onion-tunnel: Permit loopback as destination (!331) · Merge requests · The Tor Project / Core / onionmasq

Clara Engler requested to merge cve/onionmasq:dev/cve/udp-localhost into main Nov 28, 2024

This commit modifies the logic of onion-tunnel's parser module in a fashion such that packets sent to the loopback interface are no longer dropped.

This functionality is crucial for testing, but it also makes sense to leave it in normal production, because the purpose of this filter primarily lies within the avoidance of a DNS resolve loop (see #129 (closed)). Because the DNS resolver is in the link local domain, the loopback check can probably be safely removed.

Fixes #128

Admin message

onion-tunnel: Permit loopback as destination

Merge request reports