Trouble creating onion-grater profile for LND.

Development
1

I’m trying to create an onion-grater profile for LND, but I’m having some confusing trouble.

Here is the profile I’m using:

---
- exe-paths:
    - '*'
  users:
    - '*'
  hosts:
    - '*'
  commands:
    ADD_ONION:
      ## {{{ LND onion service.
      - pattern:     'NEW:ED25519-V3 Port=9735,9735'
        replacement: 'NEW:ED25519-V3 Port=9735,{client-address}:9735 Flags=DiscardPK'
      ## }}}

My problem is that onion-grater filters the command when lnd tries, but has no problem when I issue the same commands with nc.

lnd:

Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): -> PROTOCOLINFO 1
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): <- 250-PROTOCOLINFO 1
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): <- 250-AUTH METHODS=NULL
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): <- 250-VERSION Tor="0.3.5.8"
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): <- 250 OK
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): -> AUTHENTICATE
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): <- 250 OK
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): -> ADD_ONION NEW:ED25519-V3 Port=9735,9735
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): command filtered: ADD_ONION NEW:ED25519-V3 Port=9735,9735
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated): <- 510 Command filtered
Jul 25 16:04:34 host onion-grater[11974]: 10.137.0.9:51714 (filter: 30_autogenerated) disconnected: client quit

nc:

Jul 25 15:59:20 host onion-grater[11943]: 10.137.0.9:51518 (filter: 30_autogenerated): -> authenticate
Jul 25 15:59:20 host onion-grater[11943]: 10.137.0.9:51518 (filter: 30_autogenerated): <- 250 OK
Jul 25 15:59:23 host onion-grater[11943]: 10.137.0.9:51518 (filter: 30_autogenerated): -> ADD_ONION NEW:ED25519-V3 Port=9735,9735
Jul 25 15:59:23 host onion-grater[11943]: 10.137.0.9:51518 (filter: 30_autogenerated): rewrote command:
Jul 25 15:59:23 host onion-grater[11943]:     ADD_ONION NEW:ED25519-V3 Port=9735,9735
Jul 25 15:59:23 host onion-grater[11943]: to:
Jul 25 15:59:23 host onion-grater[11943]:     ADD_ONION NEW:ED25519-V3 Port=9735,10.137.0.9:9735 Flags=DiscardPK
Jul 25 15:59:23 host onion-grater[11943]: 10.137.0.9:51518 (filter: 30_autogenerated): <- (multi-line)
Jul 25 15:59:23 host onion-grater[11943]:     250-ServiceID=5tpmfl2asxky2vvbjx754h5scto63fqotue53ev6jbnvkzoff7itrgad
Jul 25 15:59:23 host onion-grater[11943]:     250 OK

Any ideas?

1 Like
2

Dunno.

Maybe there is an extra whitespace somewhere?

Check the related LN source code.

1 Like
3

I was able to solve the issue with this onion-grater configuration

## Copyright (C) 2016 - 2020 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
## See the file COPYING for copying conditions

#### meta start
#### project Whonix
#### category tor-control
#### description
## Shipped but not enabled by default onion-grater profile.
#### meta end

## Maintained by: https://forums.whonix.org/u/qubenix <qubenix@riseup.net>

---
- exe-paths:
    - '*'
  users:
    - '*'
  hosts:
    - '*'
  commands:
    ADD_ONION:
      ## {{{ Mainnet onion service.
      - pattern: 'NEW:ED25519-V3 Port=9735,9735 ' 
        replacement: NEW:ED25519-V3 Port=9735,{client-address}:9735 Flags=DiscardPK
      ## }}}

This is what you should see in onion-grater logs, once you have enabled the --debug flag by editing /lib/systemd/system/onion-grater.service.d/30_cpfpy.conf

Jan 17 09:41:42 host onion-grater[4465]: 10.137.0.36:51850 (filter: 30_autogenerated): -> ADD_ONION NEW:ED25519-V3 Port=9735,9735
Jan 17 09:41:42 host onion-grater[4465]: 10.137.0.36:51850 (filter: 30_autogenerated): rewrote command:
Jan 17 09:41:42 host onion-grater[4465]:     ADD_ONION NEW:ED25519-V3 Port=9735,9735
Jan 17 09:41:42 host onion-grater[4465]: to:
Jan 17 09:41:42 host onion-grater[4465]:     ADD_ONION NEW:ED25519-V3 Port=9735,10.137.0.36:9735 Flags=DiscardPK
Jan 17 09:41:42 host onion-grater[4465]: 10.137.0.36:51850 (filter: 30_autogenerated): <- (multi-line)
Jan 17 09:41:42 host onion-grater[4465]:     250-ServiceID={your .onion v3 id}
Jan 17 09:41:42 host onion-grater[4465]:     250 OK

Once it is configured correctly, you will see this line in lnd logs:

2021-01-17 09:42:17.982 [INF] SRVR: Proxying all network traffic via Tor (stream_isolation=true)! NOTE: Ensure the backend node is proxying over Tor as well
2 Likes