document ReachableDirAddresses and ReachableORAddresses

svn:r6011

2 files changed, 25 insertions, 3 deletions

diff --git a/doc/TODO b/doc/TODO
index 7e2dfb35db..3aef8c416d 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -37,7 +37,7 @@ N - building on freebsd 6.0: (with multiple openssl installations)
       by default, if it works?
 
   o Split into ReachableDirAddresses and ReachableORAddresses
-    - document
+    o document
 R - Jan 26 10:25:04.832 [warn] add_an_entry_guard(): Tried finding a
     new entry, but failed. Bad news. XXX.
 N - look at the proposed os x uninstaller:
diff --git a/doc/tor.1.in b/doc/tor.1.in
index 2ffbc9e175..0e01f3ab62 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -267,8 +267,8 @@ ReachableAddresses instead. (Default: 80, 443)
 .LP
 .TP
 \fBReachableAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
-A comma-separated list of IPs that your firewall allows you to connect
-to. The format is as
+A comma-separated list of IP addressess and ports that your firewall allows you
+to connect to. The format is as
 for the addresses in ExitPolicy, except that "accept" is understood
 unless "reject" is explicitly provided.  For example, 'ReachableAddresses
 99.0.0.0/8, reject 18.0.0.0/8:80, accept *:80' means that your
@@ -277,6 +277,28 @@ firewall allows connections to everything inside net 99, rejects port
 (Default: 'accept *:*'.)
 .LP
 .TP
+\fBReachableDirAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
+Like \fBReachableAddresses\fP, a list of addresses and ports.  Tor will obey
+these restrictions when fetching directory information, using standard HTTP
+GET requests. If not set explicitly then the value of \fBfBReachableAddresses\fP
+is used.  If \fBHttpProxy\fR is set then these connections will go through that
+proxy.
+.LP
+.TP
+\fBReachableORAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
+Like \fBReachableAddresses\fP, a list of addresses and ports.  Tor will obey
+these restrictions when connecting to Onion Routers, using TLS/SSL.  If not set
+explicitly then the value of \fBfBReachableAddresses\fP is used. If
+\fBHttpsProxy\fR is set then these connections will go through that proxy.
+
+The separation between \fBReachableORAddresses\fP and
+\fBReachableDirAddresses\fP is only interesting when you are connecting through
+proxies (see \fBHttpProxy\fR and \fBHttpsProxy\fR).  Most proxies limit TLS
+connections (which Tor uses to connect to Onion Routers) to port 443, and some
+limit HTTP GET requests (which Tor uses for fetching directory information) to
+port 80.
+.LP
+.TP
 \fBLongLivedPorts \fR\fIPORTS\fP
 A list of ports for services that tend to have long-running connections
 (e.g. chat and interactive shells). Circuits for streams that use these