GitLab

There are many programs that forward DNS request over SOCKS5 proxies, to work with tor the most of them send the queries in TCP format.

But they cannot use the DNS of Tor relays, they can only send to an external DNS server, so disabling access to .onion sites.

That's why a virtual DNS server in the TOR SOCKS5 server would be useful, so these programs can use relays DNS and handle .onion queries.

Another case are transparent forwarders that use a upstream SOCKS5 address, DNS should be provided by a kind of program like above or a DNS over TCP scheme (available in the Linux GLIBC since 2015, see https://web.archive.org/web/20150518063349/http://man7.org:80/linux/man-pages/man5/resolv.conf.5.html).

By adding the option "use-vc" in the Linux /etc/resolv.conf file, DNS queries can be done over the transparent proxy using external DNS servers, BUT NOT DNS of Tor relays and it cannot resolves .onion sites.

For these cases a virtual DNS resolver in the TOR SOCKS port would be useful, it can be only TCP (not UDP).

This is for DNS forwarders that use SOCKS proxies, and provide DNS in TCP mode to environments over transparent proxies.

The virtual addresses could be 224.0.0.1 for IPv4 and [2001:db8::1] for IPv6.

Trac:
Username: pcr