r11615@catbus: nickm | 2007-01-31 01:15:06 -0500

 Documentation patch from ioerror for TransPort and related issues.


svn:r9470

1 files changed, 31 insertions, 3 deletions

diff --git a/doc/tor.1.in b/doc/tor.1.in
index 4a2fec85a7..d1be79619f 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -89,11 +89,11 @@ Windows since that platform lacks getrlimit(). (Default: 1000)
 .TP
 \fBControlPort \fR\fIPort\fP
 If set, Tor will accept connections on
-this port, and allow those connections to control the Tor process using the
+this port (Usually: 9051), and allow those connections to control the Tor process using the
 Tor Control Protocol (described in control-spec.txt).  Note: unless you also
 specify one of \fBHashedControlPassword\fP or \fBCookieAuthentication\fP,
 setting this option will cause Tor to allow any process on the local host to
-control it.
+control it. This option is required if you would like to use Tor with \fBdns-proxy-tor\fP.
 .LP
 .TP
 \fBControlListenAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
@@ -526,6 +526,13 @@ leaking DNS requests.
 When a controller asks for a virtual (unused) address with the
 'MAPADDRESS' command, Tor picks an unassigned address from this range.
 (Default: 127.192.0.0/10)
+
+When using \fBdns-proxy-tor\fP to answer queries over a network you'll 
+want to change this address to "10.192.0.0/10" or "172.16.0.0/12".
+The default \fBVirtualAddrNetwork \fR\fIAddress\fB address range on a 
+properly configured machine will route to the loopback interface. 
+For local use \fBdns-proxy-tor\fP doesn't require a change to the 
+default \fBVirtualAddrNetwork \fR\fIAddress\fB setting.
 .LP
 .TP
 \fBAllowNonRFC953Hostnames \fR\fB0\fR|\fB1\fR\fP
@@ -542,7 +549,28 @@ safe since we have already used TLS to authenticate the server and to
 establish forward-secure keys.  Turning this option off makes circuit
 building slower.
 (Default: 1)
-
+.LP
+.TP
+\fBTransPort\fP \fR\fIPORT\fP
+Enable transparent proxy support on \fR\fIPORT\fP (Usually: 9040).
+This is required to enable support for \fBdns-proxy-tor\fP.
+ControlPort must be set when using \fBTransPort\fP. If you're planning 
+to use Tor as a transparent proxy for a network, you'll want to examine 
+and change VirtualAddrNetwork from the default setting. You'll also want
+to set the TransListenAddress option for the network you'd like to proxy.
+.LP
+.TP
+\fBTransListenAddress\fP \fR\fIAddress\fB/\fIbits\fP
+Optionally listen on \fR\fIAddress\fB/\fIbits\fP as a transparent proxy 
+server. This is useful for exporting a transparent proxy server 
+to an entire network.
+.LP
+.TP
+\fBNatdPort\fP \fR\fIPORT\fP
+This option allows users of ipfw (FreeBSD, etc) to send connections through tor in a manner
+similar to the TransPort. This option is only for people who cannot use TransPort.
+.LP
+.TP
 .SH SERVER OPTIONS
 .PP
 The following options are useful only for servers (that is, if \fBORPort\fP is non-zero):