Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T15:22:54Zhttps://gitlab.torproject.org/legacy/trac/-/issues/25465Transparent proxy hangs after kernel update to 4.15.6-200.fc26.x86_642020-06-13T15:22:54ZTracTransparent proxy hangs after kernel update to 4.15.6-200.fc26.x86_64Long running stable router box (FC26), tor transparent proxy has been working great for years. Tor now crashes and hangs when application attempts to connect through transparent proxy (TransProxy 9040) etc:
# ps -auxf | grep toranon
to...Long running stable router box (FC26), tor transparent proxy has been working great for years. Tor now crashes and hangs when application attempts to connect through transparent proxy (TransProxy 9040) etc:
# ps -auxf | grep toranon
toranon 2479 0.1 0.2 80920 34640 ? Ds 19:45 0:00 /usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc
Attempted to downgrade tor back to 0.2.9.10 with dnf... No joy.
Attempted to downgrade openssl to 1.1.0f-4... No joy
When I attempt to connect, say with curl, the last 2 lines in debug.log are:
Mar 11 20:06:20.000 [debug] connection_add_impl(): new conn type Socks, socket 16, address 172.16.111.3, n_conns 7.
Mar 11 20:06:20.000 [debug] connection_ap_process_transparent(): entered.
curl hangs, tor hangs (STATUS Ds), have to reboot to clear it.
Suggestions welcome.
**Trac**:
**Username**: freerjTor: 0.3.3.x-finalhttps://gitlab.torproject.org/legacy/trac/-/issues/25380Transparent proxy not working with linux kernel 4.15.62020-06-13T15:22:32ZTracTransparent proxy not working with linux kernel 4.15.6I dunno if yous test with da latest kernel but transparent proxy is not working at all with verion 4.15.6
If I were shooting from the hip or throwing darts blindfolded I would probably blame change 8f2f8993e0f69f4f8d5afe3873158f723daac...I dunno if yous test with da latest kernel but transparent proxy is not working at all with verion 4.15.6
If I were shooting from the hip or throwing darts blindfolded I would probably blame change 8f2f8993e0f69f4f8d5afe3873158f723daacb31 but I am not that kind of person.
The symptoms are tor process gets stuck in the getopt for the original destination address (in connection_edge.c) ipv4 transprarent proxy code and cannot be killed because the system call just sits there UNINTERRUPTIBLE
**Trac**:
**Username**: vafanTor: 0.3.3.x-finalhttps://gitlab.torproject.org/legacy/trac/-/issues/24769Increase client idle and connection timeouts to reduce network load2020-06-13T15:19:41ZteorIncrease client idle and connection timeouts to reduce network loadThese changes were introduced in d5a151a in 0.3.1.1.
Maybe we should:
* revert the changes, or increase the values
* make consensus parameters for them
```
+/** If we haven't yet decided on a good timeout value for circuit
+ * building...These changes were introduced in d5a151a in 0.3.1.1.
Maybe we should:
* revert the changes, or increase the values
* make consensus parameters for them
```
+/** If we haven't yet decided on a good timeout value for circuit
+ * building, we close idle circuits aggressively so we can get more
+ * data points. */
+#define IDLE_TIMEOUT_WHILE_LEARNING (1*60)
```
```
-/** If we haven't yet decided on a good timeout value for circuit
- * building, we close idles circuits aggressively so we can get more
- * data points. */
-#define IDLE_TIMEOUT_WHILE_LEARNING (10*60)
```
```
+#define CONNTIMEOUT_CLIENTS_BASE 180 // 3 to 4.5 min
+ timeout = CONNTIMEOUT_CLIENTS_BASE
+ + crypto_rand_int(CONNTIMEOUT_CLIENTS_BASE/2);
```Tor: 0.3.3.x-finalMike PerryMike Perry