Re: tor -- way OT
Glenn English:
> On Sat, Mar 18, 2017 at 11:19 AM, GiaThnYgeia
> <GiaThnYgeia@openmailbox.org> wrote:
>
>> READ THE MANUALS ;) :P (just kidding!)
>
> Wow! Thanks for so much advice from the list.
>
> <FWIW, FYI>
> Everybody said to get rid of privoxy, so I did -- there was no privoxy
> on the machine Tor was on, but there was on the server across the room
> that this machine has no business talking to, except to send and fetch
> email. But that somehow seems to have made Tor start working again. I
> don't quite believe that getting rid of privaxy over there had
> anything to do with this machine. Maybe the Tor network was just a
> little bent or something the other day.
This is part of the privoxy config instructions:
# 5.2. forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
# =========================================================================
#
# Specifies:
#
# Through which SOCKS proxy (and optionally to which parent HTTP
# proxy) specific requests should be routed.
#
# Type of value:
#
# target_pattern socks_proxy[:port] http_parent[:port]
#
# where target_pattern is a URL pattern that specifies to which
# requests (i.e. URLs) this forward rule shall apply. Use / to
# denote "all URLs". http_parent and socks_proxy are IP
# addresses in dotted decimal notation or valid DNS names (
# http_parent may be "." to denote "no HTTP forwarding"), and
# the optional port parameters are TCP ports, i.e. integer
# values from 1 to 65535
#
# Default value:
#
# Unset
#
# Effect if unset:
#
# Don't use SOCKS proxies.
#
# Notes:
#
# Multiple lines are OK, they are checked in sequence, and the
# last match wins.
#
# The difference between forward-socks4 and forward-socks4a is
# that in the SOCKS 4A protocol, the DNS resolution of the
# target hostname happens on the SOCKS server, while in SOCKS 4
# it happens locally.
#
# With forward-socks5 the DNS resolution will happen on the
# remote server as well.
#
# forward-socks5t works like vanilla forward-socks5 but lets
# Privoxy additionally use Tor-specific SOCKS extensions.
# Currently the only supported SOCKS extension is optimistic
# data which can reduce the latency for the first request made
# on a newly created connection.
#
# socks_proxy and http_parent can be a numerical IPv6 address
# (if RFC 3493 is implemented). To prevent clashes with the port
# delimiter, the whole IP address has to be put into brackets.
# On the other hand a target_pattern containing an IPv6 address
# has to be put into angle brackets (normal brackets are
# reserved for regular expressions already).
#
# If http_parent is ".", then requests are not forwarded to
# another HTTP proxy but are made (HTTP-wise) directly to the
# web servers, albeit through a SOCKS proxy.
#
# Examples:
#
# From the company example.com, direct connections are made to
# all "internal" domains, but everything outbound goes through
# their ISP's proxy by way of example.com's corporate SOCKS 4A
# gateway to the Internet.
#
# forward-socks4a / socks-gw.example.com:1080
www-cache.isp.example.net:8080
# forward .example.com .
#
# A rule that uses a SOCKS 4 gateway for all destinations but no
# HTTP parent looks like this:
#
# forward-socks4 / socks-gw.example.com:1080 .
#
# To chain Privoxy and Tor, both running on the same system, you
# would use something like:
#
# forward-socks5t / 127.0.0.1:9050 .
#
# Note that if you got Tor through one of the bundles, you may
# have to change the port from 9050 to 9150 (or even another
# one). For details, please check the documentation on the Tor
# website.
#
# The public Tor network can't be used to reach your local
# network, if you need to access local servers you therefore
# might want to make some exceptions:
#
# forward 192.168.*.*/ .
# forward 10.*.*.*/ .
# forward 127.*.*.*/ .
#
# Unencrypted connections to systems in these address ranges
# will be as (un)secure as the local network is, but the
# alternative is that you can't reach the local network through
# Privoxy at all. Of course this may actually be desired and
# there is no reason to make these exceptions if you aren't sure
# you need them.
#
# If you also want to be able to reach servers in your local
# network by using their names, you will need additional
# exceptions that look like this:
#
# forward localhost/ .
#
#
> Anyway, if you can read this, Gmail's running again on Tor. Tor's a
It's almost like a contradiction in terms ... like an anarchist
dictatorship ... that people voted for!
> Thanks again for all the help. It seems to be doing OK with just the
> vanilla Aptitude install. No SOCKS, no reinstall; just no privoxy (on
> the other side of the room).
If gmail is running on tor then socks5 is your proxy to the gmail
server. I assume you mean webmail not pop/imap server. If the later is
true and it is configured to run through this socks5 proxy of tor, then
OK. If not, you are bypassing tor and connecting to pop/imap directly
with out this tor proxy.
--
"The most violent element in society is ignorance" rEG
Reply to: