Open Bug 1394756 Opened 7 years ago Updated 2 years ago

Cannot load onion domains

Categories

(Core :: Networking, defect, P3)

Product:
Core
Component:
Networking
Version:
55 Branch
Type:
defect

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: unix196, Unassigned)

Details

(Whiteboard: [necko-backlog])

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Build ID: 20160921204512 Steps to reproduce: Install Ubuntu: Description: Ubuntu 16.04.3 LTS Codename: xenial Install soft: firefox 55.0.2+build1-0ubuntu0.16.04.1 firefox-locale-en 55.0.2+build1-0ubuntu0.16.04.1 firefox-locale-ru 55.0.2+build1-0ubuntu0.16.04.1 tor 0.3.0.10-1~xenial+1 tor-geoipdb 0.3.0.10-1~xenial+1 torsocks 2.1.0-2 Configure /etc/tor/torrc: Log notice file /var/log/tor/notices.log VirtualAddrNetwork 10.192.0.0/10 AutomapHostsOnResolve 1 TransPort 9040 DNSPort 53 cat /etc/resolv.conf nameserver 127.0.0.1 rules for iptables: cat /etc/iptables.rules # Generated by iptables-save v1.6.0 on Tue Aug 29 14:13:56 2017 *filter :INPUT ACCEPT [22352:4343821] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -d 127.0.0.0/8 -j ACCEPT -A OUTPUT -m owner --uid-owner 122 -j ACCEPT -A OUTPUT -j REJECT --reject-with icmp-port-unreachable COMMIT # Completed on Tue Aug 29 14:13:56 2017 # Generated by iptables-save v1.6.0 on Tue Aug 29 14:13:56 2017 *nat :PREROUTING ACCEPT [152:16358] :INPUT ACCEPT [152:16358] :OUTPUT ACCEPT [15533:1304804] :POSTROUTING ACCEPT [28:1722] -A PREROUTING -d 10.192.0.0/10 -p tcp -j REDIRECT --to-ports 9040 -A OUTPUT -m owner --uid-owner 122 -j RETURN -A OUTPUT -p udp -m udp --dport 53 -j REDIRECT --to-ports 53 -A OUTPUT -d 127.0.0.0/9 -j RETURN -A OUTPUT -d 127.128.0.0/10 -j RETURN -A OUTPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040 -A OUTPUT -d 10.192.0.0/10 -p tcp -j REDIRECT --to-ports 9040 Go to web browser and open url: https://3g2upl4pq6kufc4m.onion Actual results: browser write : "Server not found. Check address or internet connection" 1) If open https://3g2upl4pq6kufc4m.onion. (dot at the end) - site open normal 2) If install chromium and go url https://3g2upl4pq6kufc4m.onion - site open normal Expected results: open DuckDuckGo search site
I'm having a similar problem on OS X with Firefox 55.0.3. Additionally, I've set network.dns.blockDotOnion to false in about:config. tcpdump shows that Firefox is not even trying to resolve the DNS, despite the block being disabled. Chrome resolves them fine on the same machine.
Component: Untriaged → Networking
Product: Firefox → Core
Summary: onion domains → Cannot load onion domains
(In reply to robs from comment #1) > I'm having a similar problem on OS X with Firefox 55.0.3. Additionally, > I've set network.dns.blockDotOnion to false in about:config. tcpdump shows > that Firefox is not even trying to resolve the DNS, despite the block being > disabled. Chrome resolves them fine on the same machine. Please ignore my above comment. I diagnosed and resolved my problem and its likely not related. OS X simply refuses to resolve .onion addresses and produces no packets that can be redirected. Presumably this is a (annoying) security feature. For completeness, I overcame this by creating an /etc/resolver/onion file with the following contents to force it perform a lookup. nameserver 10.50.0.1
Whiteboard: [necko-backlog]
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.