On 2/8/24 05:02, Vilgot Bergquist via tor-dev wrote:
Hi,
I looked at the suggested solutions and I think there is another approach,
which is much easier.
I C it's pretty easy to encapsulate UDP segments inside TCP segments. Hence
there is no need to re-organize the connection logic of tor relays. Instead it
should be possible to make Guards, when receiving an UDP packet, to just add a
TCP header and then it goes through the normal process. The exit nodes than
removed the TCP header and pass the UDP segment on.
Thanks for looking at the proposal.
The "normal process" of sending traffic through tor does not directly
involve TCP or TCP headers, nor are there boundaries preserved which
would correspond to TCP segments. Individual streams are encapsulated
within multiple other layers (tor streams and circuits, then TLS) before
we encounter any real TCP segments.
You're describing something which would work if we were only talking
about a firewall that blocks UDP, but that's not what Tor is.
-beth
_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev