Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

[Solved] Configure Tor as a listening proxy server

Linux Kernel, Network, and Services configuration.
Message
Author
hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

[Solved] Configure Tor as a listening proxy server

#1 Post by hack3rcon »

Hello,
I want to setup Tor as a proxy server and a remote computer connect to my system and use Tor. I opened "/etc/tor/torrc" file and added the following lines to it:

Code: Select all

SocksListenAddress (Server's internal IP address)
SocksPolicy accept *
Then, restarted the Tor service:

Code: Select all

● tor.service - Anonymizing overlay network for TCP (multi-instance-master)
   Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
   Active: active (exited) since Wed 2022-12-14 09:47:38 +0330; 5min ago
  Process: 9759 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 9759 (code=exited, status=0/SUCCESS)

Dec 14 09:47:38 Xen-aka-X3n systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Dec 14 09:47:38 Xen-aka-X3n systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).
After it, I opened port 9050 with the following command:

Code: Select all

$ sudo iptables -A INPUT -p tcp --dport 9050 -j ACCEPT
On the client, I set proxy in the Internet browser, but I got the following error:
Off Topic
The proxy server is refusing connections
Why? How to solve it?

Thank you.
Last edited by hack3rcon on 2023-06-20 13:06, edited 1 time in total.

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] Configure Tor as a listening proxy server

#2 Post by hack3rcon »

Hello,
No idea?


Thank you so much.

User avatar
kent_dorfman766
Posts: 529
Joined: 2022-12-16 06:34
Location: socialist states of america
Has thanked: 56 times
Been thanked: 69 times

Re: [Software] Configure Tor as a listening proxy server

#3 Post by kent_dorfman766 »

what does sudo lsof -i show on the machine where the proxy server is running?
Is the proxy server actually listening on the port?

can you actually "connect" to the service on the proxy machine from the client? You need to determine if the problem is a network issue, or a proxy server config issue.

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] Configure Tor as a listening proxy server

#4 Post by Aki »

Hello,
hack3rcon wrote: 2022-12-14 06:27 On the client, I set proxy in the Internet browser but I got the following error:

Code: Select all

The proxy server is refusing connections

How do you set proxy in the Internet browser ?
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] Configure Tor as a listening proxy server

#5 Post by Aki »

@hack3rcon: have you solved ?
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] Configure Tor as a listening proxy server

#6 Post by hack3rcon »

Aki wrote: 2023-06-12 11:17 @hack3rcon: have you solved ?
Hello,
Thank you again for your helps.
Not really.
In my scenario, I want to run Tor on my Debian box and a Windows client use my Debian IP address with port 9050 to browse the Internet through Tor. For example, Windows client sets a SOCKS5 proxy in his\her Internet browser and tunneling all the requests via Tor.

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

[Software] No connection could be made because the target machine actively refused it.

#7 Post by hack3rcon »

Hello,
I opened port 9050 TCP on my Debian host:

Code: Select all

$ iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  127.0.0.0/8          127.0.0.0/8         
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
SYN_FLOOD  tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:9050

Chain FORWARD (policy DROP)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            
ACCEPT     udp  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere            

Chain SYN_FLOOD (1 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere             limit: avg 5/sec burst 10
DROP       all  --  anywhere             anywhere   
And Tor service is running too:

Code: Select all

$ netstat -nat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 127.0.0.1:5433          0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:5434          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:9050            0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:5435          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:2049            0.0.0.0:*               LISTEN     
...
In VirtualBox, I installed a Windows VM and set its network as NAT. In the guess OS, I used ncat tool to check the port on the host OS, but I got the following error:

Code: Select all

C:\> ncat IP -v 9050
Ncat: Version 7.93 ( https://nmap.org/ncat )
libnsock ssl_init_helper(): OpenSSL legacy provider failed to load.

Ncat: No connection could be made because the target machine actively refused it. .
Why?


Thank you.

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] No connection could be made because the target machine actively refused it.

#8 Post by Aki »

hack3rcon wrote: 2023-06-14 06:02 In VirtualBox, I installed a Windows VM and set its network as NAT. In the guess OS, I used ncat tool to check the port on the host OS, but I got the following error:

Code: Select all

C:\> ncat IP -v 9050
Ncat: Version 7.93 ( https://nmap.org/ncat )
libnsock ssl_init_helper(): OpenSSL legacy provider failed to load.

Ncat: No connection could be made because the target machine actively refused it. .
Why?
Thank you.
As you reported in the previous message, you have configured the network interface card (NIC) in Virtualbox to behave as if it were behind a NAT [1]: the guest network is isolated from external network requests by design. This is the most likely explanation for why VirtualBox denies connections from outside its internal (guest) network.

If you want Virtualbox to respond to network requests from clients outside its internal network, you must configure Virtualbox (the NAT of the guest NIC) to forward network traffic from host to guest [2]. You must configure the required IP/ports of the Host and the corresponding IP/ports of the Guest. The virtualbox GUI support it, too.

Last but not least, the requested guest service (tor in your case) should be configured to listen on the guest IPs/ports (to which virtualbox forwards packets from the host to the guest).

If you have already done all the above configurations and you cannot connect to the virtualbox guest service, then the Virtualbox guest operating system is denying connections because you are using the wrong IP/port of the requested service (tor) on the host side of the NAT.

HTH.

note: this thread will be merged with the other thread you previously opened on the same topic "[Software] Configure Tor as a listening proxy server".

---
[1] https://it.wikipedia.org/wiki/Network_address_translation
[2] https://www.virtualbox.org/manual/ch06.html#network_nat
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] No connection could be made because the target machine actively refused it.

#9 Post by hack3rcon »

Aki wrote: 2023-06-15 07:54
hack3rcon wrote: 2023-06-14 06:02 In VirtualBox, I installed a Windows VM and set its network as NAT. In the guess OS, I used ncat tool to check the port on the host OS, but I got the following error:

Code: Select all

C:\> ncat IP -v 9050
Ncat: Version 7.93 ( https://nmap.org/ncat )
libnsock ssl_init_helper(): OpenSSL legacy provider failed to load.

Ncat: No connection could be made because the target machine actively refused it. .
Why?
Thank you.
As you reported in the previous message, you have configured the network interface card (NIC) in Virtualbox to behave as if it were behind a NAT [1]: the guest network is isolated from external network requests by design. This is the most likely explanation for why VirtualBox denies connections from outside its internal (guest) network.

If you want Virtualbox to respond to network requests from clients outside its internal network, you must configure Virtualbox (the NAT of the guest NIC) to forward network traffic from host to guest [2]. You must configure the required IP/ports of the Host and the corresponding IP/ports of the Guest. The virtualbox GUI support it, too.

Last but not least, the requested guest service (tor in your case) should be configured to listen on the guest IPs/ports (to which virtualbox forwards packets from the host to the guest).

If you have already done all the above configurations and you cannot connect to the virtualbox guest service, then the Virtualbox guest operating system is denying connections because you are using the wrong IP/port of the requested service (tor) on the host side of the NAT.

HTH.

note: this thread will be merged with the other thread you previously opened on the same topic "[Software] Configure Tor as a listening proxy server".

---
[1] https://it.wikipedia.org/wiki/Network_address_translation
[2] https://www.virtualbox.org/manual/ch06.html#network_nat
Hello,
Thank you so much for your reply.
Excuse me, I must configure Tor to listen on the guest IPs/ports? I added the following line to the Tor configuration file:

Code: Select all

SocksPort 0.0.0.0:9050
My PC is in an internal network, if the problem is the VM and its network settings, then the other PCs in the internal network should be able to use Tor on my system?

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] No connection could be made because the target machine actively refused it.

#10 Post by Aki »

hack3rcon wrote: 2023-06-15 21:26 Excuse me, I must configure Tor to listen on the guest IPs/ports? I added the following line to the Tor configuration file:

Code: Select all

SocksPort 0.0.0.0:9050
My PC is in an internal network, if the problem is the VM and its network settings, then the other PCs in the internal network should be able to use Tor on my system?
Sorry, I understood your scenario was:
  • Windows is running as host
  • Debian (with tor) is running as virtualbox VM guest
On the contrary, your scenario is:
  • Debian is running as host (with tor)
  • Windows is running as virtualbox VM guest (and need to talk to tor in the host)
In the second scenario, it is not required the port forward through the virtualbox NAT.

To test the connection using netcat from guest to host (without running tor), you can run the following command in the host (to start a listening service):

Code: Select all

nc -v -l -p 9050
and run the following command in the guest:

Code: Select all

nc -v 10.0.2.2 9050
If the connection is established, in the host should appear something like:

Code: Select all

nc -v -l -p 9050
Listening on 0.0.0.0 9050
Connection received on localhost 35684
and in the guest should appear something like that:

Code: Select all

Connected to 10.0.2.2:9050
The IP address 10.0.2.2 is the standard configuration (if not modified) of the default gateway's IP in the virtualbox guest when a NAT NIC is configured. You can check it in the guest with the command:

Code: Select all

ip route
HTH
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] No connection could be made because the target machine actively refused it.

#11 Post by hack3rcon »

Aki wrote: 2023-06-16 15:47
hack3rcon wrote: 2023-06-15 21:26 Excuse me, I must configure Tor to listen on the guest IPs/ports? I added the following line to the Tor configuration file:

Code: Select all

SocksPort 0.0.0.0:9050
My PC is in an internal network, if the problem is the VM and its network settings, then the other PCs in the internal network should be able to use Tor on my system?
Sorry, I understood your scenario was:
  • Windows is running as host
  • Debian (with tor) is running as virtualbox VM guest
On the contrary, your scenario is:
  • Debian is running as host (with tor)
  • Windows is running as virtualbox VM guest (and need to talk to tor in the host)
In the second scenario, it is not required the port forward through the virtualbox NAT.

To test the connection using netcat from guest to host (without running tor), you can run the following command in the host (to start a listening service):

Code: Select all

nc -v -l -p 9050
and run the following command in the guest:

Code: Select all

nc -v 10.0.2.2 9050
If the connection is established, in the host should appear something like:

Code: Select all

nc -v -l -p 9050
Listening on 0.0.0.0 9050
Connection received on localhost 35684
and in the guest should appear something like that:

Code: Select all

Connected to 10.0.2.2:9050
The IP address 10.0.2.2 is the standard configuration (if not modified) of the default gateway's IP in the virtualbox guest when a NAT NIC is configured. You can check it in the guest with the command:

Code: Select all

ip route
HTH
Hello,
Thank you again for your reply.
My scenario is the latter.
On my Linux Box (Host), I did:

Code: Select all

$ sudo nc -v -l -p 1010
nc: listening on :: 1010 ...
nc: listening on 0.0.0.0 1010 ...
And on Windows (Guest), I did:

Code: Select all

C:\> ncat 10.0.2.2 -v 1010
Ncat: Version 7.93 ( https://nmap.org/ncat )
libnsock ssl_init_helper(): OpenSSL legacy provider failed to load.

Ncat: Connected to 10.0.2.2:1010.
Why I can't see the port 9050 from Guest?
On my Debian, I did:

Code: Select all

$ nc -v localhost 9050
nc: cannot connect to localhost (::1) 9050 [9050]: Connection refused
nc: localhost (127.0.0.1) 9050 [9050] open

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] No connection could be made because the target machine actively refused it.

#12 Post by Aki »

hack3rcon wrote: 2023-06-17 05:52
Aki wrote: 2023-06-16 15:47 [..] your scenario is:
  • Debian is running as host (with tor)
  • Windows is running as virtualbox VM guest (and need to talk to tor in the host)
You reported that on Debian (the virtualbox host running tor) you gave the following command:

Code: Select all

$ nc -v localhost 9050
nc: cannot connect to localhost (::1) 9050 [9050]: Connection refused
nc: localhost (127.0.0.1) 9050 [9050] open
The output tells that:
  • a service (most likely the Tor socks service) responded to the netcat request because a connection was opened on port 9050 for Debian (host) IPv4 address 127.0.0.1 (localhost):

    Code: Select all

    nc: localhost (127.0.0.1) 9050 [9050] open
  • no service answered on port 9050 for Debian (host) IPv6 address ::1 (localhost) because probably tor in not listening to it :

    Code: Select all

    nc: cannot connect to localhost (::1) 9050 [9050]: Connection refused
hack3rcon wrote: 2023-06-17 05:52 Why I can't see the port 9050 from Guest?
You should use the IPv4 address of the default gateway of the guest to contact the tor service running on the host.

The IPv4 default gateway from the guest to the host should be 10.0.2.2 by default in virtualbox with a NAT configured NIC. It can be checked with the command:

Code: Select all

# ip route
for example, with this output:

Code: Select all

# ip route
default via 10.0.2.2 dev enp0s3 proto dhcp metric 100 
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 
Therefore, in the windows virtualbox guest the command to test the connection to the tor service running in the host should be:

Code: Select all

# nc -v 10.0.2.2 9050
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] No connection could be made because the target machine actively refused it.

#13 Post by hack3rcon »

Aki wrote: 2023-06-17 07:41
hack3rcon wrote: 2023-06-17 05:52
Aki wrote: 2023-06-16 15:47 [..] your scenario is:
  • Debian is running as host (with tor)
  • Windows is running as virtualbox VM guest (and need to talk to tor in the host)
You reported that on Debian (the virtualbox host running tor) you gave the following command:

Code: Select all

$ nc -v localhost 9050
nc: cannot connect to localhost (::1) 9050 [9050]: Connection refused
nc: localhost (127.0.0.1) 9050 [9050] open
The output tells that:
  • a service (most likely the Tor socks service) responded to the netcat request because a connection was opened on port 9050 for Debian (host) IPv4 address 127.0.0.1 (localhost):

    Code: Select all

    nc: localhost (127.0.0.1) 9050 [9050] open
  • no service answered on port 9050 for Debian (host) IPv6 address ::1 (localhost) because probably tor in not listening to it :

    Code: Select all

    nc: cannot connect to localhost (::1) 9050 [9050]: Connection refused
hack3rcon wrote: 2023-06-17 05:52 Why I can't see the port 9050 from Guest?
You should use the IPv4 address of the default gateway of the guest to contact the tor service running on the host.

The IPv4 default gateway from the guest to the host should be 10.0.2.2 by default in virtualbox with a NAT configured NIC. It can be checked with the command:

Code: Select all

# ip route
for example, with this output:

Code: Select all

# ip route
default via 10.0.2.2 dev enp0s3 proto dhcp metric 100 
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 
Therefore, in the windows virtualbox guest the command to test the connection to the tor service running in the host should be:

Code: Select all

# nc -v 10.0.2.2 9050
Hello,
Thank you so much for your help.
I did:

Code: Select all

C:\> ncat 10.0.2.2 -v 9050
Ncat: Version 7.93 ( https://nmap.org/ncat )
libnsock ssl_init_helper(): OpenSSL legacy provider failed to load.

Ncat: Connected to 10.0.2.2:9050.
It worked. Can you tell me why when I use the default gateway IP address instead of the host IP address, it worked?

In the Windows VM, I used Firefox with SOCKS v5, and set SOCKS Host to "10.0.2.2" and Port to "9050", but I couldn't browse any website. When I selected "Proxy DNS when using SOCKS v5" option, then it's working.
My question is that why I must use the default gateway IP address instead of the host IP address?

On a real client (not VM) in my local network, I tested port 9050 and I got the following result:

Code: Select all

C:\> nc 172.21.50.61 -v 9050
172.21.50.61: inverse host lookup failed: h_errno 11004: NO_DATA
(UNKNOWN) [172.21.50.61] 9050 (?): TIMEDOUT
Why? Are my iptables rules wrong? If yes, then why Windows VM can connect?

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] No connection could be made because the target machine actively refused it.

#14 Post by Aki »

hack3rcon wrote: 2023-06-17 13:54 My question is that why I must use the default gateway IP address instead of the host IP address?
The socks proxy of the tor service listen to 127.0.0.1 by default (unless you configure a different IP address) in the host.

With a NIC configured in NAT mode, you cannot access directly the host's 127.0.0.1 address from the virtualbox guest, but (see https://www.virtualbox.org/manual/ch06.html#networkingmodes):
The network frames sent out by the guest operating system are received by Oracle VM VirtualBox's NAT engine, which extracts the TCP/IP data and resends it using the host operating system. To an application on the host, or to another computer on the same network as the host, it looks like the data was sent by the Oracle VM VirtualBox application on the host, using an IP address belonging to the host. Oracle VM VirtualBox listens for replies to the packages sent, and repacks and resends them to the guest machine on its private network.
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] No connection could be made because the target machine actively refused it.

#15 Post by hack3rcon »

Aki wrote: 2023-06-18 09:35
hack3rcon wrote: 2023-06-17 13:54 My question is that why I must use the default gateway IP address instead of the host IP address?
The socks proxy of the tor service listen to 127.0.0.1 by default (unless you configure a different IP address) in the host.

With a NIC configured in NAT mode, you cannot access directly the host's 127.0.0.1 address from the virtualbox guest, but (see https://www.virtualbox.org/manual/ch06.html#networkingmodes):
The network frames sent out by the guest operating system are received by Oracle VM VirtualBox's NAT engine, which extracts the TCP/IP data and resends it using the host operating system. To an application on the host, or to another computer on the same network as the host, it looks like the data was sent by the Oracle VM VirtualBox application on the host, using an IP address belonging to the host. Oracle VM VirtualBox listens for replies to the packages sent, and repacks and resends them to the guest machine on its private network.
Hello,
Thank you again for your reply.
So, what should I do?

I changed the Tor configuration as follow:

Code: Select all

SocksPort 172.21.50.61:9050
SocksPolicy accept 172.21.50.0/25
RunAsDaemon 1
DataDirectory /var/lib/tor
CookieAuthentication 1
I restarted the Tor service and it is running:

Code: Select all

$ netstat -nat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
...    
tcp        0      0 172.21.50.61:9050       0.0.0.0:*               LISTEN     
...   
I changed the network settings to the Bridged Adapter and my Windows VM got a new IP address in the range of my Linux host and has Internet access too:

Code: Select all

C:\>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Windows-VM
   Primary Dns Suffix  . . . . . . . : MyNetwork.xyz
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : MyNetwork.xyz

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : MyNetwork.xyz
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Desktop Adapter
   Physical Address. . . . . . . . . : 08-00-27-B9-2C-B5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4d7e:3a8:5c36:b153%6(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.21.50.67(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.128
   Lease Obtained. . . . . . . . . . : Sunday, June 18, 2023 2:05:11 PM
   Lease Expires . . . . . . . . . . : Monday, June 19, 2023 2:04:59 PM
   Default Gateway . . . . . . . . . : 0.0.0.0
                                       172.21.50.62
   DHCP Server . . . . . . . . . . . : 172.20.1.48
   DHCPv6 IAID . . . . . . . . . . . : 101187623
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-BD-7F-C6-08-00-27-B9-2C-B5
   DNS Servers . . . . . . . . . . . : 172.20.1.2
                                       172.20.1.7
   Primary WINS Server . . . . . . . : 172.20.1.5
   Secondary WINS Server . . . . . . : 172.20.1.7
   NetBIOS over Tcpip. . . . . . . . : Enabled
C:\>
C:\> ping 8.8.8.8

Pinging 8.8.8.8 with 32 bytes of data:
Reply from 8.8.8.8: bytes=32 time=47ms TTL=108
Reply from 8.8.8.8: bytes=32 time=40ms TTL=108
Reply from 8.8.8.8: bytes=32 time=40ms TTL=108
Reply from 8.8.8.8: bytes=32 time=41ms TTL=108

Ping statistics for 8.8.8.8:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 47ms, Average = 42ms
I can't ping my Linux host and I guess this is because of the iptables rules:

Code: Select all

C:\> ping 172.21.50.61

Pinging 172.21.50.61 with 32 bytes of data:
Reply from 172.21.50.61: Destination port unreachable.
Reply from 172.21.50.61: Destination port unreachable.
Reply from 172.21.50.61: Destination port unreachable.
Reply from 172.21.50.61: Destination port unreachable.

Ping statistics for 172.21.50.61:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Can it cause a problem?

I did a Netcat, and the result is:

Code: Select all

C:\> ncat 172.21.50.61 -v 9050
Ncat: Version 7.93 ( https://nmap.org/ncat )
libnsock ssl_init_helper(): OpenSSL legacy provider failed to load.

Ncat: TIMEOUT.
When I ran the Netcat in my Windows VM, I did a tcpdump on Linux host and results are:

Code: Select all

$ sudo tcpdump -A -i eth1 -vv 'port 9050'
tcpdump: listening on eth1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
14:23:15.103995 IP (tos 0x0, ttl 128, id 1199, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8918 > 10.0.2.2.9050: Flags [S], cksum 0xba83 (correct), seq 518810149, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z..j%........................
14:23:15.379653 IP (tos 0x0, ttl 128, id 1200, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8919 > 10.0.2.2.9050: Flags [S], cksum 0xbbfc (correct), seq 2453271901, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.9.]........................
14:23:16.135299 IP (tos 0x0, ttl 128, id 1201, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8918 > 10.0.2.2.9050: Flags [S], cksum 0xba83 (correct), seq 518810149, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z..j%........................
14:23:16.385244 IP (tos 0x0, ttl 128, id 29474, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8920 > 172.21.50.61.9050: Flags [S], cksum 0xa31d (correct), seq 32295992, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s"@.......2C..2=".#Z...8........................
14:23:16.391966 IP (tos 0x0, ttl 128, id 1202, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8919 > 10.0.2.2.9050: Flags [S], cksum 0xbbfc (correct), seq 2453271901, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.9.]........................
14:23:17.397237 IP (tos 0x0, ttl 128, id 29475, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8920 > 172.21.50.61.9050: Flags [S], cksum 0xa31d (correct), seq 32295992, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s#@.......2C..2=".#Z...8........................
14:23:18.135421 IP (tos 0x0, ttl 128, id 1203, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8918 > 10.0.2.2.9050: Flags [S], cksum 0xba83 (correct), seq 518810149, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z..j%........................
14:23:18.405281 IP (tos 0x0, ttl 128, id 1204, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8919 > 10.0.2.2.9050: Flags [S], cksum 0xbbfc (correct), seq 2453271901, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.9.]........................
14:23:19.412358 IP (tos 0x0, ttl 128, id 29476, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8920 > 172.21.50.61.9050: Flags [S], cksum 0xa31d (correct), seq 32295992, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s$@.......2C..2=".#Z...8........................
14:23:20.112987 IP (tos 0x0, ttl 128, id 1205, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8921 > 10.0.2.2.9050: Flags [S], cksum 0x2c4d (correct), seq 2722591997, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.Gt.........,M..............
14:23:20.364403 IP (tos 0x0, ttl 128, id 1206, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8922 > 10.0.2.2.9050: Flags [S], cksum 0xea5c (correct), seq 1965417486, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Zu%...........\..............
14:23:21.117852 IP (tos 0x0, ttl 128, id 1207, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8921 > 10.0.2.2.9050: Flags [S], cksum 0x2c4d (correct), seq 2722591997, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.Gt.........,M..............
14:23:21.378889 IP (tos 0x0, ttl 128, id 1208, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8922 > 10.0.2.2.9050: Flags [S], cksum 0xea5c (correct), seq 1965417486, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Zu%...........\..............
14:23:23.118687 IP (tos 0x0, ttl 128, id 1209, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8921 > 10.0.2.2.9050: Flags [S], cksum 0x2c4d (correct), seq 2722591997, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.Gt.........,M..............
14:23:23.389242 IP (tos 0x0, ttl 128, id 1210, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8922 > 10.0.2.2.9050: Flags [S], cksum 0xea5c (correct), seq 1965417486, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Zu%...........\..............
14:23:23.435442 IP (tos 0x0, ttl 128, id 29477, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8920 > 172.21.50.61.9050: Flags [S], cksum 0xa31d (correct), seq 32295992, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s%@.......2C..2=".#Z...8........................
14:23:25.120212 IP (tos 0x0, ttl 128, id 1211, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8923 > 10.0.2.2.9050: Flags [S], cksum 0x3ff3 (correct), seq 2250931570, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.*}r........?...............
14:23:25.384437 IP (tos 0x0, ttl 128, id 1212, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8924 > 10.0.2.2.9050: Flags [S], cksum 0x9e87 (correct), seq 2474774917, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z............................
14:23:26.122266 IP (tos 0x0, ttl 128, id 1213, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8923 > 10.0.2.2.9050: Flags [S], cksum 0x3ff3 (correct), seq 2250931570, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.*}r........?...............
14:23:26.388450 IP (tos 0x0, ttl 128, id 1214, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8924 > 10.0.2.2.9050: Flags [S], cksum 0x9e87 (correct), seq 2474774917, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z............................
14:23:28.131228 IP (tos 0x0, ttl 128, id 1215, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8923 > 10.0.2.2.9050: Flags [S], cksum 0x3ff3 (correct), seq 2250931570, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.*}r........?...............
14:23:28.404984 IP (tos 0x0, ttl 128, id 1216, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8924 > 10.0.2.2.9050: Flags [S], cksum 0x9e87 (correct), seq 2474774917, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z............................
14:23:30.129342 IP (tos 0x0, ttl 128, id 1217, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8925 > 10.0.2.2.9050: Flags [S], cksum 0xe14b (correct), seq 2069358314, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z{W...........K..............
14:23:30.380835 IP (tos 0x0, ttl 128, id 1218, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8926 > 10.0.2.2.9050: Flags [S], cksum 0x968e (correct), seq 578587266, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z"|..........................
14:23:31.138038 IP (tos 0x0, ttl 128, id 1219, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8925 > 10.0.2.2.9050: Flags [S], cksum 0xe14b (correct), seq 2069358314, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z{W...........K..............
14:23:31.384848 IP (tos 0x0, ttl 128, id 1220, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8926 > 10.0.2.2.9050: Flags [S], cksum 0x968e (correct), seq 578587266, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z"|..........................
14:23:31.446289 IP (tos 0x0, ttl 128, id 29478, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8920 > 172.21.50.61.9050: Flags [S], cksum 0xa31d (correct), seq 32295992, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s&@.......2C..2=".#Z...8........................
14:23:33.152324 IP (tos 0x0, ttl 128, id 1221, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8925 > 10.0.2.2.9050: Flags [S], cksum 0xe14b (correct), seq 2069358314, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z{W...........K..............
14:23:33.399840 IP (tos 0x0, ttl 128, id 1222, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8926 > 10.0.2.2.9050: Flags [S], cksum 0x968e (correct), seq 578587266, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z"|..........................
14:23:35.148876 IP (tos 0x0, ttl 128, id 1223, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8927 > 10.0.2.2.9050: Flags [S], cksum 0x882d (correct), seq 46184606, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.............-..............
14:23:35.408129 IP (tos 0x0, ttl 128, id 1224, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8928 > 10.0.2.2.9050: Flags [S], cksum 0x789d (correct), seq 889624039, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z5...........x...............
14:23:36.151947 IP (tos 0x0, ttl 128, id 1225, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8927 > 10.0.2.2.9050: Flags [S], cksum 0x882d (correct), seq 46184606, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.............-..............
14:23:36.421955 IP (tos 0x0, ttl 128, id 1226, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8928 > 10.0.2.2.9050: Flags [S], cksum 0x789d (correct), seq 889624039, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z5...........x...............
14:23:38.159000 IP (tos 0x0, ttl 128, id 1227, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8927 > 10.0.2.2.9050: Flags [S], cksum 0x882d (correct), seq 46184606, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z.............-..............
14:23:38.426458 IP (tos 0x0, ttl 128, id 1228, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8928 > 10.0.2.2.9050: Flags [S], cksum 0x789d (correct), seq 889624039, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z5...........x...............
14:23:40.157310 IP (tos 0x0, ttl 128, id 1229, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8929 > 10.0.2.2.9050: Flags [S], cksum 0x6040 (correct), seq 803910495, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z/.._........`@..............
14:23:40.417635 IP (tos 0x0, ttl 128, id 1230, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8930 > 10.0.2.2.9050: Flags [S], cksum 0x7dea (correct), seq 2499817630, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z..0.........}...............
14:23:41.157725 IP (tos 0x0, ttl 128, id 1231, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8929 > 10.0.2.2.9050: Flags [S], cksum 0x6040 (correct), seq 803910495, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z/.._........`@..............
14:23:41.426603 IP (tos 0x0, ttl 128, id 1232, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8930 > 10.0.2.2.9050: Flags [S], cksum 0x7dea (correct), seq 2499817630, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z..0.........}...............
14:23:43.166201 IP (tos 0x0, ttl 128, id 1233, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8929 > 10.0.2.2.9050: Flags [S], cksum 0x6040 (correct), seq 803910495, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z/.._........`@..............
14:23:43.435814 IP (tos 0x0, ttl 128, id 1234, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.8930 > 10.0.2.2.9050: Flags [S], cksum 0x7dea (correct), seq 2499817630, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@.......2C
...".#Z..0.........}...............
I changed the SOCKS Host to 172.21.50.61 and Port to 9050 and refreshed the Firefox page. I got the following error:

Code: Select all

The connection has timed out
And the tcpdump outputs are:

Code: Select all

$ sudo tcpdump -A -i eth1 -vv 'port 9050'
tcpdump: listening on eth1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
14:33:15.403793 IP (tos 0x0, ttl 128, id 29530, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9014 > 172.21.50.61.9050: Flags [S], cksum 0x4d3f (correct), seq 564920825, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sZ@.......2C..2=#6#Z!...........M?..............
14:33:16.160151 IP (tos 0x0, ttl 128, id 29531, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9013 > 172.21.50.61.9050: Flags [S], cksum 0x17aa (correct), seq 1289161828, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s[@.......2C..2=#5#ZL..d........................
14:33:16.410809 IP (tos 0x0, ttl 128, id 29532, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9014 > 172.21.50.61.9050: Flags [S], cksum 0x4d3f (correct), seq 564920825, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s\@.......2C..2=#6#Z!...........M?..............
14:33:18.162753 IP (tos 0x0, ttl 128, id 29533, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9013 > 172.21.50.61.9050: Flags [S], cksum 0x17aa (correct), seq 1289161828, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s]@.......2C..2=#5#ZL..d........................
14:33:18.412887 IP (tos 0x0, ttl 128, id 29534, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9014 > 172.21.50.61.9050: Flags [S], cksum 0x4d3f (correct), seq 564920825, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s^@.......2C..2=#6#Z!...........M?..............
14:33:18.936171 IP (tos 0x0, ttl 128, id 29535, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9015 > 172.21.50.61.9050: Flags [S], cksum 0x6ced (correct), seq 1408675839, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s_@.......2C..2=#7#ZS...........l...............
14:33:19.191267 IP (tos 0x0, ttl 128, id 29536, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9016 > 172.21.50.61.9050: Flags [S], cksum 0x887f (correct), seq 1397986575, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s`@.......2C..2=#8#ZSS..........................
14:33:19.952869 IP (tos 0x0, ttl 128, id 29537, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9015 > 172.21.50.61.9050: Flags [S], cksum 0x6ced (correct), seq 1408675839, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sa@.......2C..2=#7#ZS...........l...............
14:33:20.161193 IP (tos 0x0, ttl 128, id 29538, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9017 > 172.21.50.61.9050: Flags [S], cksum 0xef28 (correct), seq 1332818503, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sb@.......2C..2=#9#ZOq2G.........(..............
14:33:20.191379 IP (tos 0x0, ttl 128, id 29539, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9016 > 172.21.50.61.9050: Flags [S], cksum 0x887f (correct), seq 1397986575, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sc@.......2C..2=#8#ZSS..........................
14:33:20.411371 IP (tos 0x0, ttl 128, id 29540, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9018 > 172.21.50.61.9050: Flags [S], cksum 0x9946 (correct), seq 3450079733, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sd@.......2C..2=#:#Z..	..........F..............
14:33:21.166867 IP (tos 0x0, ttl 128, id 29541, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9017 > 172.21.50.61.9050: Flags [S], cksum 0xef28 (correct), seq 1332818503, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4se@.......2C..2=#9#ZOq2G.........(..............
14:33:21.415640 IP (tos 0x0, ttl 128, id 29542, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9018 > 172.21.50.61.9050: Flags [S], cksum 0x9946 (correct), seq 3450079733, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sf@.......2C..2=#:#Z..	..........F..............
14:33:21.964037 IP (tos 0x0, ttl 128, id 29543, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9015 > 172.21.50.61.9050: Flags [S], cksum 0x6ced (correct), seq 1408675839, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sg@.......2C..2=#7#ZS...........l...............
14:33:22.201508 IP (tos 0x0, ttl 128, id 29544, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9016 > 172.21.50.61.9050: Flags [S], cksum 0x887f (correct), seq 1397986575, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sh@.......2C..2=#8#ZSS..........................
14:33:23.169312 IP (tos 0x0, ttl 128, id 29545, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9017 > 172.21.50.61.9050: Flags [S], cksum 0xef28 (correct), seq 1332818503, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4si@.......2C..2=#9#ZOq2G.........(..............
14:33:23.426325 IP (tos 0x0, ttl 128, id 29546, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9018 > 172.21.50.61.9050: Flags [S], cksum 0x9946 (correct), seq 3450079733, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sj@.......2C..2=#:#Z..	..........F..............
14:33:25.165555 IP (tos 0x0, ttl 128, id 29547, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9019 > 172.21.50.61.9050: Flags [S], cksum 0x16d9 (correct), seq 1676080671, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sk@.......2C..2=#;#Zc...........................
14:33:25.417307 IP (tos 0x0, ttl 128, id 29548, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9020 > 172.21.50.61.9050: Flags [S], cksum 0xb90f (correct), seq 1291283159, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sl@.......2C..2=#<#ZL.j.........................
14:33:25.966968 IP (tos 0x0, ttl 128, id 29549, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9015 > 172.21.50.61.9050: Flags [S], cksum 0x6ced (correct), seq 1408675839, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sm@.......2C..2=#7#ZS...........l...............
14:33:26.169002 IP (tos 0x0, ttl 128, id 29550, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9019 > 172.21.50.61.9050: Flags [S], cksum 0x16d9 (correct), seq 1676080671, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sn@.......2C..2=#;#Zc...........................
14:33:26.207218 IP (tos 0x0, ttl 128, id 29551, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9016 > 172.21.50.61.9050: Flags [S], cksum 0x887f (correct), seq 1397986575, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4so@.......2C..2=#8#ZSS..........................
14:33:26.424800 IP (tos 0x0, ttl 128, id 29552, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9020 > 172.21.50.61.9050: Flags [S], cksum 0xb90f (correct), seq 1291283159, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sp@.......2C..2=#<#ZL.j.........................
14:33:28.180271 IP (tos 0x0, ttl 128, id 29553, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9019 > 172.21.50.61.9050: Flags [S], cksum 0x16d9 (correct), seq 1676080671, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sq@.......2C..2=#;#Zc...........................
14:33:28.441061 IP (tos 0x0, ttl 128, id 29554, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9020 > 172.21.50.61.9050: Flags [S], cksum 0xb90f (correct), seq 1291283159, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sr@.......2C..2=#<#ZL.j.........................
14:33:30.173365 IP (tos 0x0, ttl 128, id 29555, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9021 > 172.21.50.61.9050: Flags [S], cksum 0x0a2b (correct), seq 263214850, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4ss@.......2C..2=#=#Z..W.........
+..............
14:33:30.439967 IP (tos 0x0, ttl 128, id 29556, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9022 > 172.21.50.61.9050: Flags [S], cksum 0x2c5b (correct), seq 601301162, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4st@.......2C..2=#>#Z#. .........,[..............
14:33:31.183654 IP (tos 0x0, ttl 128, id 29557, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9021 > 172.21.50.61.9050: Flags [S], cksum 0x0a2b (correct), seq 263214850, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4su@.......2C..2=#=#Z..W.........
+..............
14:33:31.455527 IP (tos 0x0, ttl 128, id 29558, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9022 > 172.21.50.61.9050: Flags [S], cksum 0x2c5b (correct), seq 601301162, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sv@.......2C..2=#>#Z#. .........,[..............
14:33:33.198111 IP (tos 0x0, ttl 128, id 29559, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9021 > 172.21.50.61.9050: Flags [S], cksum 0x0a2b (correct), seq 263214850, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sw@.......2C..2=#=#Z..W.........
+..............
14:33:33.467816 IP (tos 0x0, ttl 128, id 29560, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9022 > 172.21.50.61.9050: Flags [S], cksum 0x2c5b (correct), seq 601301162, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sx@.......2C..2=#>#Z#. .........,[..............
14:33:33.968824 IP (tos 0x0, ttl 128, id 29561, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9015 > 172.21.50.61.9050: Flags [S], cksum 0x6ced (correct), seq 1408675839, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sy@.......2C..2=#7#ZS...........l...............
14:33:34.220240 IP (tos 0x0, ttl 128, id 29562, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9016 > 172.21.50.61.9050: Flags [S], cksum 0x887f (correct), seq 1397986575, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4sz@.......2C..2=#8#ZSS..........................
14:33:35.184093 IP (tos 0x0, ttl 128, id 29563, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9023 > 172.21.50.61.9050: Flags [S], cksum 0x9210 (correct), seq 3948802924, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s{@.......2C..2=#?#Z.].l........................
14:33:35.447679 IP (tos 0x0, ttl 128, id 29564, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9024 > 172.21.50.61.9050: Flags [S], cksum 0x1698 (correct), seq 2884349526, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s|@.......2C..2=#@#Z...V........................
14:33:36.188311 IP (tos 0x0, ttl 128, id 29565, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9023 > 172.21.50.61.9050: Flags [S], cksum 0x9210 (correct), seq 3948802924, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s}@.......2C..2=#?#Z.].l........................
14:33:36.456047 IP (tos 0x0, ttl 128, id 29566, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9024 > 172.21.50.61.9050: Flags [S], cksum 0x1698 (correct), seq 2884349526, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s~@.......2C..2=#@#Z...V........................
14:33:38.195835 IP (tos 0x0, ttl 128, id 29567, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9023 > 172.21.50.61.9050: Flags [S], cksum 0x9210 (correct), seq 3948802924, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#?#Z.].l........................
14:33:38.473690 IP (tos 0x0, ttl 128, id 29568, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9024 > 172.21.50.61.9050: Flags [S], cksum 0x1698 (correct), seq 2884349526, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#@#Z...V........................
14:33:40.192564 IP (tos 0x0, ttl 128, id 29569, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9025 > 172.21.50.61.9050: Flags [S], cksum 0x9ab2 (correct), seq 1802988207, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#A#Zkwj.........................
14:33:40.458446 IP (tos 0x0, ttl 128, id 29570, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9026 > 172.21.50.61.9050: Flags [S], cksum 0x3d81 (correct), seq 2120529138, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#B#Z~d..........=...............
14:33:41.210715 IP (tos 0x0, ttl 128, id 29571, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9025 > 172.21.50.61.9050: Flags [S], cksum 0x9ab2 (correct), seq 1802988207, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#A#Zkwj.........................
14:33:41.466125 IP (tos 0x0, ttl 128, id 29572, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9026 > 172.21.50.61.9050: Flags [S], cksum 0x3d81 (correct), seq 2120529138, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#B#Z~d..........=...............
14:33:43.228385 IP (tos 0x0, ttl 128, id 29573, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9025 > 172.21.50.61.9050: Flags [S], cksum 0x9ab2 (correct), seq 1802988207, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#A#Zkwj.........................
14:33:43.481248 IP (tos 0x0, ttl 128, id 29574, offset 0, flags [DF], proto TCP (6), length 52)
    172.21.50.67.9026 > 172.21.50.61.9050: Flags [S], cksum 0x3d81 (correct), seq 2120529138, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4s.@.......2C..2=#B#Z~d..........=...............
What is your opinion?

I restored the Tor settings to the previous state:

Code: Select all

SocksPolicy accept *
SocksPort 0.0.0.0:9050
DataDirectory /var/lib/tor
In Firefox I set SOCKS Host to 172.21.50.61 and Port to 9050 and refreshed the Firefox page, but I got the same result.

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] Configure Tor as a listening proxy server

#16 Post by Aki »

Perhaps something related to windows
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] Configure Tor as a listening proxy server

#17 Post by hack3rcon »

Aki wrote: 2023-06-18 11:50 Perhaps something related to windows
Hello,
Thank you again.
If you remember, I tested via a real Windows (not a VM) too and I got the same result.
Can you test it yourself? Install tor on your Linux Box and install a Windows VM and test it.

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: [Software] Configure Tor as a listening proxy server

#18 Post by Aki »

hack3rcon wrote: 2023-06-18 13:49 Can you test it yourself? Install tor on your Linux Box and install a Windows VM and test it.
Sorry, I can’t install Windows
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] Configure Tor as a listening proxy server

#19 Post by hack3rcon »

Aki wrote: 2023-06-18 13:51
hack3rcon wrote: 2023-06-18 13:49 Can you test it yourself? Install tor on your Linux Box and install a Windows VM and test it.
Sorry, I can’t install Windows
In your opinion, what is the problem? Should I do a port forwarding or...? I don't know if what I'm doing is running a Tor server, a relay or something. What should I search on Google? Can you show me a tutorial?

hack3rcon
Posts: 746
Joined: 2015-02-16 09:54
Has thanked: 48 times

Re: [Software] Configure Tor as a listening proxy server

#20 Post by hack3rcon »

Hello,
The problem is partially solved.
This was because of the third iptables rule:

Code: Select all

REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
I removed it:

Code: Select all

$ sudo iptables -D INPUT 3
$ sudo iptables-save 
Then, I could ping my Linux host and Netcat worked too:

Code: Select all

C:\> ping 172.21.50.61

Pinging 172.21.50.61 with 32 bytes of data:
Reply from 172.21.50.61: bytes=32 time<1ms TTL=127
Reply from 172.21.50.61: bytes=32 time<1ms TTL=127
Reply from 172.21.50.61: bytes=32 time<1ms TTL=127
Reply from 172.21.50.61: bytes=32 time<1ms TTL=127

Ping statistics for 172.21.50.61:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>
C:\> ncat 172.21.50.61 -v 9050
Ncat: Version 7.93 ( https://nmap.org/ncat )
libnsock ssl_init_helper(): OpenSSL legacy provider failed to load.

Ncat: Connected to 172.21.50.61:9050.
I changed the Tor configuration as below:

Code: Select all

SocksPort 172.21.50.61:9050
SocksPolicy accept 172.21.50.0/25
RunAsDaemon 1
DataDirectory /var/lib/tor
Then, restarted the Tor service and it worked.

Why with the following configuration, the Tor didn't work:

Code: Select all

SocksPolicy accept *
SocksPort 0.0.0.0:9050
DataDirectory /var/lib/tor
When I use SocksPort 0.0.0.0:9050, then Tor accepts all connections. Am I wrong?

Post Reply