Delivery-Date: Sat, 26 Mar 2016 13:54:34 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id DB6971E03C5;
	Sat, 26 Mar 2016 13:54:32 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id B26B2396CD;
	Sat, 26 Mar 2016 17:54:29 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 2E0C739272
 for <tor-talk@lists.torproject.org>; Sat, 26 Mar 2016 17:54:26 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id j7s1qA7RQ477 for <tor-talk@lists.torproject.org>;
 Sat, 26 Mar 2016 17:54:26 +0000 (UTC)
Received: from mail-vk0-x242.google.com (mail-vk0-x242.google.com
 [IPv6:2607:f8b0:400c:c05::242])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 0BF5638E7D
 for <tor-talk@lists.torproject.org>; Sat, 26 Mar 2016 17:54:25 +0000 (UTC)
Received: by mail-vk0-x242.google.com with SMTP id a62so10240500vkh.0
 for <tor-talk@lists.torproject.org>; Sat, 26 Mar 2016 10:54:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to;
 bh=hqPJGhnwJNzBdanuf/63dTeXR+l7xRu9/Ym734l0gYc=;
 b=BCYvVeqTw3boo6DfonjYMzjV46krsVi7qJj1zOTKTW6a2q+wcXcpDxArQnddjwpA3B
 sm+/qnEDNiGRbl1ImbYp/r2O8U4YRk6L9PRvJxj1ReqEw1eSGUHP6Wthn3I3jKJjt2DI
 WXEgN7uMwAINb3P+WMJR6PI8nERlEz2sMHZfQOW8IQQAsd43qZ/ybhiBQwUGxjqQxppo
 X1mPg6lV+VesrYymDiTAw6gwe7DSdS+6tY5PmUGKjXlzpV955OkOYJHNiIUe8Us6UM1E
 9amCysBcEYXy2DujkzNyi/syLKx6EkP42BaxPDzN4OrxdriCOF7QTwFvXlvtvmhmMoBz
 xh4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:date
 :message-id:subject:from:to;
 bh=hqPJGhnwJNzBdanuf/63dTeXR+l7xRu9/Ym734l0gYc=;
 b=NKezf6QnWbfkNITepNhUbbVdynhxHo9BT2ektuvQfQUDh3Bl3rX2VTsuppHdsf8E5d
 ZB94qrGoILgFhuvq3mR4SoN/5I81LzgcE5b6DTGC8HFJMsv9rQHoAVh9V5p9Rele76aS
 IFab4+5wM+mpA1E9Ju1YP8YPpFLhT51BONPW2dqJWqHZo8Po9DEYq27D1/BXxhqMML2i
 VwxLzPX0dLOf1U41y8UrhapelMJXvEKzBZF5tDSVAowUiBkR0qehbEAsM53phseqyuW1
 MryU/2DCykA0qWnu3k9R89O16xEIj17j5YftJIb5PQ+ltAO+kaWmsoMl0ZqdAp/wqmxg
 4ROg==
X-Gm-Message-State: AD7BkJK5lhGfoU2P8hT2++IoDWlkm2sVZtW2typL0rUDNUZGXkmp/SbRR2Pp+x4bXjR9D8ft9GrEJ7ejoJkXiw==
MIME-Version: 1.0
X-Received: by 10.31.108.87 with SMTP id h84mr10020252vkc.156.1459014863422;
 Sat, 26 Mar 2016 10:54:23 -0700 (PDT)
Received: by 10.176.69.5 with HTTP; Sat, 26 Mar 2016 10:54:23 -0700 (PDT)
In-Reply-To: <20160326101405.GA8312@hansolo>
References: <20160326101405.GA8312@hansolo>
Date: Sat, 26 Mar 2016 13:54:23 -0400
Message-ID: <CAD2Ti29iUfoj+4bNdg0c+7mqPEYQmpFafJ6f1P3MiOny011Ntg@mail.gmail.com>
From: grarpamp <grarpamp@gmail.com>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] Duplicating Tor's DNS requests
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 3/26/16, parazyd <parazyd@dyne.org> wrote:
> I'm wondering about duplicating Tor's DNS requests (like, when browsing
> a clearnet website) to another place on my machine.
>
> Basically, I'm running dnscap and with iptables or something similar, I
> would like to copy the DNS requests so dnscap can see them, but the
> important part is that the copied requests do not get through.

dnscap / iptables expects dns protocol, not parsing hostname
resolves out of socks5 protocol on localhost bpf. You need
other tool for that.
Your browser pushes hostnames through tor's socks5 interface,
so tor would need feature to block them internally instead of
sending them out over tor, then you couldn't browse anything.
If you don't want anything leaving but tor, block all and only
leave path to tor's socks5 port on another box / vm... aka: whonix.

You probably want to read / comment / contribute to
DNS portion of this ticket...

# Combine setevents circ and stream
https://trac.torproject.org/projects/tor/ticket/11179
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

