nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-13 06:33:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'atagar/man_page_fixes'

Browse Source
This commit is contained in:
Nick Mathewson 2015-11-25 09:07:02 -05:00
commit ab1bc38d5a
1 changed files with 29 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
doc/tor.1.txt
View File

@ -98,8 +98,8 @@ COMMAND-LINE OPTIONS
Other options can be specified on the command-line in the format "--option Other options can be specified on the command-line in the format "--option
value", in the format "option value", or in a configuration file. For value", in the format "option value", or in a configuration file. For
instance, you can tell Tor to start listening for SOCKS connections on port instance, you can tell Tor to start listening for SOCKS connections on port
9999 by passing --SOCKSPort 9999 or SOCKSPort 9999 to it on the command line, 9999 by passing --SocksPort 9999 or SocksPort 9999 to it on the command line,
or by putting "SOCKSPort 9999" in the configuration file. You will need to or by putting "SocksPort 9999" in the configuration file. You will need to
quote options with spaces in them: if you want Tor to log all debugging quote options with spaces in them: if you want Tor to log all debugging
messages to debug.log, you will probably need to say --Log 'debug file messages to debug.log, you will probably need to say --Log 'debug file
debug.log'. debug.log'.
@ -125,17 +125,17 @@ the defaults file.
This rule is simple for options that take a single value, but it can become This rule is simple for options that take a single value, but it can become
complicated for options that are allowed to occur more than once: if you complicated for options that are allowed to occur more than once: if you
specify four SOCKSPorts in your configuration file, and one more SOCKSPort on specify four SocksPorts in your configuration file, and one more SocksPort on
the command line, the option on the command line will replace __all__ of the the command line, the option on the command line will replace __all__ of the
SOCKSPorts in the configuration file. If this isn't what you want, prefix SocksPorts in the configuration file. If this isn't what you want, prefix
the option name with a plus sign (+), and it will be appended to the previous the option name with a plus sign (+), and it will be appended to the previous
set of options instead. For example, setting SOCKSPort 9100 will use only set of options instead. For example, setting SocksPort 9100 will use only
port 9100, but setting +SOCKSPort 9100 will use ports 9100 and 9050 (because port 9100, but setting +SocksPort 9100 will use ports 9100 and 9050 (because
this is the default). this is the default).
Alternatively, you might want to remove every instance of an option in the Alternatively, you might want to remove every instance of an option in the
configuration file, and not replace it at all: you might want to say on the configuration file, and not replace it at all: you might want to say on the
command line that you want no SOCKSPorts at all. To do that, prefix the command line that you want no SocksPorts at all. To do that, prefix the
option name with a forward slash (/). You can use the plus sign (+) and the option name with a forward slash (/). You can use the plus sign (+) and the
forward slash (/) in the configuration file and on the command line. forward slash (/) in the configuration file and on the command line.
@ -221,7 +221,7 @@ GENERAL OPTIONS
any pluggable transport proxy that tries to launch __transport__. + any pluggable transport proxy that tries to launch __transport__. +
(Example: ServerTransportOptions obfs45 shared-secret=bridgepasswd cache=/var/lib/tor/cache) (Example: ServerTransportOptions obfs45 shared-secret=bridgepasswd cache=/var/lib/tor/cache)
[[ExtORPort]] **ExtORPort** \['address':]__port__|**auto** [[ExtORPort]] **ExtORPort** \['address':]__port__|**auto**::
Open this port to listen for Extended ORPort connections from your Open this port to listen for Extended ORPort connections from your
pluggable transports. pluggable transports.
@ -289,9 +289,9 @@ GENERAL OPTIONS
any process on the local host to control it. (Setting both authentication any process on the local host to control it. (Setting both authentication
methods means eithermethod is sufficient to authenticate to Tor.) This methods means eithermethod is sufficient to authenticate to Tor.) This
option is required for many Tor controllers; most use the value of 9051. option is required for many Tor controllers; most use the value of 9051.
Set it to "auto" to have Tor pick a port for you. (Default: 0) Set it to "auto" to have Tor pick a port for you. (Default: 0) +
+ +
Recognized flags are:: Recognized flags are...
**GroupWritable**;; **GroupWritable**;;
Unix domain sockets only: makes the socket get created as Unix domain sockets only: makes the socket get created as
group-writable. group-writable.
@ -968,7 +968,7 @@ The following options are useful only for clients (that is, if
the same circuit. Currently, two addresses are "too close" if they lie in the same circuit. Currently, two addresses are "too close" if they lie in
the same /16 range. (Default: 1) the same /16 range. (Default: 1)
[[SOCKSPort]] **SOCKSPort** \['address':]__port__|**unix:**__path__|**auto** [_flags_] [_isolation flags_]:: [[SocksPort]] **SocksPort** \['address':]__port__|**unix:**__path__|**auto** [_flags_] [_isolation flags_]::
Open this port to listen for connections from SOCKS-speaking Open this port to listen for connections from SOCKS-speaking
applications. Set this to 0 if you don't want to allow application applications. Set this to 0 if you don't want to allow application
connections via SOCKS. Set it to "auto" to have Tor pick a port for connections via SOCKS. Set it to "auto" to have Tor pick a port for
@ -983,7 +983,7 @@ The following options are useful only for clients (that is, if
to use your computer as an open proxy. + to use your computer as an open proxy. +
+ +
The _isolation flags_ arguments give Tor rules for which streams The _isolation flags_ arguments give Tor rules for which streams
received on this SOCKSPort are allowed to share circuits with one received on this SocksPort are allowed to share circuits with one
another. Recognized isolation flags are: another. Recognized isolation flags are:
**IsolateClientAddr**;; **IsolateClientAddr**;;
Don't share circuits with streams from a different Don't share circuits with streams from a different
@ -1010,11 +1010,11 @@ The following options are useful only for clients (that is, if
If no other isolation rules would prevent it, allow streams If no other isolation rules would prevent it, allow streams
on this port to share circuits with streams from every other on this port to share circuits with streams from every other
port with the same session group. (By default, streams received port with the same session group. (By default, streams received
on different SOCKSPorts, TransPorts, etc are always isolated from one on different SocksPorts, TransPorts, etc are always isolated from one
another. This option overrides that behavior.) another. This option overrides that behavior.)
[[OtherSOCKSPortFlags]]:: [[OtherSocksPortFlags]]::
Other recognized __flags__ for a SOCKSPort are: Other recognized __flags__ for a SocksPort are:
**NoIPv4Traffic**;; **NoIPv4Traffic**;;
Tell exits to not connect to IPv4 addresses in response to SOCKS Tell exits to not connect to IPv4 addresses in response to SOCKS
requests on this connection. requests on this connection.
@ -1066,14 +1066,14 @@ The following options are useful only for clients (that is, if
authentication" when IsolateSOCKSAuth is disabled, or when this authentication" when IsolateSOCKSAuth is disabled, or when this
option is set. option is set.
[[SOCKSListenAddress]] **SOCKSListenAddress** __IP__[:__PORT__]:: [[SocksListenAddress]] **SocksListenAddress** __IP__[:__PORT__]::
Bind to this address to listen for connections from Socks-speaking Bind to this address to listen for connections from Socks-speaking
applications. (Default: 127.0.0.1) You can also specify a port (e.g. applications. (Default: 127.0.0.1) You can also specify a port (e.g.
192.168.0.1:9100). This directive can be specified multiple times to bind 192.168.0.1:9100). This directive can be specified multiple times to bind
to multiple addresses/ports. (DEPRECATED: As of 0.2.3.x-alpha, you can to multiple addresses/ports. (DEPRECATED: As of 0.2.3.x-alpha, you can
now use multiple SOCKSPort entries, and provide addresses for SOCKSPort now use multiple SocksPort entries, and provide addresses for SocksPort
entries, so SOCKSListenAddress no longer has a purpose. For backward entries, so SocksListenAddress no longer has a purpose. For backward
compatibility, SOCKSListenAddress is only allowed when SOCKSPort is just compatibility, SocksListenAddress is only allowed when SocksPort is just
a port number.) a port number.)
[[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__:: [[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__::
@ -1280,7 +1280,7 @@ The following options are useful only for clients (that is, if
Use 0 if you don't want to allow NATD connections. Set the port Use 0 if you don't want to allow NATD connections. Set the port
to "auto" to have Tor pick a port for you. This directive can be to "auto" to have Tor pick a port for you. This directive can be
specified multiple times to bind to multiple addresses/ports. See specified multiple times to bind to multiple addresses/ports. See
SOCKSPort for an explanation of isolation flags. + SocksPort for an explanation of isolation flags. +
+ +
This option is only for people who cannot use TransPort. (Default: 0) This option is only for people who cannot use TransPort. (Default: 0)
@ -1308,7 +1308,7 @@ The following options are useful only for clients (that is, if
doesn't handle arbitrary DNS request types. Set the port to "auto" to doesn't handle arbitrary DNS request types. Set the port to "auto" to
have Tor pick a port for have Tor pick a port for
you. This directive can be specified multiple times to bind to multiple you. This directive can be specified multiple times to bind to multiple
addresses/ports. See SOCKSPort for an explanation of isolation addresses/ports. See SocksPort for an explanation of isolation
flags. (Default: 0) flags. (Default: 0)
[[DNSListenAddress]] **DNSListenAddress** __IP__[:__PORT__]:: [[DNSListenAddress]] **DNSListenAddress** __IP__[:__PORT__]::
@ -1936,11 +1936,6 @@ if DirPort is non-zero):
to set up a separate webserver. There's a sample disclaimer in to set up a separate webserver. There's a sample disclaimer in
contrib/operator-tools/tor-exit-notice.html. contrib/operator-tools/tor-exit-notice.html.
[[HidServDirectoryV2]] **HidServDirectoryV2** **0**|**1**::
When this option is set, Tor accepts and serves v2 hidden service
descriptors. Setting DirPort is not required for this, because clients
connect via the ORPort by default. (Default: 1)
[[DirPort]] **DirPort** \['address':]__PORT__|**auto** [_flags_]:: [[DirPort]] **DirPort** \['address':]__PORT__|**auto** [_flags_]::
If this option is nonzero, advertise the directory service on this port. If this option is nonzero, advertise the directory service on this port.
Set it to "auto" to have Tor pick a port for you. This option can occur Set it to "auto" to have Tor pick a port for you. This option can occur
@ -2001,7 +1996,7 @@ on the public Tor network.
multiple times: the values from multiple lines are spliced together. When multiple times: the values from multiple lines are spliced together. When
this is set then **VersioningAuthoritativeDirectory** should be set too. this is set then **VersioningAuthoritativeDirectory** should be set too.
[[RecommendedPackageVersions]] **RecommendedPackageVersions** __PACKAGENAME__ __VERSION__ __URL__ __DIGESTTYPE__**=**__DIGEST__ :: [[RecommendedPackages]] **RecommendedPackages** __PACKAGENAME__ __VERSION__ __URL__ __DIGESTTYPE__**=**__DIGEST__ ::
Adds "package" line to the directory authority's vote. This information Adds "package" line to the directory authority's vote. This information
is used to vote on the correct URL and digest for the released versions is used to vote on the correct URL and digest for the released versions
of different Tor-related packages, so that the consensus can certify of different Tor-related packages, so that the consensus can certify
@ -2152,11 +2147,6 @@ on the public Tor network.
that fine-grained information about nodes can be discarded when it hasn't that fine-grained information about nodes can be discarded when it hasn't
changed for a given amount of time. (Default: 24 hours) changed for a given amount of time. (Default: 24 hours)
[[VoteOnHidServDirectoriesV2]] **VoteOnHidServDirectoriesV2** **0**|**1**::
When this option is set in addition to **AuthoritativeDirectory**, Tor
votes on whether to accept relays as hidden service directories.
(Default: 1)
[[AuthDirHasIPv6Connectivity]] **AuthDirHasIPv6Connectivity** **0**|**1**:: [[AuthDirHasIPv6Connectivity]] **AuthDirHasIPv6Connectivity** **0**|**1**::
Authoritative directories only. When set to 0, OR ports with an Authoritative directories only. When set to 0, OR ports with an
IPv6 address are being accepted without reachability testing. IPv6 address are being accepted without reachability testing.
@ -2420,7 +2410,7 @@ The following options are used for running a testing Tor network.
information on how to specify nodes. information on how to specify nodes.
+ +
In order for this option to have any effect, **TestingTorNetwork** In order for this option to have any effect, **TestingTorNetwork**
and **VoteOnHidServDirectoriesV2** both have to be set. must be set.
[[TestingDirAuthVoteHSDirIsStrict]] **TestingDirAuthVoteHSDirIsStrict** **0**|**1** :: [[TestingDirAuthVoteHSDirIsStrict]] **TestingDirAuthVoteHSDirIsStrict** **0**|**1** ::
If True (1), a node will never receive the HSDir flag unless it is specified If True (1), a node will never receive the HSDir flag unless it is specified
@ -2449,7 +2439,7 @@ The following options are used for running a testing Tor network.
authority on a testing network. Overrides the usual default lower bound authority on a testing network. Overrides the usual default lower bound
of 4 KB. (Default: 0) of 4 KB. (Default: 0)
[[TestingLinkCertLifetime]] **TestingLinkCertifetime** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**|**months**:: [[TestingLinkCertLifetime]] **TestingLinkCertLifetime** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**|**months**::
Overrides the default lifetime for the certificates used to authenticate Overrides the default lifetime for the certificates used to authenticate
our X509 link cert with our ed25519 signing key. our X509 link cert with our ed25519 signing key.
(Default: 2 days) (Default: 2 days)
@ -2459,8 +2449,10 @@ The following options are used for running a testing Tor network.
key. key.
(Default: 2 days) (Default: 2 days)
[[TestingLinkKeySlop]] **TestingLinkKeySlop** __N__ **seconds**|**minutes**|**hours**:: [[TestingLinkKeySlop]] **TestingLinkKeySlop** __N__ **seconds**|**minutes**|**hours** +
[[TestingAuthKeySlop]] **TestingAuthKeySlop** __N__ **seconds**|**minutes**|**hours**::
[[TestingAuthKeySlop]] **TestingAuthKeySlop** __N__ **seconds**|**minutes**|**hours** +
[[TestingSigningKeySlop]] **TestingSigningKeySlop** __N__ **seconds**|**minutes**|**hours**:: [[TestingSigningKeySlop]] **TestingSigningKeySlop** __N__ **seconds**|**minutes**|**hours**::
How early before the official expiration of a an Ed25519 signing key do How early before the official expiration of a an Ed25519 signing key do
we replace it and issue a new key? we replace it and issue a new key?
@ -2654,7 +2646,7 @@ SEE ALSO
BUGS BUGS
---- ----
Plenty, probably. Tor is still in development. Please report them. Plenty, probably. Tor is still in development. Please report them at https://trac.torproject.org/.
AUTHORS AUTHORS
------- -------