#18100: src/or/connection_edge.c typo -------------------------------------------------+------------------------- Reporter: jirib | Owner: Type: defect | Status: | merge_ready Priority: Medium | Milestone: Tor: | 0.3.1.x-final Component: Core Tor/Tor | Version: Tor: | 0.2.9.9 Severity: Normal | Resolution: Keywords: isaremoved, nickwants029, lorax, | Actual Points: tor-03-unspecified-201612 | Parent ID: | Points: Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by d4fq0fQAgoJ): I've been using the patched version (0001-trans_tproxy.patch) with a TPROXY iptables setup since I commented here and so far it's been working as expected for me. The only real documentation about the TPROXY feature I found is from the kernel documentation (Documentation/networking/tproxy.txt). Unfortunately it does not say anything about getsockname() or getsockopt(SO_ORIGINAL_DST). It seems that the TPROXY kernel feature enables transparent proxy capabilities without the need to DNAT (what else would be it's purpose then?). The above experiment backs this up because TPROXYing works without conntrack kernel modules loaded (conntracking is required for NAT). This only works with the above patch applied which utilizes getsockname() instead of getsockopt(SO_ORIGINAL_DST). Therefore it seems that getsockname() is the correct way. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18100#comment:26> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs