mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-09-20 21:16:22 +02:00
wave rubber chicken over man page
tyranix says this makes the html output look better svn:r4488
This commit is contained in:
parent
281d4dc320
commit
30258ad77f
85
doc/tor.1.in
85
doc/tor.1.in
@ -20,20 +20,25 @@ themselves have difficulty tracking the source of the stream.
|
||||
.SH OPTIONS
|
||||
\fB-h, -help\fP
|
||||
Display a short help message and exit.
|
||||
.LP
|
||||
.TP
|
||||
\fB-f \fR\fIFILE\fP
|
||||
FILE contains further "option value" pairs. (Default: @CONFDIR@/torrc)
|
||||
.LP
|
||||
.TP
|
||||
Other options can be specified either on the command-line (\fI--option
|
||||
value\fR), or in the configuration file (\fIoption value\fR).
|
||||
Options are case-insensitive.
|
||||
.LP
|
||||
.TP
|
||||
\fBBandwidthRate \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
|
||||
A token bucket limits the average incoming bandwidth on this node to
|
||||
the specified number of bytes per second. (Default: 2 MB)
|
||||
.LP
|
||||
.TP
|
||||
\fBBandwidthBurst \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
|
||||
Limit the maximum token bucket size (also known as the burst) to the given number of bytes. (Default: 5 MB)
|
||||
.LP
|
||||
.TP
|
||||
\fBMaxAdvertisedBandwidth \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
|
||||
If set, we will not advertise more than this amount of bandwidth for our
|
||||
@ -41,6 +46,7 @@ BandwidthRate. Server operators who want to reduce the number of clients
|
||||
who ask to build circuits through them (since this is proportional to
|
||||
advertised bandwidth rate) can thus reduce the CPU demands on their
|
||||
server without impacting network performance.
|
||||
.LP
|
||||
.TP
|
||||
\fBControlPort \fR\fIPort\fP
|
||||
If set, Tor will accept connections from the same machine (localhost only) on
|
||||
@ -49,12 +55,14 @@ Tor Control Protocol (described in control-spec.txt). Note: unless you also
|
||||
specify one of \fBHashedControlPassword\fP or \fBCookieAuthentication\fP,
|
||||
setting this option will cause Tor to allow any process on the local host to
|
||||
control it.
|
||||
.LP
|
||||
.TP
|
||||
\fBHashedControlPassword \fR\fIhashed_password\fP
|
||||
Don't allow any connections on the control port except when the other process
|
||||
knows the password whose one-way hash is \fIhashed_password\fP. You can
|
||||
compute the hash of a password by running "tor --hash-password
|
||||
\fIpassword\fP".
|
||||
.LP
|
||||
.TP
|
||||
\fBCookieAuthentication \fR\fB0\fR|\fB1\fP
|
||||
If this option is set to 1, don't allow any connections on the control port
|
||||
@ -62,15 +70,18 @@ except when the connecting process knows the contents of a file named
|
||||
"control_auth_cookie", which Tor will create in its data directory. This
|
||||
authentication methods should only be used on systems with good filesystem
|
||||
security. (Default: 0)
|
||||
.LP
|
||||
.TP
|
||||
\fBDataDirectory \fR\fIDIR\fP
|
||||
Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
|
||||
.LP
|
||||
.TP
|
||||
\fBDirFetchPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
|
||||
Every time the specified period elapses, Tor downloads a directory.
|
||||
A directory contains a signed list of all known servers as well as
|
||||
their current liveness status. A value of "0 seconds" tells Tor to choose an
|
||||
appropriate default. (Default: 1 hour for clients, 20 minutes for servers)
|
||||
.LP
|
||||
.TP
|
||||
\fBDirServer \fR\fIaddress:port fingerprint\fP
|
||||
Use a nonstandard authoritative directory server at the provided
|
||||
@ -78,20 +89,24 @@ address and port, with the specified key fingerprint. This option can
|
||||
be repeated many times, for multiple authoritative directory
|
||||
servers. If no \fBdirserver\fP line is given, Tor will use the default
|
||||
directory servers: moria1, moria2, and tor26.
|
||||
.LP
|
||||
.TP
|
||||
\fBGroup \fR\fIGID\fP
|
||||
On startup, setgid to this user.
|
||||
.LP
|
||||
.TP
|
||||
\fBHttpProxy\fR \fIhost\fR[:\fIport\fR]\fP
|
||||
Tor will make all its directory requests through this host:port
|
||||
(or host:80 if port is not specified),
|
||||
rather than connecting directly to any directory servers.
|
||||
.LP
|
||||
.TP
|
||||
\fBHttpProxyAuthenticator\fR \fIusername:password\fP
|
||||
If defined, Tor will use this username:password for Basic Http proxy
|
||||
authentication, as in RFC 2617. This is currently the only form of
|
||||
Http proxy authentication that Tor supports; feel free to submit a
|
||||
patch if you want it to support others.
|
||||
.LP
|
||||
.TP
|
||||
\fBHttpsProxy\fR \fIhost\fR[:\fIport\fR]\fP
|
||||
Tor will make all its OR (SSL) connections through this host:port
|
||||
@ -99,18 +114,21 @@ Tor will make all its OR (SSL) connections through this host:port
|
||||
connecting directly to servers. You may want to set \fBFascistFirewall\fR
|
||||
to restrict the set of ports you might try to connect to, if your Https
|
||||
proxy only allows connecting to certain ports.
|
||||
.LP
|
||||
.TP
|
||||
\fBHttpsProxyAuthenticator\fR \fIusername:password\fP
|
||||
If defined, Tor will use this username:password for Basic Https proxy
|
||||
authentication, as in RFC 2617. This is currently the only form of
|
||||
Https proxy authentication that Tor supports; feel free to submit a
|
||||
patch if you want it to support others.
|
||||
.LP
|
||||
.TP
|
||||
\fBKeepalivePeriod \fR\fINUM\fP
|
||||
To keep firewalls from expiring connections, send a padding keepalive
|
||||
cell every NUM seconds on open connections that are in use. If the
|
||||
connection has no open circuits, it will instead be closed after NUM
|
||||
seconds of idleness. (Default: 5 minutes)
|
||||
.LP
|
||||
.TP
|
||||
\fBLog \fR\fIminSeverity\fR[-\fImaxSeverity\fR] \fBstderr\fR|\fBstdout\fR|\fBsyslog\fR\fP
|
||||
Send all messages between \fIminSeverity\fR and \fImaxSeverity\fR to
|
||||
@ -119,41 +137,50 @@ log. (The "syslog" value is only supported on Unix.) Recognized
|
||||
severity levels are debug, info, notice, warn, and err. If only one
|
||||
severity level is given, all messages of that level or higher will be
|
||||
sent to the listed destination.
|
||||
.LP
|
||||
.TP
|
||||
\fBLog \fR\fIminSeverity\fR[-\fImaxSeverity\fR] \fBfile\fR \fIFILENAME\fP
|
||||
As above, but send log messages to the listed filename. The "Log"
|
||||
option may appear more than once in a configuration file. Messages
|
||||
are sent to all the logs that match their severity level.
|
||||
.LP
|
||||
.TP
|
||||
\fBMaxConn \fR\fINUM\fP
|
||||
Maximum number of simultaneous sockets allowed. You probably don't need
|
||||
to adjust this. (Default: 1024)
|
||||
.LP
|
||||
.TP
|
||||
\fBOutboundBindAddress \fR\fIIP\fP
|
||||
Make all outbound connections originate from the IP address specified. This
|
||||
is only useful when you have multiple network interfaces, and you want all
|
||||
of Tor's outgoing connections to use a single one.
|
||||
.LP
|
||||
.TP
|
||||
\fBPIDFile \fR\fIFILE\fP
|
||||
On startup, write our PID to FILE. On clean shutdown, remove FILE.
|
||||
.LP
|
||||
.TP
|
||||
\fBRunAsDaemon \fR\fB0\fR|\fB1\fR\fP
|
||||
If 1, Tor forks and daemonizes to the background. (Default: 0)
|
||||
.LP
|
||||
.TP
|
||||
\fBSafeLogging \fR\fB0\fR|\fB1\fP
|
||||
If 1, Tor replaces potentially sensitive strings in the logs
|
||||
(e.g. addresses) with the string [scrubbed]. This way logs can still be
|
||||
useful, but they don't leave behind personally identifying information
|
||||
about what sites a user might have visited. (Default: 1)
|
||||
.LP
|
||||
.TP
|
||||
\fBStatusFetchPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
|
||||
Every time the specified period elapses, Tor downloads signed status
|
||||
information about the current state of known servers. A value of
|
||||
"0 seconds" tells Tor to choose an appropriate default. (Default: 30
|
||||
minutes for clients, 15 minutes for servers)
|
||||
.LP
|
||||
.TP
|
||||
\fBUser \fR\fIUID\fP
|
||||
On startup, setuid to this user.
|
||||
.LP
|
||||
.TP
|
||||
\fBHardwareAccel \fR\fI0|1\fP
|
||||
If non-zero, try to use crypto hardware acceleration when
|
||||
@ -162,10 +189,12 @@ available. (Default: 1. )
|
||||
.SH CLIENT OPTIONS
|
||||
.PP
|
||||
The following options are useful only for clients (that is, if \fBSOCKSPort\fP is non-zero):
|
||||
.LP
|
||||
.TP
|
||||
\fBAllowUnverifiedNodes\fR \fBentry\fR|\fBexit\fR|\fBmiddle\fR|\fBintroduction\fR|\fBrendezvous\fR|...\fP
|
||||
Where on our circuits should we allow Tor servers that the directory
|
||||
servers haven't authenticated as "verified"? (Default: middle,rendezvous)
|
||||
.LP
|
||||
.TP
|
||||
\fBClientOnly \fR\fB0\fR|\fB1\fR\fP
|
||||
If set to 1, Tor will under no circumstances run as a server. The default
|
||||
@ -175,33 +204,41 @@ you are reliable and high-bandwidth enough to be a useful server.)
|
||||
|
||||
This option will likely be deprecated in the future; see the NoPublish
|
||||
option below. (Default: 0)
|
||||
.LP
|
||||
.TP
|
||||
\fBEntryNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
A list of preferred nodes to use for the first hop in the circuit, if possible.
|
||||
.LP
|
||||
.TP
|
||||
\fBExitNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
A list of preferred nodes to use for the last hop in the circuit, if possible.
|
||||
.LP
|
||||
.TP
|
||||
\fBExcludeNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
A list of nodes to never use when building a circuit.
|
||||
.LP
|
||||
.TP
|
||||
\fBStrictExitNodes \fR\fB0\fR|\fB1\fR\fP
|
||||
If 1, Tor will never use any nodes besides those listed in "exitnodes" for
|
||||
the last hop of a circuit.
|
||||
.LP
|
||||
.TP
|
||||
\fBStrictEntryNodes \fR\fB0\fR|\fB1\fR\fP
|
||||
If 1, Tor will never use any nodes besides those listed in "entrynodes" for
|
||||
the first hop of a circuit.
|
||||
.LP
|
||||
.TP
|
||||
\fBFascistFirewall \fR\fB0\fR|\fB1\fR\fP
|
||||
If 1, Tor will only create outgoing connections to ORs running on ports that
|
||||
your firewall allows (defaults to 80 and 443; see \fBFirewallPorts\fR). This will
|
||||
allow you to run Tor as a client behind a firewall with restrictive policies,
|
||||
but will not allow you to run as a server behind such a firewall.
|
||||
.LP
|
||||
.TP
|
||||
\fBFirewallPorts \fR\fIPORTS\fP
|
||||
A list of ports that your firewall allows you to connect to. Only used when
|
||||
\fBFascistFirewall\fR is set. (Default: 80, 443)
|
||||
.LP
|
||||
.TP
|
||||
\fBLongLivedPorts \fR\fIPORTS\fP
|
||||
A list of ports for services that tend to have long-running connections
|
||||
@ -209,25 +246,30 @@ A list of ports for services that tend to have long-running connections
|
||||
ports will contain only high-uptime nodes, to reduce the chance that a
|
||||
node will go down before the stream is finished. (Default: 21, 22, 706, 1863, 5050,
|
||||
5190, 5222, 5223, 6667, 8300, 8888)
|
||||
.LP
|
||||
.TP
|
||||
\fBMapAddress\fR \fIaddress\fR \fInewaddress\fR
|
||||
When a request for address arrives to Tor, it will rewrite it to newaddress before
|
||||
processing it. For example, if you always want connections to www.indymedia.org to
|
||||
exit via \fItorserver\fR (where \fItorserver\fR is the nickname of the server),
|
||||
use "MapAddress www.indymedia.org www.indymedia.org.torserver.exit".
|
||||
.LP
|
||||
.TP
|
||||
\fBNewCircuitPeriod \fR\fINUM\fP
|
||||
Every NUM seconds consider whether to build a new circuit. (Default: 30 seconds)
|
||||
.LP
|
||||
.TP
|
||||
\fBMaxCircuitDirtiness \fR\fINUM\fP
|
||||
Feel free to reuse a circuit that was first used at most NUM seconds
|
||||
ago, but never attach a new stream to a circuit that is too old. (Default: 10 minutes)
|
||||
.LP
|
||||
.TP
|
||||
\fBNodeFamily \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
The named Tor servers constitute a "family" of similar or co-administered
|
||||
servers, so never use any two of them in the same circuit. Defining a
|
||||
NodeFamily is only needed when a server doesn't list the family itself
|
||||
(with MyFamily). This option can be used multiple times.
|
||||
.LP
|
||||
.TP
|
||||
.\" \fBPathlenCoinWeight \fR\fI0.0-1.0\fP
|
||||
.\" Paths are 3 hops plus a geometric distribution centered around this coinweight.
|
||||
@ -235,24 +277,29 @@ NodeFamily is only needed when a server doesn't list the family itself
|
||||
.\" .TP
|
||||
\fBRendNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
A list of preferred nodes to use for the rendezvous point, if possible.
|
||||
.LP
|
||||
.TP
|
||||
\fBRendExcludeNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
A list of nodes to never use when choosing a rendezvous point.
|
||||
.LP
|
||||
.TP
|
||||
\fBSOCKSPort \fR\fIPORT\fP
|
||||
Advertise this port to listen for connections from SOCKS-speaking
|
||||
applications. Set this to 0 if you don't want to allow application
|
||||
connections. (Default: 9050)
|
||||
.LP
|
||||
.TP
|
||||
\fBSOCKSBindAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
|
||||
Bind to this address to listen for connections from SOCKS-speaking
|
||||
applications. (Default: 127.0.0.1) You can also specify a port
|
||||
(e.g. 192.168.0.1:9100). This directive can be specified multiple times
|
||||
to bind to multiple addresses/ports.
|
||||
.LP
|
||||
.TP
|
||||
\fBSOCKSPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
|
||||
Set an entrance policy for this server, to limit who can connect to the SOCKS ports.
|
||||
The policies have the same form as exit policies below.
|
||||
.LP
|
||||
.TP
|
||||
\fBTrackHostExits \fR\fIhost\fR,\fI.domain\fR,\fI...\fR\fP
|
||||
For each value in the comma separated list, Tor will track recent connections
|
||||
@ -265,6 +312,7 @@ your IP address changes. Note that this option does have the disadvantage of
|
||||
making it more clear that a given history is
|
||||
associated with a single user. However, most people who would wish to observe
|
||||
this will observe it through cookies or other protocol-specific means anyhow.
|
||||
.LP
|
||||
.TP
|
||||
\fBTrackHostExitsExpire \fR\fINUM\fP
|
||||
Since exit servers go up and down, it is desirable to expire the association
|
||||
@ -274,13 +322,16 @@ is 1800 seconds (30 minutes).
|
||||
.SH SERVER OPTIONS
|
||||
.PP
|
||||
The following options are useful only for servers (that is, if \fBORPort\fP is non-zero):
|
||||
.LP
|
||||
.TP
|
||||
\fBAddress \fR\fIaddress\fP
|
||||
The IP or fqdn of this server (e.g. moria.mit.edu). You can leave this
|
||||
unset, and Tor will guess your IP.
|
||||
.LP
|
||||
.TP
|
||||
\fBContactInfo \fR\fIemail_address\fP
|
||||
Administrative contact information for server.
|
||||
.LP
|
||||
.TP
|
||||
\fBExitPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
|
||||
Set an exit policy for this server. Each policy is of the form
|
||||
@ -323,9 +374,11 @@ either a reject *:* or an accept *:*. Otherwise, you're _augmenting_
|
||||
.IP "accept *:*"
|
||||
.RE
|
||||
.PD
|
||||
.LP
|
||||
.TP
|
||||
\fBMaxOnionsPending \fR\fINUM\fP
|
||||
If you have more than this number of onionskins queued for decrypt, reject new ones. (Default: 100)
|
||||
.LP
|
||||
.TP
|
||||
\fBMyFamily \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
Declare that this Tor server is controlled or administered by a group
|
||||
@ -333,9 +386,11 @@ or organization identical or similar to that of the other named servers.
|
||||
When two servers both declare that they are in the same 'family', Tor clients
|
||||
will not use them in the same circuit. (Each server only needs to list the
|
||||
other servers in its family; it doesn't need to list itself, but it won't hurt.)
|
||||
.LP
|
||||
.TP
|
||||
\fBNickname \fR\fIname\fP
|
||||
Set the server's nickname to 'name'.
|
||||
.LP
|
||||
.TP
|
||||
\fBNoPublish \fR\fB0\fR|\fB1\fR\fP
|
||||
If you set NoPublish 1, Tor will act as a server if you have an ORPort
|
||||
@ -343,17 +398,21 @@ defined, but it will not publish its descriptor to the dirservers. This
|
||||
option is useful if you're testing out your server, or if you're using
|
||||
alternate dirservers (e.g. for other Tor networks such as Blossom).
|
||||
(Default: 0)
|
||||
.LP
|
||||
.TP
|
||||
\fBNumCPUs \fR\fInum\fP
|
||||
How many processes to use at once for decrypting onionskins. (Default: 1)
|
||||
.LP
|
||||
.TP
|
||||
\fBORPort \fR\fIPORT\fP
|
||||
Advertise this port to listen for connections from Tor clients and servers.
|
||||
.LP
|
||||
.TP
|
||||
\fBORBindAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
|
||||
Bind to this IP address to listen for connections from Tor clients and
|
||||
servers. If you specify a port, bind to this port rather than the one
|
||||
specified in ORPort. (Default: 0.0.0.0)
|
||||
.LP
|
||||
.TP
|
||||
\fBRedirectExit \fR\fIpattern target\fP
|
||||
Whenever an outgoing connection tries to connect to one of a given set
|
||||
@ -366,17 +425,20 @@ successfully, no subsequent rules are considered. You can specify that no
|
||||
redirection is to be performed on a given set of addresses by using the
|
||||
special target string "pass", which prevents subsequent rules from being
|
||||
considered.
|
||||
.LP
|
||||
.TP
|
||||
\fBShutdownWaitLength\fR\fINUM\fP
|
||||
When we get a SIGINT and we're a server, we begin shutting down: we close
|
||||
listeners and start refusing new circuits. After \fBNUM\fP seconds,
|
||||
we exit. If we get a second SIGINT, we exit immediately. (Default:
|
||||
30 seconds)
|
||||
.LP
|
||||
.TP
|
||||
\fBDirPostPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
|
||||
Every time the specified period elapses, Tor uploads its server
|
||||
descriptors to the directory servers. This information is also
|
||||
uploaded whenever it changes. (Default: 20 minutes)
|
||||
.LP
|
||||
.TP
|
||||
\fBAccountingMax \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
|
||||
Never send more than the specified number of bytes in a given
|
||||
@ -392,6 +454,7 @@ enabling hibernation is preferable to setting a low bandwidth, since it
|
||||
provides users with a collection of fast servers that are up some of
|
||||
the time, which is more useful than a set of slow servers that are
|
||||
always "available".
|
||||
.LP
|
||||
.TP
|
||||
\fBAccountingStart \fR\fBday\fR|\fBweek\fR|\fBmonth\fR [\fIday\fR] \fIHH:MM\fR\fP
|
||||
Specify how long accounting periods last. If \fBmonth\fP is given,
|
||||
@ -408,6 +471,7 @@ next day. All times are local, and given in 24-hour time. (Defaults to
|
||||
.SH DIRECTORY SERVER OPTIONS
|
||||
.PP
|
||||
The following options are useful only for directory servers (that is, if \fBDirPort\fP is non-zero):
|
||||
.LP
|
||||
.TP
|
||||
\fBAuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP
|
||||
When this option is set to 1, Tor operates as an authoritative
|
||||
@ -416,17 +480,21 @@ own list of good servers, signs it, and sends that to the clients.
|
||||
Unless the clients already have you listed as a trusted directory, you
|
||||
probably do not want to set this option. Please coordinate with the other
|
||||
admins at tor-ops@freehaven.net if you think you should be a directory.
|
||||
.LP
|
||||
.TP
|
||||
\fBDirPort \fR\fIPORT\fP
|
||||
Advertise the directory service on this port.
|
||||
.LP
|
||||
.TP
|
||||
\fBDirBindAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
|
||||
Bind the directory service to this address. If you specify a port, bind
|
||||
to this port rather than the one specified in DirPort. (Default: 0.0.0.0)
|
||||
.LP
|
||||
.TP
|
||||
\fBDirPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
|
||||
Set an entrance policy for this server, to limit who can connect to the directory ports.
|
||||
The policies have the same form as exit policies above.
|
||||
.LP
|
||||
.TP
|
||||
\fBRecommendedVersions \fR\fISTRING\fP
|
||||
STRING is a command-separated list of Tor versions currently believed
|
||||
@ -434,11 +502,13 @@ to be safe. The list is included in each directory, and nodes which
|
||||
pull down the directory learn whether they need to upgrade. This
|
||||
option can appear multiple times: the values from multiple lines are
|
||||
spliced together.
|
||||
.LP
|
||||
.TP
|
||||
\fBDirAllowPrivateAddresses \fR\fB0\fR|\fB1\fR\fP
|
||||
If set to 1, Tor will accept router descriptors with arbitrary "Address"
|
||||
elements. Otherwise, if the address is not an IP or is a private IP,
|
||||
it will reject the router descriptor. Defaults to 0.
|
||||
.LP
|
||||
.TP
|
||||
\fBRunTesting \fR\fB0\fR|\fB1\fR\fP
|
||||
If set to 1, Tor tries to build circuits through all of the servers it
|
||||
@ -449,11 +519,13 @@ don't want to use it.
|
||||
.SH HIDDEN SERVICE OPTIONS
|
||||
.PP
|
||||
The following options are used to configure a hidden service.
|
||||
.LP
|
||||
.TP
|
||||
\fBHiddenServiceDir \fR\fIDIRECTORY\fP
|
||||
Store data files for a hidden service in DIRECTORY. Every hidden
|
||||
service must have a separate directory. You may use this option multiple
|
||||
times to specify multiple services.
|
||||
.LP
|
||||
.TP
|
||||
\fBHiddenServicePort \fR\fIVIRTPORT \fR[\fITARGET\fR]\fP
|
||||
Configure a virtual port VIRTPORT for a hidden service. You may use this
|
||||
@ -461,15 +533,18 @@ option multiple times; each time applies to the service using the most recent
|
||||
hiddenservicedir. By default, this option maps the virtual port to the
|
||||
same port on 127.0.0.1. You may override the target port, address, or both
|
||||
by specifying a target of addr, port, or addr:port.
|
||||
.LP
|
||||
.TP
|
||||
\fBHiddenServiceNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
If possible, use the specified nodes as introduction points for the hidden
|
||||
service. If this is left unset, Tor will be smart and pick some reasonable
|
||||
ones; most people can leave this unset.
|
||||
.LP
|
||||
.TP
|
||||
\fBHiddenServiceExcludeNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
|
||||
Do not use the specified nodes as introduction points for the hidden
|
||||
service. In normal use there is no reason to set this.
|
||||
.LP
|
||||
.TP
|
||||
\fBRendPostPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
|
||||
Every time the specified period elapses, Tor uploads any rendezvous
|
||||
@ -481,42 +556,52 @@ uploaded whenever it changes. (Default: 20 minutes)
|
||||
|
||||
.SH SIGNALS
|
||||
Tor catches the following signals:
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGTERM\fR
|
||||
Tor will catch this, clean up and sync to disk if necessary, and exit.
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGINT\fR
|
||||
Tor clients behave as with SIGTERM; but Tor servers will do a controlled
|
||||
slow shutdown, closing listeners and waiting 30 seconds before exiting.
|
||||
(The delay can be configured with the ShutdownWaitLength config option.)
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGHUP\fR
|
||||
The signal instructs Tor to reload its configuration (including closing
|
||||
and reopening logs), fetch a new directory, and kill and restart its
|
||||
helper processes if applicable.
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGUSR1\fR
|
||||
Log statistics about current connections, past connections, and
|
||||
throughput.
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGUSR2\fR
|
||||
Switch all logs to loglevel debug. You can go back to the old loglevels
|
||||
by sending a SIGHUP.
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGCHLD\fR
|
||||
Tor receives this signal when one of its helper processes has exited,
|
||||
so it can clean up.
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGPIPE\fR
|
||||
Tor catches this signal and ignores it.
|
||||
.LP
|
||||
.TP
|
||||
\fBSIGXFSZ\fR
|
||||
If this signal exists on your platform, Tor catches and ignores it.
|
||||
|
||||
.SH FILES
|
||||
.LP
|
||||
.TP
|
||||
.I @CONFDIR@/torrc
|
||||
The configuration file, which contains "option value" pairs.
|
||||
.LP
|
||||
.TP
|
||||
.I @LOCALSTATEDIR@/lib/tor/
|
||||
The tor process stores keys and other data here.
|
||||
|
Loading…
Reference in New Issue
Block a user