Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why do I get "SOCKS connection failed. Connection not allowed by ruleset" for some .onion sites?

Tags:

node.js

tor

socks

I'm experimenting with Node and socks5-https-client. For some reason, certain Tor hidden service (.onion) sites return with a connection error.

For example, connecting to DuckDuckGo (3g2upl4pq6kufc4m.onion) works and returns HTML.

However, connecting to The Pirate Bay (uj3wazyk5u4hnvtk.onion) or TORCH (xmh57jrzrnw6insl.onion) returns...

Error: SOCKS connection failed. Connection not allowed by ruleset.

What does this error mean? How can I avoid it?

Here's code to reproduce it:

var shttps = require('socks5-https-client');

shttps.get({
    hostname: '3g2upl4pq6kufc4m.onion',
    path: '',
    socksHost: '127.0.0.1',
    socksPort: 9150,
    rejectUnauthorized: false
}, function(res) {
    res.setEncoding('utf8');
    res.on('readable', function() {
        console.log(res.read()); // Log response to console.
    });
});

The error seems to be caused by a 0x02 value in field 2 of the server response.

like image 466
maelswarm Avatar asked Mar 20 '15 20:03

maelswarm

1 Answers

In summary

The servers you're failing to access don't support HTTPS. In other words, their port 443 is closed. Tor's error message is unhelpful.

If your security needs permit it, you can fix this by falling back to socks5-http-client.

Steps I took to conclude that

Your code got me the same results on 64-bit Linux with Tor 0.2.5.10, socks5-https-client 1.0.1, Node 0.12.0.

I grepped socks5-https-client's codebase for the error and got a hit in the dependency socks5-client on this line. It translates the underlying SOCKS connection's error code to a human-readable message. Wikipedia's explanation of SOCKS5 error codes lines up with that, but is similarly unhelpfully vague

I found a related Tor bug report from 5 years ago complaining about a similar error, from the same type of SOCKS connection. Turns out the error just means the server rejected your connection.

Just to confirm, I tcpinged TPB on port 443 (HTTPS) through Tor. It doesn't reply to TCP SYN, and fails with the same consistently confusing error:

$ torify tcping uj3wazyk5u4hnvtk.onion 443
[Mar 22 22:40:59] ERROR torsocks[18560]: Connection not allowed by ruleset (in socks5_recv_connect_reply() at socks5.c:520)
error: uj3wazyk5u4hnvtk.onion port 443: Software caused connection abort

Their port 80 (HTTP) replies though:

$ torify tcping uj3wazyk5u4hnvtk.onion 80
uj3wazyk5u4hnvtk.onion port 80 open.

Consequently, your code works for me if I use socks5-http-client instead of socks5-https-client.

like image 118
Anko Avatar answered Oct 31 '22 16:10

Anko
Sign in to Comment

Related questions

throttle per url in node.js restify
In node.js, how do I get the Content-Length header in response to http.get()?
socket.io client connection cannot be made on the 2nd time
Get node.js neDB data into a variable
Node.js: require() and MODULE_NOT_FOUND
Global scope for every request in NodeJS Express
npm command not found after restart
nodejs/express and binary data in POST
Mocha Global Scoping Issues
Clarification of the --save option for npm install
Inherit attributes and lifecycle functions of Sails.js models
How to embed and write mongo objects in Sails.js (more than one level deep)?
MongoDB Bulk Insert where many documents already exist
Securing a nodejs / sailsjs API with OAuth2
How to expose 'require' to the browser when using browserify from within gulp?
Is it necessary to use Forever.js on OpenShift?
How to use gulp to inject to an html file the links for the installed Bower packages
Nodejs Express 4 Multer | Stop file upload if user not authorized
`npm link --save` does not update dependencies on my package.json
What is return type of db.collection.find() in mongodb

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!