diff options
| author | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2015-09-22 11:41:16 +1000 |
|---|---|---|
| committer | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2015-09-22 11:41:16 +1000 |
| commit | 249e82c906bbab12ed7a1bdab7b89289fc6dcc1c (patch) | |
| tree | 59b54d1d114170aeb7ee8bea42cc954249e10ff8 | |
| parent | d27534eeb534d96a76487b3c0cd2cef4ff7cccc7 (diff) | |
| download | tor-249e82c906bbab12ed7a1bdab7b89289fc6dcc1c.tar.gz tor-249e82c906bbab12ed7a1bdab7b89289fc6dcc1c.zip | |
Update docs with advice for separate IPv4 and IPv6 exit policies
Advise users how to configure separate IPv4 and IPv6 exit
policies in the manpage and sample torrcs.
Related to fixes in ticket #16069 and #17027. Patch by "teor".
Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012),
released in 0.2.4.7-alpha.
| -rw-r--r-- | changes/ipv6-exitpolicy-docs | 8 | ||||
| -rw-r--r-- | doc/tor.1.txt | 10 | ||||
| -rw-r--r-- | src/config/torrc.minimal.in-staging | 16 | ||||
| -rw-r--r-- | src/config/torrc.sample.in | 16 |
4 files changed, 37 insertions, 13 deletions
diff --git a/changes/ipv6-exitpolicy-docs b/changes/ipv6-exitpolicy-docs new file mode 100644 index 0000000000..033c28385f --- /dev/null +++ b/changes/ipv6-exitpolicy-docs @@ -0,0 +1,8 @@ + o Minor bug fixes (documentation, torrc exit policies): + - Advise users how to configure separate IPv4 and IPv6 exit + policies in the manpage and sample torrcs. + - Fixup formatting errors in the documentation changes from + tickets #16069 and #17027. + Related to fixes in ticket #16069 and #17027. Patch by "teor". + Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012), + released in 0.2.4.7-alpha. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 736cf75b51..38d0990e66 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1570,9 +1570,13 @@ is non-zero): all on one line. + + Policies are considered first to last, and the first match wins. If you - want to \_replace_ the default exit policy, end your exit policy with - either a reject \*:* or an accept \*:*. Otherwise, you're \_augmenting_ - (prepending to) the default exit policy. The default exit policy is: + + want to allow the same ports on IPv4 and IPv6, write your rules using + accept/reject *. If you want to allow different ports on IPv4 and IPv6, + write your IPv6 rules using accept6/reject6 *6, and your IPv4 rules using + accept/reject *4. If you want to \_replace_ the default exit policy, end + your exit policy with either a reject \*:* or an accept \*:*. Otherwise, + you're \_augmenting_ (prepending to) the default exit policy. The default + exit policy is: + reject *:25 reject *:119 diff --git a/src/config/torrc.minimal.in-staging b/src/config/torrc.minimal.in-staging index ed3300fdcc..e3b528fcd0 100644 --- a/src/config/torrc.minimal.in-staging +++ b/src/config/torrc.minimal.in-staging @@ -1,5 +1,5 @@ ## Configuration file for a typical Tor user -## Last updated 15 September 2015 for Tor 0.2.7.3-alpha. +## Last updated 22 September 2015 for Tor 0.2.7.3-alpha. ## (may or may not work for much older or much newer versions of Tor.) ## ## Lines that begin with "## " try to explain what's going on. Lines @@ -157,10 +157,16 @@ #MyFamily $keyid,$keyid,... ## A comma-separated list of exit policies. They're considered first -## to last, and the first match wins. If you want to _replace_ -## the default exit policy, end this with either a reject *:* or an -## accept *:*. Otherwise, you're _augmenting_ (prepending to) the -## default exit policy. Leave commented to just use the default, which is +## to last, and the first match wins. +## +## If you want to allow the same ports on IPv4 and IPv6, write your rules +## using accept/reject *. If you want to allow different ports on IPv4 and +## IPv6, write your IPv6 rules using accept6/reject6 *6, and your IPv4 rules +## using accept/reject *4. +## +## If you want to _replace_ the default exit policy, end this with either a +## reject *:* or an accept *:*. Otherwise, you're _augmenting_ (prepending to) +## the default exit policy. Leave commented to just use the default, which is ## described in the man page or at ## https://www.torproject.org/documentation.html ## diff --git a/src/config/torrc.sample.in b/src/config/torrc.sample.in index ed3300fdcc..e3b528fcd0 100644 --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in @@ -1,5 +1,5 @@ ## Configuration file for a typical Tor user -## Last updated 15 September 2015 for Tor 0.2.7.3-alpha. +## Last updated 22 September 2015 for Tor 0.2.7.3-alpha. ## (may or may not work for much older or much newer versions of Tor.) ## ## Lines that begin with "## " try to explain what's going on. Lines @@ -157,10 +157,16 @@ #MyFamily $keyid,$keyid,... ## A comma-separated list of exit policies. They're considered first -## to last, and the first match wins. If you want to _replace_ -## the default exit policy, end this with either a reject *:* or an -## accept *:*. Otherwise, you're _augmenting_ (prepending to) the -## default exit policy. Leave commented to just use the default, which is +## to last, and the first match wins. +## +## If you want to allow the same ports on IPv4 and IPv6, write your rules +## using accept/reject *. If you want to allow different ports on IPv4 and +## IPv6, write your IPv6 rules using accept6/reject6 *6, and your IPv4 rules +## using accept/reject *4. +## +## If you want to _replace_ the default exit policy, end this with either a +## reject *:* or an accept *:*. Otherwise, you're _augmenting_ (prepending to) +## the default exit policy. Leave commented to just use the default, which is ## described in the man page or at ## https://www.torproject.org/documentation.html ## |