nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 21:16:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make it an explicit step to allow connections to your local

Browse Source 
resources from your tor server.


svn:r6017
This commit is contained in:
Roger Dingledine 2006-02-14 19:15:53 +00:00
parent c7f2970777
commit e7824c3e01
1 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
doc/tor-doc-server.html
View File

@ -195,7 +195,7 @@ try to determine whether the ports you configured are reachable from
the outside. This may take up to 20 minutes. Look for a log entry like
<tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt>
If you don't see this message, it means that your server is not reachable
from the outside -- you should re-check your firewalls, check that it's
from the outside &mdash; you should re-check your firewalls, check that it's
testing the IP and port you think it should be testing, etc.
</p>
@ -228,7 +228,7 @@ include the following information in the message:
<ul>
<li>Your server's nickname</li>
<li>The fingerprint for your server's key (the contents of the
"fingerprint" file in your DataDirectory -- on Windows, look in
"fingerprint" file in your DataDirectory &mdash; on Windows, look in
\<i>username</i>\Application&nbsp;Data\tor\ or \Application&nbsp;Data\tor\;
on OS X, look in /Library/Tor/var/lib/tor/; and on Linux/BSD/Unix,
look in /var/lib/tor or ~/.tor)
@ -289,7 +289,18 @@ ports are 22, 110, and 143.
</p>
<p>
10. (Unix only). Make a separate user to run the server. If you
10. If your Tor server provides other services on the same IP address
&mdash; such as a public webserver &mdash; make sure that connections to the
webserver are allowed from the local host too. You need to allow these
connections because Tor clients will detect that your Tor server is the <a
href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">safest
way to reach that webserver</a>, and always build a circuit that ends
at your server. If you don't want to allow the connections, you must
explicitly reject them in your exit policy.
</p>
<p>
11. (Unix only). Make a separate user to run the server. If you
installed the OS X package or the deb or the rpm, this is already
done. Otherwise, you can do it by hand. (The Tor server doesn't need to
be run as root, so it's good practice to not run it as root. Running
@ -300,7 +311,7 @@ into a chroot jail</a>.)
</p>
<p>
11. (Unix only.) Your operating system probably limits the number
12. (Unix only.) Your operating system probably limits the number
of open file descriptors per process to 1024 (or even less). If you
plan to be running a fast exit node, this is probably not enough. On
Linux, you should add a line like "toruser hard nofile 8192" to your
@ -313,7 +324,7 @@ you launch Tor.
</p>
<p>
12. If you installed Tor via some package or installer, it probably starts
13. If you installed Tor via some package or installer, it probably starts
Tor for you automatically on boot. But if you installed from source,
you may find the initscripts in contrib/tor.sh or contrib/torctl useful.
</p>