为什么我得到“SOCKS 连接失败.规则集不允许连接"对于某些 .onion 网站? [英] Why do I get "SOCKS connection failed. Connection not allowed by ruleset" for some .onion sites?
问题描述
我正在试验 Node 和 socks5-https-client.出于某种原因,某些 Tor 隐藏服务 (.onion
) 站点返回连接错误.
例如,连接到 DuckDuckGo (3g2upl4pq6kufc4m.onion
) 工作并返回 HTML.
但是,连接到海盗湾 (uj3wazyk5u4hnvtk.onion
) 或 TORCH (xmh57jrzrnw6insl.onion
) 返回...
错误:SOCKS 连接失败.规则集不允许连接.
这个错误是什么意思?我怎样才能避免它?
<小时>这是重现它的代码:
var shttps = require('socks5-https-client');shttps.get({主机名:'3g2upl4pq6kufc4m.onion',小路: '',袜子主机:'127.0.0.1',袜子端口:9150,拒绝未授权:假},功能(资源){res.setEncoding('utf8');res.on('可读', function() {console.log(res.read());//将响应记录到控制台.});});
该错误似乎是由服务器响应的字段 2 中的 0x02
值引起的.
总结
您无法访问的服务器不支持 HTTPS.换句话说,它们的端口 443 已关闭.Tor 的错误消息没有帮助.
如果您的安全需要允许,您可以退回到 socks5-http-客户.
得出结论的步骤
您的代码在带有 Tor 0.2.5.10、socks5-https-client 1.0.1、Node 0.12.0 的 64 位 Linux 上得到了相同的结果.
我 我发现 5 年前的相关 Tor 错误报告抱怨类似的错误,来自相同类型的 SOCKS 连接.原来错误只是意味着服务器拒绝了您的连接. 为了确认,我 他们的 80 端口 (HTTP) 会回复: 因此,如果我使用 socks5-http-client,您的代码对我有用而不是socks5-https-client. I'm experimenting with Node and socks5-https-client. For some reason, certain Tor hidden service ( For example, connecting to DuckDuckGo ( However, connecting to The Pirate Bay ( Error: SOCKS connection failed. Connection not allowed by ruleset. What does this error mean? How can I avoid it? Here's code to reproduce it: The error seems to be caused by a The servers you're failing to access don't support HTTPS. In other words, their port 443 is closed. Tor's error message is unhelpful. If your security needs permit it, you can fix this by falling back to socks5-http-client. Your code got me the same results on 64-bit Linux with Tor 0.2.5.10, socks5-https-client 1.0.1, Node 0.12.0. I I found a related Tor bug report from 5 years ago complaining about a similar error, from the same type of SOCKS connection. Turns out the error just means the server rejected your connection. Just to confirm, I Their port 80 (HTTP) replies though: Consequently, your code works for me if I use socks5-http-client instead of socks5-https-client. 这篇关于为什么我得到“SOCKS 连接失败.规则集不允许连接"对于某些 .onion 网站?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!grep
ped socks5-https-client
的代码库中的错误并在依赖项 socks5-client
tcping
通过 Tor 在端口 443 (HTTPS) 上编辑了 TPB.它不回复 TCP
SYN
,并且失败并出现同样令人困惑的错误:$ torify tcping uj3wazyk5u4hnvtk.onion 443[Mar 22 22:40:59] 错误 torsocks[18560]:规则集不允许连接(在 socks5_recv_connect_reply() at socks5.c:520)错误:uj3wazyk5u4hnvtk.onion 端口 443:软件导致连接中止
$ torify tcping uj3wazyk5u4hnvtk.onion 80uj3wazyk5u4hnvtk.onion 端口 80 打开.
.onion
) sites return with a connection error.3g2upl4pq6kufc4m.onion
) works and returns HTML.uj3wazyk5u4hnvtk.onion
) or TORCH (xmh57jrzrnw6insl.onion
) returns...
var shttps = require('socks5-https-client');
shttps.get({
hostname: '3g2upl4pq6kufc4m.onion',
path: '',
socksHost: '127.0.0.1',
socksPort: 9150,
rejectUnauthorized: false
}, function(res) {
res.setEncoding('utf8');
res.on('readable', function() {
console.log(res.read()); // Log response to console.
});
});
0x02
value in field 2 of the server response.In summary
Steps I took to conclude that
grep
ped socks5-https-client
's codebase for the error and got a hit in the dependency socks5-client
on this line. It translates the underlying SOCKS connection's error code to a human-readable message. Wikipedia's explanation of SOCKS5 error codes lines up with that, but is similarly unhelpfully vaguetcping
ed TPB on port 443 (HTTPS) through Tor. It doesn't reply to TCP
SYN
, and fails with the same consistently confusing error:$ torify tcping uj3wazyk5u4hnvtk.onion 443
[Mar 22 22:40:59] ERROR torsocks[18560]: Connection not allowed by ruleset (in socks5_recv_connect_reply() at socks5.c:520)
error: uj3wazyk5u4hnvtk.onion port 443: Software caused connection abort
$ torify tcping uj3wazyk5u4hnvtk.onion 80
uj3wazyk5u4hnvtk.onion port 80 open.