From Newsgroup: news.software.nntp

I know how to configure TOR and INN behind a hidden service address.

What I don't know is how to prevent DNS host/IP leakage from INN.

Do any INN component(s) bypass inn.conf to report the actual IP and hostname from DNS or /etc/hosts?

If there is any IP or hostname leakage how might I configure to prevent this?

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On 11.09.25 04:14, Soul Patch wrote:

I know how to configure TOR and INN behind a hidden service address.

What I don't know is how to prevent DNS host/IP leakage from INN.

Do any INN component(s) bypass inn.conf to report the actual IP and hostname from DNS or /etc/hosts?

If there is any IP or hostname leakage how might I configure to prevent this?

What is IP or hostname leakage? To whom should it leak to?

INN needs connections from/to other peers via ip or dns.
You most likely will not find anyone here peering via TOR.
You can connect readers via TOR and that's it.
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On Thu, 11 Sep 2025 11:29:30 +0100
"Billy G." <contact-5c2e-000@pugleaf.net> wrote:

On 11.09.25 04:14, Soul Patch wrote:

I know how to configure TOR and INN behind a hidden service address.

What I don't know is how to prevent DNS host/IP leakage from INN.

Do any INN component(s) bypass inn.conf to report the actual IP and hostname from DNS or /etc/hosts?

If there is any IP or hostname leakage how might I configure to prevent this?

What is IP or hostname leakage? To whom should it leak to?

IP and hostname are set in the INN configuration by the admin. In that area the hostname would be set to the TOR .onion address. INN would need to be configured to use the TOR DNS port for resolving .onion hostnames. This is the most important part of preventing address leakage.

Leakage would occur if INN responded to a client or peer with the ARPA IP or hostname instead of the .onion hostname given in the configuration.

INN needs connections from/to other peers via ip or dns.
You most likely will not find anyone here peering via TOR.

This doesn't matter. What matters is the task of preventing the clearnet IP or domain from being leaked over the TOR connections.

You can connect readers via TOR and that's it.

What I can and can't do is a matter of obtaining the right knowledge. Unless INN is specifically designed with the purpose of being anti-proxy, then there is very likely some way to force it to connect and resolve via TOR. It is just a matter of figuring out how.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On Wed, 10 Sep 2025 22:14:51 -0500
Soul Patch <soul.patch@127.0.0.1> wrote:

I know how to configure TOR and INN behind a hidden service address.

What I don't know is how to prevent DNS host/IP leakage from INN.

Do any INN component(s) bypass inn.conf to report the actual IP and hostname from DNS or /etc/hosts?

If there is any IP or hostname leakage how might I configure to prevent this?

If I configure shell proxy variables in ${PATHNEWS}/innshellvars will the INN binaries honor and use those proxy variables?



--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On Thu, 11 Sep 2025 16:03:34 -0500
Soul Patch <soul.patch@127.0.0.1> wrote:

On Wed, 10 Sep 2025 22:14:51 -0500
Soul Patch <soul.patch@127.0.0.1> wrote:

I know how to configure TOR and INN behind a hidden service address.

What I don't know is how to prevent DNS host/IP leakage from INN.

Do any INN component(s) bypass inn.conf to report the actual IP and hostname from DNS or /etc/hosts?

If there is any IP or hostname leakage how might I configure to prevent this?

If I configure shell proxy variables in ${PATHNEWS}/innshellvars will the INN binaries honor and use those proxy variables?

I think proxying everything over TOR can be done with port forwarding. All the methods in mind are a mite convoluted. I could use iptables or other firewalls like firewalld or ufw. I could use socat. I'm sad that the old onioncat and garlicat are no longer in Debian stable because they would make it simpler. Whatever I use needs to be in Debian stable unless it is world-class amazing software which might grant an exception.

If I use socat I can set up a systemd service to respawn if there is a broken pipe or glitch. This way the anti-leakage measure is secure even if some other software changes the firewall settings while the system is running. Each way I have investigated is a bit convoluted.

I had the idea to run two separate instances of TOR on different ports, using socat on another port to shuttle outgoing feeds to another TOR peer. If anyone has ideas to try I am ready to have at it.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On 11.09.25 21:54, Soul Patch wrote:

It is just a matter of figuring out how.

Setting up incoming "reader" connections via TOR hidden service is easy.
You only have to make sure they arrive via a local ip or interface that
works with ACL and is not 127.0.0.1.
this can be done with haproxy:
``` haproxy.cfg
frontend nntp1563
mode tcp
bind :::1119
bind :::1563 ssl crt /etc/haproxy/fully.pem
default_backend local119b

backend local119b
mode tcp
source 172.16.9.136
server reader-nyc-vlan 172.16.9.136:119 maxconn 128
```
EOF haproxy.cfg

To get incoming peering working you'd have to setup unique hidden
services for every of your peers and route each of them to a unique
haproxy frontend port which maps to a unique backend with a unique
local/vlan as source ip or setting up incoming.conf will not work.

Now figure out how to connect INNfeed via TOR socks to other peers,
where each of your peers needs it's own .onion address and haproxy setup
to have ACL/incoming.conf working
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On 12.09.25 11:27, Billy G. wrote:

On 11.09.25 21:54, Soul Patch wrote:

It is just a matter of figuring out how.

Setting up incoming "reader" connections via TOR hidden service is easy.
You only have to make sure they arrive via a local ip or interface that
works with ACL and is not 127.0.0.1.
this can be done with haproxy:
``` haproxy.cfg
frontend nntp1563
mode tcp
bind :::1119
bind :::1563 ssl crt /etc/haproxy/fully.pem
default_backend local119b

backend local119b
mode tcp
source 172.16.9.136
server reader-nyc-vlan 172.16.9.136:119 maxconn 128
```
EOF haproxy.cfg

To get incoming peering working you'd have to setup unique hidden
services for every of your peers and route each of them to a unique
haproxy frontend port which maps to a unique backend with a unique
local/vlan as source ip or setting up incoming.conf will not work.

Now figure out how to connect INNfeed via TOR socks to other peers,
where each of your peers needs it's own .onion address and haproxy setup
to have ACL/incoming.conf working

AI says:

**Network-level transparent proxy**
Set up iptables rules to redirect traffic:
```bash
# Redirect innfeed traffic through a transparent proxy
iptables -t nat -A OUTPUT -p tcp --dport 119 -j REDIRECT --to-port 8080
```

OR

**Using socat or ssh tunneling**
Create local ports that forward through proxy:
```bash
# SSH tunnel example
ssh -L 11900:target-news-server:119 proxy-server

OR

**Using tsocks**
Similar to proxychains but older:
```bash
# Configure /etc/tsocks.conf
server = 127.0.0.1
server_port = 9050
server_type = 5
# Run with tsocks
tsocks innfeed -c /etc/news/innfeed.conf
```

OR

**Using proxychains or proxychains-ng**
This is probably the most straightforward method:
```bash
# Install proxychains-ng
sudo apt-get install proxychains-ng # Debian/Ubuntu
sudo yum install proxychains-ng # RHEL/CentOS
# Configure /etc/proxychains.conf
[ProxyList]
socks5 127.0.0.1 9050 # For Tor
# or
socks5 proxy.example.com 1080 # For other SOCKS5 proxies
# Run innfeed through proxychains
proxychains innfeed -c /etc/news/innfeed.conf
```

## **Recommended approach:**
For most use cases, **proxychains-ng** is the easiest and most reliable
method. It works transparently with innfeed without requiring any
changes to INN2 configuration.

The key is to modify your INN2 startup scripts to launch innfeed through
the proxy wrapper instead of directly. You'll need to update `/etc/news/newsfeeds` or your init scripts accordingly.

Would you like me to elaborate on any of these approaches or help with
specific configuration details?
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On 12.09.25 21:46, Billy G. wrote:

AI says:
...

Hit send but missed some text.

- iptables won't work: TOR is not a transparent proxy.
~ socat: no idea, try it
+ tsocks / pchains: run innfeed via any might be worth a try
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On Fri, 12 Sep 2025 21:53:57 +0100
"Billy G." <contact-5c2e-000@pugleaf.net> wrote:

On 12.09.25 21:46, Billy G. wrote:

AI says:
...

Hit send but missed some text.

- iptables won't work: TOR is not a transparent proxy.
~ socat: no idea, try it
+ tsocks / pchains: run innfeed via any might be worth a try

I think AI is unable to grok that there are four ports and an extra PREROUTE directive at play:

innd <incoming preroute> [tor hidden service port]
innd <incoming re-route> [port 119]
innd <outgoing preroute> [tor socks proxy]
nnrpd <incoming> [reader port]

To do the traffic shaping there are probably many possible methods, like the haproxy example. And there are other tricks with firewall directives on purpose-built network interfaces bound to different ports. Everything I have seen so far is very convoluted so I am going to keep experimenting from time to time until I can get the convolution down to a mentally tractible level. When I finally get to the point of making a wizard script I want it to be simple enough that others can maintain and fork it and also so it doesn't break when dependencies are updated.

I was thinking about emailing the maintainer at ISC to see what they think about the possibility of patching INN2 to understand this kind of stuff at the config level. Or maybe I can eventually piece together a decent wizard script that they might include. I don't want to push something until I've tinkered much with it and am fairly certain it will be stable for future package upgrades.
--
Soul Patch


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On 13.09.25 03:22, Soul Patch wrote:

I think AI is unable to grok that there are four ports and an extra PREROUTE directive at play:

innd <incoming preroute> [tor hidden service port]
innd <incoming re-route> [port 119]
innd <outgoing preroute> [tor socks proxy]
nnrpd <incoming> [reader port]

no idea what you're talking about with four ports.
the incoming reader connection is already solved.
missing is the outgoing feeder connection to an onion address.

if an outgoing feed connects via TOR.onion...
the remote incoming ACL needs own local/vlan ips as source.
haproxy works. I have it running for incoming readers.
as source you can use any of 127.0.0.0/8 but idealy not .1.
instead of an interface with a real network ip
or: ip addr add 100.99.12.34/24 dev lo and use this as source?
if TOR allows setting the source-ip directly on the hidden service where
the port gets mapped we could avoid socat/haproxy but I don't know.

claude provided this simple idea below.
outgoing feeds to any clearnet server would no longer work this way.
I have no time to test this weekend. maybe next week(end).

the idea:

innfeed is started in INN2. Looking at your `/etc/news/newsfeeds` entry:

```
# innfeed funnel master.
innfeed!\
:!*\
:Tc,Wnm*:/usr/lib/news/bin/innfeed
```

This is the **funnel master** entry that tells `innd` how to start
innfeed. The key part is:
- `Tc,Wnm*` - flags for the feed type
- `:/usr/lib/news/bin/innfeed` - the actual command to execute

## To add proxy support via proxychains:

You'd modify this line to:

```
# innfeed funnel master with proxy support
innfeed!\
:!*\
:Tc,Wnm*:/usr/bin/proxychains /usr/lib/news/bin/innfeed
```

## Or with environment variables:

```
# innfeed funnel master with proxy via env vars
innfeed!\
:!*\
:Tc,Wnm*:/bin/sh -c "LD_PRELOAD=/usr/lib/libproxychains.so.4 /usr/lib/news/bin/innfeed"
```

## Alternative approach - wrapper script:

Create `/usr/local/bin/innfeed-proxy`:
```bash
#!/bin/bash
exec proxychains /usr/lib/news/bin/innfeed "$@"
```

Then modify newsfeeds:
```
innfeed!\
:!*\
:Tc,Wnm*:/usr/local/bin/innfeed-proxy
```

After modifying `/etc/news/newsfeeds`, you need to:
1. Run `ctlinnd reload newsfeeds 'Added proxy support'`
2. Or restart innd

This way, every time innd spawns innfeed, it will automatically go
through your proxy configuration.
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

fetch https://github.com/InterNetNews/inn.git and check innfeed code /inn/refs/heads/main/innfeed
do you see any calls that could bypass the proxy?

### **Main Connection Path (connection.c)**:

1. **`network_client_create()` (line 514)** - INN2 library wrapper that
calls:
- `socket()` (network.c:644)
- `network_source()` for binding to source address

2. **`connect()` (line 535)** - Direct system call:
```c
rval = connect(fd, cxnAddr, len);
if (rval < 0 && errno != EINPROGRESS) {
syswarn("%s:%u connect", peerName, cxn->ident);
hostIpFailed(cxn->myHost);
close(fd);
cxnSleepOrDie(cxn);
return false;
}
```

3. **`getsockopt()` (line 1198)** - For error checking after connect
4. **`getpeername()` (line 1251)** - For IPv6 detection after connection

### **Alternative IMAP Connection Path (imap_connection.c)**:

Found additional direct network calls in IMAP functionality:
- **`connect()` (line 1538)** - Direct system call for IMAP connections
- **`getpeername()` (line 1416)** - For connection info

### **Library Functions (network.c)**:

The `network_client_create()` and `network_connect()` functions are
wrappers that ultimately call:
- `socket()` - Creates the socket
- `connect()` - Establishes connection (lines 572, 575)

## **rLa Updated Assessment for Proxy Compatibility:**

**EXCELLENT NEWS**: INN2 innfeed uses **standard POSIX network calls**
that proxychains/tsocks can intercept:

1. **`socket()`** - rLa Interceptable
2. **`connect()`** - rLa Interceptable (main target for proxy redirection)
3. **`getsockopt()`** - rLa Safe (error checking only)
4. **`getpeername()`** - rUaN+A May return proxy info (cosmetic issue)

**No bypass risks found!**
The code uses standard Berkeley sockets API throughout.

## **Final Recommendation:**

**Proxychains/tsocks should work perfectly** with innfeed because:
- All network connections go through standard `socket()` + `connect()` calls
- No custom networking or raw sockets
- No DNS resolution bypasses
- Library wrappers still use interceptable system calls

Test command:
```bash
proxychains -f /etc/proxychains.conf /usr/lib/news/bin/innfeed -c /etc/news/innfeed.conf
```

The only cosmetic issue will be that logs might show proxy IPs instead
of real destination IPs due to `getpeername()`, but functionality will
be preserved.
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On 12.09.25 05:17, Soul Patch wrote:

All the methods in mind are a mite convoluted.

Maybe problem solved.

// tcp2tor - General TCP proxy tool for go-pugleaf
// This tool creates a local TCP listener that forwards raw TCP
connections through a SOCKS5 proxy

https://github.com/go-while/go-pugleaf/tree/testing-001/cmd/tcp2tor

./tcp2tor -target peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
-listen-host 127.2.3.4 -listen-port 11119

2025/09/18 01:27:02 Starting tcp2tor (version dev-20250918)
2025/09/18 01:27:02 Configuration:
2025/09/18 01:27:02 Listen: 127.2.3.4:11119
2025/09/18 01:27:02 Target: peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
2025/09/18 01:27:02 SOCKS5 Proxy: 127.0.0.1:9050
2025/09/18 01:27:02 Timeout: 30 seconds
2025/09/18 01:27:02 rLo SOCKS5 proxy connection test successful
2025/09/18 01:27:02 tcp2tor proxy listening on 127.2.3.4:11119
2025/09/18 01:27:02 Forwarding connections to peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
through SOCKS5 proxy 127.0.0.1:9050

telnet 127.2.3.4 11119
Trying 127.2.3.4...
Connected to 127.2.3.4.
Escape character is '^]'.
200 news.tcpreset.net InterNetNews server INN 2.6.4 ready (transit mode)
quit
205 Bye!
Connection closed by foreign host.

testing executable:
https://reader-nyc.newsdeef.eu/storage/tcp2tor https://reader-nyc.newsdeef.eu/storage/tcp2tor.sha256
sha256: 5fb1f9e10e7042d3baa264ac6086a9a00f07d95d50ed21bfd4cf1b6677c3d035
bytes: 2412836 (du -b tcp2tor)

https://web.archive.org/web/20250918013736/https://reader-nyc.newsdeef.eu/storage/tcp2tor
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

This message has been sent via tcp2tor, telnet and IHAVE to peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion
alias news.tcpreset.net :D

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

I'm not tcpreset but I can confirm it works :D

On 18.09.25 03:00, Billy G. wrote:

This message has been sent via tcp2tor, telnet and IHAVE to peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion
alias news.tcpreset.net :D

On 18.09.25 02:41, Billy G. wrote:

On 12.09.25 05:17, Soul Patch wrote:

All the methods in mind are a mite convoluted.

Maybe problem solved.

// tcp2tor - General TCP proxy tool for go-pugleaf
// This tool creates a local TCP listener that forwards raw TCP
connections through a SOCKS5 proxy

https://github.com/go-while/go-pugleaf/tree/testing-001/cmd/tcp2tor

./tcp2tor -target peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119 -listen-host 127.2.3.4 -listen-port 11119

2025/09/18 01:27:02 Starting tcp2tor (version dev-20250918)
2025/09/18 01:27:02 Configuration:
2025/09/18 01:27:02 Listen: 127.2.3.4:11119
2025/09/18 01:27:02 Target: peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
2025/09/18 01:27:02 SOCKS5 Proxy: 127.0.0.1:9050
2025/09/18 01:27:02 Timeout: 30 seconds
2025/09/18 01:27:02 rLo SOCKS5 proxy connection test successful
2025/09/18 01:27:02 tcp2tor proxy listening on 127.2.3.4:11119
2025/09/18 01:27:02 Forwarding connections to peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
through SOCKS5 proxy 127.0.0.1:9050

telnet 127.2.3.4 11119
Trying 127.2.3.4...
Connected to 127.2.3.4.
Escape character is '^]'.
200 news.tcpreset.net InterNetNews server INN 2.6.4 ready (transit mode)
quit
205 Bye!
Connection closed by foreign host.

testing executable:
https://reader-nyc.newsdeef.eu/storage/tcp2tor https://reader-nyc.newsdeef.eu/storage/tcp2tor.sha256
sha256: 5fb1f9e10e7042d3baa264ac6086a9a00f07d95d50ed21bfd4cf1b6677c3d035 bytes: 2412836 (du -b tcp2tor)

https://web.archive.org/web/20250918013736/https://reader-nyc.newsdeef.eu/storage/tcp2tor



## newsfeeds ##
peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion\
:*,$DEFAULT,$NOBINARY/!local\
:Ap,Tm,<65536:innfeed!

## innfeed.conf ##
peer peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion {
ip-name: peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion
force-ipv4: true
max-connections: 1
port-number: 11119
}

## /etc/hosts ##
127.2.3.4 peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion

https://reader-nyc.newsdeef.eu/inn/innfeed.status.txt

peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion
Addr 1 : IPv4 127.2.3.4
seconds: 306 art. timeout: 600 ip name: peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion
offered: 12 resp. timeout: 300 port: 11119
accepted: 0 want streaming: yes active cxns: 1
refused: 11 is streaming: yes sleeping cxns: 0
rejected: 1 max checks: 20 initial cxns: 1
missing: 0 no-check on: 95.0% idle cxns: 0
deferred: 0 no-check off: 90.0% max cxns: 1/1
requeued: 0 no-check fltr: 50.0 queue length: 0.0/10
spooled: 1 dynamic method: 3 empty: 0.0%
[overflow]: 0 dyn b'log low: 20.0% >0%-25%: 0.0%
[on_close]: 0 dyn b'log high: 50.0% 25%-50%: 0.0%
[sleeping]: 1 dyn b'log stat: 12.0% 50%-75%: 0.0%
unspooled: 1 dyn b'log fltr: 20.0 75%-<100%: 0.0%
no queue: 12 avr.cxns queue: 0.0 full: 0.0%
accpt size: 0 B drop-deferred: false defer length: 0.0
rejct size: 5.38 KB min-queue-cxn: false
spooling: UNLIMITED
missing 0 spooled 0
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

On 13.09.25 03:22, Soul Patch wrote:

I think AI is unable to grok that

yalla yalla tcp2tor has been written by AI in a single prompt
took few seconds... but the idea was mine :D claude I love you!
connection is stable and "is streaming" =) accepts articles too!
--
.......
Billy G. (go-while)
https://pugleaf.net
@Newsgroup: rocksolid.nodes.help
irc.pugleaf.net:6697 (SSL) #lounge
discord: https://discord.gg/rh2tGMJWwV
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: news.software.nntp

Billy G. wrote:

I'm not tcpreset but I can confirm it works :D

On 18.09.25 03:00, Billy G. wrote:

This message has been sent via tcp2tor, telnet and IHAVE to
peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion
alias news.tcpreset.net :D

On 18.09.25 02:41, Billy G. wrote:

On 12.09.25 05:17, Soul Patch wrote:

All the methods in mind are a mite convoluted.

Maybe problem solved.

// tcp2tor - General TCP proxy tool for go-pugleaf
// This tool creates a local TCP listener that forwards raw TCP
connections through a SOCKS5 proxy

https://github.com/go-while/go-pugleaf/tree/testing-001/cmd/tcp2tor

./tcp2tor -target
peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
-listen-host 127.2.3.4 -listen-port 11119

2025/09/18 01:27:02 Starting tcp2tor (version dev-20250918)
2025/09/18 01:27:02 Configuration:
2025/09/18 01:27:02 Listen: 127.2.3.4:11119
2025/09/18 01:27:02 Target:
peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
2025/09/18 01:27:02 SOCKS5 Proxy: 127.0.0.1:9050
2025/09/18 01:27:02 Timeout: 30 seconds
2025/09/18 01:27:02 rLo SOCKS5 proxy connection test successful
2025/09/18 01:27:02 tcp2tor proxy listening on 127.2.3.4:11119
2025/09/18 01:27:02 Forwarding connections to
peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion:119
through SOCKS5 proxy 127.0.0.1:9050

telnet 127.2.3.4 11119
Trying 127.2.3.4...
Connected to 127.2.3.4.
Escape character is '^]'.
200 news.tcpreset.net InterNetNews server INN 2.6.4 ready (transit mode)
quit
205 Bye!
Connection closed by foreign host.

testing executable:
https://reader-nyc.newsdeef.eu/storage/tcp2tor
https://reader-nyc.newsdeef.eu/storage/tcp2tor.sha256
sha256: 5fb1f9e10e7042d3baa264ac6086a9a00f07d95d50ed21bfd4cf1b6677c3d035
bytes: 2412836 (du -b tcp2tor)

https://web.archive.org/web/20250918013736/https://reader-nyc.newsdeef.eu/storage/tcp2tor

## newsfeeds ## peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion\
:*,$DEFAULT,$NOBINARY/!local\
:Ap,Tm,<65536:innfeed!

## innfeed.conf ##
peer peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion {
ip-name: peannyjkqwqfynd24p6dszvtchkq7hfkwymi5by5y332wmosy5dwfaqd.onion
force-ipv4: true
max-connections: 1
port-number: 11119
}

This looks exellent to my eyes :).
Glad of it!

Gabx
--
0745 074D FEAA 9CB7 62E9 D89D 3E54 F490 F2CC 5A82
--- Synchronet 3.21a-Linux NewsLink 1.2