tls_impl(): before: 0 on buf, 0 pending, at_most 4096.
Nov 02 10:46:41.795 [info] TLS error: unexpected close while reading
Nov 02 10:46:41.795 [debug] tor_tls_read(): read returned r=0, err=-4
Nov 02 10:46:41.795 [info] connection_read_to_buf(): tls error. breaking (nickname moria2, address 18.244.0.114).

Nov 02 10:46:41.795 [info] connection_close_immediate(): fd 8, type OR, state open, 512 bytes on outbuf.
Nov 02 10:46:41.795 [info] conn_close_if_marked(): Cleaning up connection (fd -1).
Nov 02 10:46:41.795 [debug] circuit_n_conn_done(): or_conn to moria2, status=0
Nov 02 10:46:41.795 [debug] circuit_increment_failure_count(): n_circuit_failures now 14.
Nov 02 10:46:41.795 [info] connection_send_destroy(): Sending destroy (circID 29999).
Nov 02 10:46:41.795 [info] connection_remove(): removing socket -1 (type OR), nfds now 2
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Tor & Privoxy - how to get it to work? EvilBill Ubuntu 1 12-05-2005 08:51 PM
Privoxy and tor z3nith Linux - Software 2 10-01-2005 09:31 PM
Help with Tor Please botman Linux - Software 3 08-18-2005 01:17 PM
Help with Tor? botman Suse/Novell 3 08-12-2005 01:36 PM
Tor & Privoxy esage Linux - Software 3 07-25-2005 10:35 PM


All times are GMT -5. The time now is 03:29 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration