Squid, Tor and Privoxy Strange Problem

Peter_APIIT · 01-10-2008, 07:19 PM

I not urge for help but i have already run out of idea.
PLease help me. A billion thanks for your help.

win32sux · 01-10-2008, 08:01 PM

You haven't given us much to work with here. unSpawn asked you to post some config and log files, but you haven't. Forget about Squid for now. You say that when you use Privoxy no DNS resolution takes place, but this is exactly what is supposed to happen when you use it with Tor. If DNS resolution was done then your ISP (and anyone between you and them) would be able to know what sites you are visiting. DNS resolution occurs at the other end of the Tor network. Please post the outputs of these commands so we can get a better understanding of where you are at:

Code:

iptables -an --inet | grep LISTEN

Code:

iptables -nvL

Code:

ifconfig

Code:

cat /etc/privoxy/config | grep -v ^# | grep -v ^$

Code:

cat /etc/tor/torrc | grep -v ^# | grep -v ^$

Code:

cat /etc/tor/tor-tsocks.conf | grep -v ^# | grep -v ^$

Please don't cherry-pick which outputs to post - post them all.

Peter_APIIT · 01-15-2008, 03:36 AM

I thought this incident related to config. Sorry for any inconvenience.

I not able to post output of iptables because i not using iptables. I uisng pf firewall.
ifconfig

Quote:

rl0: 192.168.1.2 Gateway : 192.168.1.1
ral0: 192.168.2.1 Gateway 192.168.2.1 Broadcast : 192.168.2.255

/etc/privoxy/config | grep -v ^# | grep -v ^$

Quote:

configdir /etc/privoxy
logdir /var/log/privoxy
actionsfile standard, default, user
filter file default.filter
debug 1, 4016, 8192
logfile logfile
jarfile jarfile
listen-address 192.168.2.1:811
toggle 1
enable remote-toggle 1
enable edit-options 1
buffer limit 4096
forward-socks4a / 127.0.0.1:9050

/etc/torrc

Quote:

SocksPort 9050
SokcListen Address 127.0.0.1
Log notice file /usr/local/var/log/tor/noticelog
RunasDaemon 1
Nickname PeterTor
BandwidthRate 10kb
BandwidthBurst 10kb
ContactInfo Peter <peterapiit@gmail.com>
ExitPolicy accept *:6660-6667, reject *:*
ExitPolicy aceept *:119
reject *:*

/etc/tor-tsocks.conf

Quote:

server = 127.0.0.1
server_port = 9050
local = 127.0.0.0/255.128.0.0
local = 127.128.0.0/255.192.0.0

By the way, i have check netstat -rn | less for the LISTEN server for localhost only.

A billion thanks for your help. You all are brilliant guys who willing to help others.

win32sux · 01-16-2008, 01:48 AM

Quote:

Originally Posted by Peter_APIIT

I not able to post output of iptables because i not using iptables. I uisng pf firewall.

Right, I forgot.

Quote:

rl0: 192.168.1.2 Gateway : 192.168.1.1
ral0: 192.168.2.1 Gateway 192.168.2.1 Broadcast : 192.168.2.255

Your second NIC has it's own IP set as the gateway?

Quote:

listen-address 192.168.2.1:811

This would normally be a "8118" instead of an "811".

Make sure you actually intended to use port 811.

Quote:

forward-socks4a / 127.0.0.1:9050

Is there a particular reason why you are still omitting the "no HTTP forwarding" dot here?

Quote:

SocksPort 9050
SokcListen Address 127.0.0.1
Log notice file /usr/local/var/log/tor/noticelog
RunasDaemon 1
Nickname PeterTor
BandwidthRate 10kb
BandwidthBurst 10kb
ContactInfo Peter <peterapiit@gmail.com>
ExitPolicy accept *:6660-6667, reject *:*
ExitPolicy aceept *:119
reject *:*

I don't think you ever mentioned you wanted to set up Tor as a server.

If you only want it to provide anonymity for Privoxy you just need these two lines:

Code:

SocksPort 9050
SocksListenAddress 127.0.0.1

Also, notice how I put in red some typos you made - you should fix them. Also, AFAICT (I've never set-up an exit node) the last two lines in your torrc wouldn't ever get matched, since you have a "reject *:*" above them (which I put in bold). Additionally, the syntax for the bandwidth options seems to be:

Code:

BandwidthRate 10 KB

And not:

Code:

BandwidthRate 10kb

But I'm not sure if it makes a difference or not.

Like I said, I've never set up an exit node, so take what I say with a grain of salt.

Peter_APIIT · 01-18-2008, 12:45 AM

Quote:

listen-address 192.168.2.1:811
This would normally be a "8118" instead of an "811".

This is a typo error and i also have dot(.) behind it. (I 100% sure)

Now, the issue is about why privoxy cannot resolve the
hostname to ip address.

I will read it up for configure Tor as server.

A billion thanks for your help.

win32sux · 01-18-2008, 03:44 AM

Quote:

Originally Posted by Peter_APIIT

Now, the issue is about why privoxy cannot resolve the
hostname to ip address.

Well, like I already said, Privoxy doesn't need to do this when being used with Tor. If it did resolve DNS then it would defeat the purpose of running an anonymity application. I can't really think of what could be causing your problem. Here's a copy of my Privoxy config (which works fine for me) in case it might help:

Code:

user-manual /usr/share/doc/privoxy/user-manual
confdir /etc/privoxy
logdir /var/log/privoxy
actionsfile standard  # Internal purpose, recommended
actionsfile global    # Global default setting for all sites
actionsfile default   # Main actions file
actionsfile user      # User customizations
filterfile default.filter
debug   4096 # Startup banner and warnings
debug   8192 # Errors - *we highly recommended enabling this*
listen-address  127.0.0.1:8118
toggle  1
enable-remote-toggle  0
enable-remote-http-toggle  1
enable-edit-actions 0
buffer-limit 4096
forward-socks4a             /     127.0.0.1:9050 .
forwarded-connect-retries  0

Peter_APIIT · 01-18-2008, 07:04 AM

Is it related to slow internet response time after Tor has connect to longer path and make ny connection slower ?

Or my ISP has blocked it?

Any idea ?

A billion thanks for your help.

win32sux · 01-18-2008, 08:48 AM

Quote:

Originally Posted by Peter_APIIT

Is it related to slow internet response time after Tor has connect to longer path and make ny connection slower ?

Well, response time is naturally slow when using Tor so that shouldn't be an issue.

What error message does your browser generate when you try to surf?

Quote:

Or my ISP has blocked it?

It's possible, but I doubt it.

Peter_APIIT · 01-20-2008, 06:34 AM

Error Message is the page cannot be display.

How to check whether my ISP has blocked it ?

Thanks for your help.

Peter_APIIT · 06-07-2008, 02:22 AM

Why when i try Privoxy with Tor, it say No such domain and Error 404 is displayed ?

Thanks for your explanation.

Peter_APIIT · 06-07-2008, 06:40 PM

Please help me to solve this problem together.

Peter_APIIT · 06-13-2008, 10:15 PM

Please help me.

win32sux · 06-13-2008, 11:47 PM

Maybe show us what the Privoxy log files (and more importantly, the Tor ones) look like when the issue manifests itself? It sounds to me like your SOCKS might be the problem.

Peter_APIIT · 06-16-2008, 02:46 AM

Please help me. I not hijacked thread but to get help.

win32sux · 06-16-2008, 02:16 PM

Quote:

Originally Posted by Peter_APIIT

Please help me. I not hijacked thread but to get help.

I actually am trying to help you, and haven't accused you of hijacking the thread. But it's impossible to help you if all you post is pleas for help. That's why I asked you to post the relevant log entries for Tor and Privoxy like three days ago.