Strange proxy issue - connected via same IP as node? #12641

1. 
   Willtech commented at 0:19 am on March 8, 2018: contributor

   v0.16.0 on Fedora 27

   I have configured to use Tor as a proxy but occasionally find nodes that seem to be directly connected. In my bitcoin.conf I have the following:

   proxy=127.0.0.1:9050
   listen=1
   bind=127.0.0.1
   bind=192.168.124.1 {for internal connection from gnome-boxes nodes - public IP is not on this interface}
   

   But, as is shown in the screenshot for node 229 this does not seem to be the case.

   

2. 
   Willtech commented at 0:25 am on March 8, 2018: contributor

   Could Bitcoin Core be not using the proxy configuration for connection to this node? Could it just be that the exit node is also a bitcoin node? Is Tor smart enough to route directly to the node for a non-onion connection, seems pretty unlikely by chance if that is it?
3. 
   Willtech commented at 2:25 pm on March 11, 2018: contributor

   And another one:

   

4. fanquake added the label P2P on Mar 11, 2018
5. 
   Willtech commented at 8:28 pm on March 22, 2018: contributor

   Here is the getpeerinfo for another one:

   {
       "id": 311,
       "addr": "107.167.177.83:8333",
       "addrlocal": "107.167.177.83:8333",
       "addrbind": "127.0.0.1:34280",
       "services": "000000000000040d",
       "relaytxes": true,
       "lastsend": 1521750282,
       "lastrecv": 1521750285,
       "bytessent": 43112,
       "bytesrecv": 4892225,
       "conntime": 1521724534,
       "timeoffset": -1,
       "pingtime": 1.426842,
       "minping": 0.838064,
       "version": 70015,
       "subver": "/Satoshi:0.16.0/",
       "inbound": false,
       "addnode": false,
       "startingheight": 514672,
       "banscore": 0,
       "synced_headers": 514718,
       "synced_blocks": 514718,
       "inflight": [
       ],
       "whitelisted": false,
       "bytessent_per_msg": {
         "addr": 22060,
         "feefilter": 32,
         "getaddr": 24,
         "getblocktxn": 5730,
         "getdata": 122,
         "getheaders": 1021,
         "headers": 106,
         "ping": 6784,
         "pong": 6880,
         "sendcmpct": 165,
         "sendheaders": 24,
         "verack": 24,
         "version": 140
       },
       "bytesrecv_per_msg": {
         "addr": 37502,
         "blocktxn": 2329675,
         "cmpctblock": 55387,
         "feefilter": 32,
         "headers": 4770,
         "inv": 2450955,
         "ping": 6880,
         "pong": 6784,
         "sendcmpct": 66,
         "sendheaders": 24,
         "verack": 24,
         "version": 126
       }
   

6. 
   Willtech commented at 12:22 pm on April 20, 2018: contributor

   @fanquake is there a tag for privacy?
7. fanquake added the label Privacy on Apr 20, 2018
8. 
   maflcko commented at 5:30 pm on May 18, 2018: member

   listen=1

   My understanding is that by setting listen, you accept (direct) connections from outside.

9. 
   Willtech commented at 10:13 am on June 4, 2018: contributor

   @MarcoFalke It only does onion listening on my setup - ports are not forwarded. I think you can see that line: "inbound": false, plus public IP is not available on the bound interfaces.
10. 
    Willtech commented at 11:09 am on October 9, 2018: contributor

    The issue is still present v0.17.0rc4

     0    "id": 20,
     1    "addr": "35.185.143.8:8333",
     2    "addrlocal": "35.185.143.8:8333",
     3    "addrbind": "127.0.0.1:51578",
     4    "services": "000000000000040d",
     5    "relaytxes": true,
     6    "lastsend": 1539082905,
     7    "lastrecv": 1539082905,
     8    "bytessent": 734070,
     9    "bytesrecv": 1369869,
    10    "conntime": 1539073018,
    11    "timeoffset": 0,
    12    "pingtime": 1.978006,
    13    "minping": 0.866065,
    14    "version": 70015,
    15    "subver": "/Satoshi:0.16.3/",
    16    "inbound": false,
    17    "addnode": false,
    18    "startingheight": 544992,
    19    "banscore": 0,
    20    "synced_headers": 545002,
    21    "synced_blocks": 545002,
    22    "inflight": [
    23    ],
    24    "whitelisted": false,
    25    "bytessent_per_msg": {
    26      "addr": 12360,
    27      "feefilter": 32,
    28      "getaddr": 24,
    29      "getdata": 82494,
    30      "getheaders": 1053,
    31      "inv": 631680,
    32      "ping": 2656,
    33      "pong": 2656,
    34      "reject": 861,
    35      "sendcmpct": 66,
    36      "sendheaders": 24,
    37      "verack": 24,
    38      "version": 140
    39    },
    40    "bytesrecv_per_msg": {
    41      "addr": 33447,
    42      "feefilter": 32,
    43      "headers": 1166,
    44      "inv": 639439,
    45      "notfound": 14254,
    46      "ping": 2656,
    47      "pong": 2656,
    48      "sendcmpct": 66,
    49      "sendheaders": 24,
    50      "tx": 675979,
    51      "verack": 24,
    52      "version": 126
    53    }
    54  },
    

    bitcoin.conf.zip

11. 
    Jagkree commented at 8:41 am on November 30, 2018: none

    Thank you ผมอยากให้มี 3-4 คน เป็นผู้เข้าร่วมหลักด้วยกัน โดยเฉพาะ คนที่ผมมาฝากprojectนี้คนแรกแล้วก้คนอื่นๆที่ถือร่วมกัน และจะได้มีความปลอดภัยเพิ่มขึ้นด้วย ในกรณีโดนแฮ้กจะได้ช่วยกันได้ทัน ผมจะให้สิทธิ์ ก่อสร้างก่อตั้งร่วมกัน
12. 
    Willtech commented at 10:44 pm on November 30, 2018: contributor

    Any reply? Will the issue be ever investigated? @TheBlueMatt
13. 
    Willtech commented at 2:16 pm on April 23, 2019: contributor

    Still an issue in v0.18.0rc4
    I have the following in /etc/tor/torrc EnforceDistinctSubnets 1 and default is 1 anyway. Could it be the tor exit node is the bitcoin node? If it is and can be demonstrated then no issue and this can be closed.
14. 
    Willtech commented at 3:27 am on May 9, 2020: contributor

    Still an issue with v18.1
15. 
    sipa commented at 4:17 pm on October 17, 2020: member

    Can you restate the full configuration you’re using including command line options? Any onlynet settings in particular?
16. 
    Saibato commented at 9:45 pm on October 17, 2020: contributor

    @Willtech @sipa AFAICS since -proxy set all types of addresses even ipv4.6 to route over Tor, what will look like normal ipv4/6 outbound connection in the listview there is nothing special if Tor socks5 outbound is used since we connect directly over the sock5 proxy to the other nodes and the Tor socks proxy has this smart feature to even connect to the seeders names. if u add -onion not much changes since with proxy all is set to route incl onion over Tor even the DNS requests as plain socks5 name resolving at the Tor exit and then node connects to the other node like it was direct over tcp/ip. you wont see a difference.

    So #19358 fixes some proxy setting issues, but i also can not see anything special here. other would be if u set -onlynet=onion and see that,

    Or in case u had also entrys like -seednode=x.x.x.x then u correct to wonder why the nodes does ipv4 if we had set -onlynet=onion that could be and is strange and ugly and could be seen as bug/ But is an other issue not yet fixed and disclosed regarding seeding in general And sure its a mess since that could dox the onions… Maybe i add a fix even for that to the PR so thx fro report/ But please add your full configuration so we could check if that was the reason.

    btw: the main motivation for #19358 was that -torcontrol is overruled by the default proxy and if u set onlynet=ipv4 you could see also Tor onions connected outbound.

17. 
    Willtech commented at 10:32 pm on October 17, 2020: contributor

    Normal:
    

    Not normal:
    

18. 
    Saibato commented at 10:36 pm on October 17, 2020: contributor

    thx, ah i see, hmm… have to check, whats the reason. btw; this phenomena is also without any use of Tor, so its unrelated to -proxy settings. I check now what conditions must be met to fill the strings with what info and if that;s always the real nodes info or a good fitting guess.
19. 
    Willtech commented at 10:37 pm on October 17, 2020: contributor

      0# Generated by https://jlopp.github.io/bitcoin-core-config-generator/
      1
      2# This config should be placed in following path:
      3# ~/.bitcoin/bitcoin.conf
      4
      5# [core]
      6# Only download and relay blocks - ignore unconfirmed transaction
      7blocksonly=0
      8
      9# Specify a non-default location to store blockchain and other data.
     10#datadir=
     11
     12# Set database cache size in megabytes; machines sync faster with a larger cache. Recommend setting as high as possible based upon machine's available RAM.
     13dbcache=2048
     14
     15# Keep the transaction memory pool below <n> megabytes.
     16maxmempool=900
     17
     18# Do not keep transactions in the mempool longer than <n> hours.
     19mempoolexpiry=2160
     20
     21# Reduce storage requirements by only storing most recent N MiB of block. This mode is incompatible with -txindex and -rescan. WARNING: Reverting this setting requires re-downloading the entire blockchain. (default: 
     220 = disable pruning blocks, 1 = allow manual pruning via RPC, greater than 550 = automatically prune blocks to stay under target size in MiB).
     23prune=8192
     24
     25# Maintain a full transaction index, used by the getrawtransaction rpc call.
     26#txindex=1
     27
     28
     29# [network]
     30# Add a node IP address to connect to and attempt to keep the connection open. This option can be set multiple times.
     31#addnode=10.0.0.3
     32#seednode=wxvp2d4rspn7tqyu.onion
     33#seednode=bk5ejfe56xakvtkk.onion
     34#seednode=bpdlwholl7rnkrkw.onion
     35#seednode=hhiv5pnxenvbf4am.onion
     36#seednode=4iuf2zac6aq3ndrb.onion
     37#seednode=nkf5e6b7pl4jfd4a.onion
     38#seednode=xqzfakpeuvrobvpj.onion
     39#seednode=tsyvzsqwa2kkf6b2.onion
     40#addnode=seed.bitcoin.sipa.be
     41#addnode=dnsseed.bluematt.me
     42#addnode=dnsseed.bitcoin.dashjr.org
     43#addnode=seed.bitcoinstats.com
     44#addnode=seed.bitcoin.jonasschnelli.ch
     45#addnode=seed.btc.petertodd.org
     46#addnode=bitcoin.everynothing.net
     47#addnode=gyn2vguc35viks2b.onion
     48#addnode=kvd44sw7skb5folw.onion
     49#addnode=nkf5e6b7pl4jfd4a.onion
     50#addnode=yu7sezmixhmyljn4.onion
     51#addnode=3ffk7iumtx3cegbi.onion
     52#addnode=3nmbbakinewlgdln.onion
     53#addnode=4j77gihpokxu2kj4.onion
     54#addnode=546esc6botbjfbxb.onion
     55#addnode=5at7sq5nm76xijkd.onion
     56#addnode=77mx2jsxaoyesz2p.onion
     57#addnode=7g7j54btiaxhtsiy.onion
     58#addnode=a6obdgzn67l7exu3.onion
     59#addnode=ab64h7olpl7qpxci.onion
     60#addnode=am2a4rahltfuxz6l.onion
     61#addnode=azuxls4ihrr2mep7.onion
     62#addnode=bitcoin7bi4op7wb.onion
     63#addnode=bitcoinostk4e4re.onion
     64#addnode=bk7yp6epnmcllq72.onion
     65#addnode=bmutjfrj5btseddb.onion
     66#addnode=ceeji4qpfs3ms3zc.onion
     67#addnode=clexmzqio7yhdao4.onion
     68#addnode=gb5ypqt63du3wfhn.onion
     69#addnode=h2vlpudzphzqxutd.onion
     70#addnode=n42h7r6oumcfsbrs.onion:4176
     71#addnode=ncwk3lutemffcpc4.onion
     72#addnode=okdzjarwekbshnof.onion
     73#addnode=pjghcivzkoersesd.onion
     74#addnode=rw7ocjltix26mefn.onion
     75#addnode=uws7itep7o3yinxo.onion
     76#addnode=vk3qjdehyy4dwcxw.onion
     77#addnode=vqpye2k5rcqvj5mq.onion
     78#addnode=wpi7rpvhnndl52ee.onion
     79
     80# Threshold for disconnecting misbehaving peers.
     81banscore=10
     82
     83# Number of seconds to keep misbehaving peers from reconnecting.
     84bantime=31535968
     85
     86# Bind to given address and always listen on it. Use [host]:port notation for IPv6.
     87bind=127.0.0.1
     88#bind=192.168.1.100
     89
     90# Maintain at most N connections to peers.
     91maxconnections=20
     92# Connect through <ip:port> SOCKS5 proxy.
     93proxy=127.0.0.1:9050
     94# Use separate SOCKS5 proxy <ip:port> to reach peers via Tor hidden services.
     95onion=127.0.0.1:9050
     96# Use only Onion
     97# onlynet=onion
     98
     99# Bind to given address and whitelist peers connecting to it. Use [host]:port notation for IPv6.
    100#whitebind=192.168.124.1:8333
    101
    102# Tries to keep outbound traffic under the given target (in MiB per 24h), 0 = no limit.
    103maxuploadtarget=500
    104
    105# [debug]
    106
    107# Log IP Addresses in debug output.
    108logips=1
    109
    110# [wallet]
    111# Do not load the wallet and disable wallet RPC calls.
    112#disablewallet=1
    113#addresstype=legacy
    114# Bech32
    115changetype=bech32
    

20. 
    Willtech commented at 10:54 pm on November 25, 2021: contributor

    This is still an issue in v0.21.2 This is with socks proxy configured.
21. 
    geovex commented at 9:12 pm on November 20, 2022: none

    For those, who still interested. I had these: But monitoring my connections with ss shows only tor-proxy connections.

    However be aware that addnode or connect can bypass proxy.

22. 
    Willtech commented at 2:58 pm on December 11, 2022: contributor

    Woluld it be too much to consider if the application does this by design to attempt not to be trapped in a netsplit? I would find it an acceptable answer just bad for privacy.
23. Willtech closed this on Dec 11, 2022

    ---

24. 
    Willtech commented at 2:58 pm on December 11, 2022: contributor

    I don’t know why it closed…?
25. bitcoin locked this on Dec 11, 2023

Contributors
Willtech maflcko Jagkree sipa Saibato geovex

Labels
P2P Privacy