diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-01-31 21:48:51 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-01-31 21:48:51 +0000 |
| commit | eb3cc1e40586c506bd8779fa0b4b006a333a84d7 (patch) | |
| tree | 15222cbe91953941ff6a1a64f8c3886299e9f2dc /doc/tor.1.in | |
| parent | e7ac17fdf51f0c91af7640f10fac80f203f4f259 (diff) | |
| download | tor-eb3cc1e40586c506bd8779fa0b4b006a333a84d7.tar.gz tor-eb3cc1e40586c506bd8779fa0b4b006a333a84d7.zip | |
r11615@catbus: nickm | 2007-01-31 01:15:06 -0500
Documentation patch from ioerror for TransPort and related issues.
svn:r9470
Diffstat (limited to 'doc/tor.1.in')
| -rw-r--r-- | doc/tor.1.in | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/doc/tor.1.in b/doc/tor.1.in index 4a2fec85a7..d1be79619f 100644 --- a/doc/tor.1.in +++ b/doc/tor.1.in @@ -89,11 +89,11 @@ Windows since that platform lacks getrlimit(). (Default: 1000) .TP \fBControlPort \fR\fIPort\fP If set, Tor will accept connections on -this port, and allow those connections to control the Tor process using the +this port (Usually: 9051), and allow those connections to control the Tor process using the Tor Control Protocol (described in control-spec.txt). Note: unless you also specify one of \fBHashedControlPassword\fP or \fBCookieAuthentication\fP, setting this option will cause Tor to allow any process on the local host to -control it. +control it. This option is required if you would like to use Tor with \fBdns-proxy-tor\fP. .LP .TP \fBControlListenAddress \fR\fIIP\fR[:\fIPORT\fR]\fP @@ -526,6 +526,13 @@ leaking DNS requests. When a controller asks for a virtual (unused) address with the 'MAPADDRESS' command, Tor picks an unassigned address from this range. (Default: 127.192.0.0/10) + +When using \fBdns-proxy-tor\fP to answer queries over a network you'll +want to change this address to "10.192.0.0/10" or "172.16.0.0/12". +The default \fBVirtualAddrNetwork \fR\fIAddress\fB address range on a +properly configured machine will route to the loopback interface. +For local use \fBdns-proxy-tor\fP doesn't require a change to the +default \fBVirtualAddrNetwork \fR\fIAddress\fB setting. .LP .TP \fBAllowNonRFC953Hostnames \fR\fB0\fR|\fB1\fR\fP @@ -542,7 +549,28 @@ safe since we have already used TLS to authenticate the server and to establish forward-secure keys. Turning this option off makes circuit building slower. (Default: 1) - +.LP +.TP +\fBTransPort\fP \fR\fIPORT\fP +Enable transparent proxy support on \fR\fIPORT\fP (Usually: 9040). +This is required to enable support for \fBdns-proxy-tor\fP. +ControlPort must be set when using \fBTransPort\fP. If you're planning +to use Tor as a transparent proxy for a network, you'll want to examine +and change VirtualAddrNetwork from the default setting. You'll also want +to set the TransListenAddress option for the network you'd like to proxy. +.LP +.TP +\fBTransListenAddress\fP \fR\fIAddress\fB/\fIbits\fP +Optionally listen on \fR\fIAddress\fB/\fIbits\fP as a transparent proxy +server. This is useful for exporting a transparent proxy server +to an entire network. +.LP +.TP +\fBNatdPort\fP \fR\fIPORT\fP +This option allows users of ipfw (FreeBSD, etc) to send connections through tor in a manner +similar to the TransPort. This option is only for people who cannot use TransPort. +.LP +.TP .SH SERVER OPTIONS .PP The following options are useful only for servers (that is, if \fBORPort\fP is non-zero): |