[tahoe-dev] tahoe vs firefox vs TorButton: "This address is restricted"

Brian Warner warner-tahoe at allmydata.com
Sat Aug 23 11:53:38 PDT 2008 

Just yesterday, my web browser (firefox 2) started refusing to let me
connect to my local tahoe node (running on port 8123), with an annoying
message that looks like this:

  This address is restricted

  This address uses a network port which is normally used for purposes
  other than Web browsing. Iceweasel has canceled the request for your
  protection.

I hadn't installed anything new, and I hadn't even restarted the
browser since the last time I successfully used tahoe.

It turns out that I *did* push the "TorButton" switch for the first
time. (Torbutton is a firefox extension that enables/disables the use
of the Tor onion-routing anonymizing proxy). Doing this caused the
following pair of config settings to appear in my about:config list:

 extensions.torbutton.banned_ports    8118,8123,9050,9051
 network.security.ports.banned        8118,8123,9050,9051

As best I can tell, 8118 is the default port for the 'privoxy'
HTTP-cleaning proxy program, 8123 is at least a suggested port for the
'polipo' proxy program (same role as privoxy), 9050 is the socks4a port
for Tor itself, and 9051 might be the Tor control port.

This list of banned ports is intended to prevent web pages from give
you URLs that would contact these local services directly and perhaps
cause some harm.

So, if you're using Polipo and Tahoe at the same time, you'll need to
move one of them to a different port. The easiest is to move Tahoe to
a different port, perhaps 8124, by writing
"tcp:8124:interface=127.0.0.1" into the BASEDIR/webport file. This will
also avoid the firefox banned_ports entry.

You could also move polipo to a different port, leave tahoe where it
is, and modify both firefox/torbutton config entries to remove 8123
from the banned list (and probably add whatever port you moved polipo
to).

If you're using Tor/Torbutton and Tahoe at the same time (but not
polipo), you can just remove 8123 from the firefox banned_ports config
entries. Note that it looks like you have to restart firefox to make
this take effect.

Firefox (particularly firefox 3) has made some changes, some of them
pretty annoying, in the name of "security". Fortunately this instance
appears to be caused by the use of Torbutton and not something in
firefox itself.


cheers,
 -Brian

More information about the tahoe-dev mailing list