On Thu, 24 Sep 2020 at 13:33, Vasil Dimov <[email protected]> wrote: > Which creates a hidden service addrwhatever.onion. Later somebody > connects to addrwhatever.onion:8333 and the tor daemon opens a TCP > connection like 127.0.0.1:46153 -> 127.0.0.1:8333. Next, some other > application (not the tor daemon) connects directly to 127.0.0.1:8333 > and that is 127.0.0.1:52490 -> 127.0.0.1:8333. > > What if the application running at 127.0.0.1:8333 wants to distinguish > incoming tor connections from the rest? From its point of view the > connections from the example above are just TCP connections coming from > 127.0.0.1:46153 and 127.0.0.1:52490. >
I describe a useful workaround for this issue by using virtual IP addresses, in this document but especially in this section: https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md#how-this-works ...which also has the benefit of providing better auditability. - alec -- http://dropsafe.crypticide.com/aboutalecm
_______________________________________________ tor-onions mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
