Page MenuHomePhabricator

document Tor Browser local connections workaround
Closed, InvalidPublic


Tor Browser Local Connections situation is a mess. With no sane (fingerprinting issue free) documented workaround.

In T291#5255, @HulaHoop wrote:

Or maybe we can use something like rinetd somehow for a safer solution.

Interesting idea. For example, the yacy (or i2p) webinterface could bind to<some-port> (the default, no magic). rinetd (or so) could listen on<some-port> and forward to<some-port>.


  • research if that works
  • add to documentation
  • bonus: (Disadvantage: other workstations can connect to the service listening on A warning needs to be added. But perhaps a separate, virtual, firewalled interface could be added for that purpose.)



Event Timeline

Patrick created this task.Jun 6 2015, 3:46 AM
Patrick raised the priority of this task from to Normal.
Patrick updated the task description. (Show Details)
Patrick set Impact to Normal.
Patrick added subscribers: Patrick, HulaHoop, nrgaway, mfc.
Patrick closed this task as Invalid.Jun 6 2015, 3:56 AM
Patrick claimed this task.

That particular idea of mine is most likely a dead end. Just tried to connect to a webserver listening on using Tor Browser. Didn't work. Tor Browser knows it's a local IP and rejects it. Therefore also the whole redirection thing won't work.

But perhaps iptables magic can do? We could define a fake external IP and then use iptables to redirect to Just brainstorming. Probably also won't work. iptables can't redirect to That's what redirectors such as rinetd are for. Also if this were to work, we'd be back with the same fingerprinting issues which Tor Browser wants to defend against by blocking local connections in the first place. So probably not worth it. We'd have the same effect by allowing local connections in Tor Browser in the first place. And the same fingerprinting issues.

Therefore closing this. Anyone feel free to reopen if you have some other solution in mind.