diff options
author | Roger Dingledine <arma@torproject.org> | 2006-02-13 06:25:16 +0000 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2006-02-13 06:25:16 +0000 |
commit | 350313d77a1b9dc20abae088ca9db7662dd8a80b (patch) | |
tree | b1722b63b6331fcff7e81fd7e75eb618892e95ec /doc | |
parent | 1181ae61aef77aa505542433c801791b9b13a522 (diff) | |
download | tor-350313d77a1b9dc20abae088ca9db7662dd8a80b.tar.gz tor-350313d77a1b9dc20abae088ca9db7662dd8a80b.zip |
Let the users set ControlListenAddress in the torrc.
This can be dangerous, but there are some cases (like a secured
LAN) where it makes sense.
svn:r5997
Diffstat (limited to 'doc')
-rw-r--r-- | doc/TODO | 7 | ||||
-rw-r--r-- | doc/tor.1.in | 10 |
2 files changed, 10 insertions, 7 deletions
@@ -51,17 +51,12 @@ N - look at the proposed os x uninstaller: when they feel like it. - update dir-spec with what we decided for each of these N - commit edmanm's win32 makefile to tor cvs contrib - o add a GUARD flag to the network-status entries. - o Clients use it. (But not till the directories have upgraded!) - when logging unknown http headers, this could include bad escape codes? - more generally, attacker-controller log entries with newlines in them are dangerous for our users. - make log entries include function names in win32 again. - Make "setconf" and "hup" behavior cleaner for LINELIST config options (e.g. Log). Bug 238. - o Were we going to load unrecognized 'state' variables into some - list somewhere, and write them out whenever we update the state? - To be forwards and backwards compatible. R - streamline how we define a guard node as 'up'. document it somewhere. R - reduce log severity for guard nodes. @@ -70,7 +65,7 @@ R - failed rend desc fetches sometimes don't get retried. R - Add config options to not publish and not fetch rend descs. - Add controller interfaces to hear rend desc events and learn about rend descs. In base16 I guess for now. -R - let controlport be configurable on other interfaces + o let controlport be configurable on other interfaces R - look into "uncounting" bytes spent on local connections. so we can bandwidthrate but still have fast downloads. N . Clean and future-proof exit policy formats a bit. diff --git a/doc/tor.1.in b/doc/tor.1.in index 4b61025b1b..2ffbc9e175 100644 --- a/doc/tor.1.in +++ b/doc/tor.1.in @@ -61,7 +61,7 @@ Windows since that platform lacks getrlimit(). (Default: 1024) .LP .TP \fBControlPort \fR\fIPort\fP -If set, Tor will accept connections from the same machine (localhost only) on +If set, Tor will accept connections on this port, and allow those connections to control the Tor process using the Tor Control Protocol (described in control-spec.txt). Note: unless you also specify one of \fBHashedControlPassword\fP or \fBCookieAuthentication\fP, @@ -69,6 +69,14 @@ setting this option will cause Tor to allow any process on the local host to control it. .LP .TP +\fBControlListenAddress \fR\fIIP\fR[:\fIPORT\fR]\fP +Bind the controller listener to this address. If you specify a port, +bind to this port rather than the one specified in ControlPort. We +strongly recommend that you leave this alone unless you know what you're +doing, since giving attackers access to your control listener is really +dangerous. (Default: 127.0.0.1) +.LP +.TP \fBHashedControlPassword \fR\fIhashed_password\fP Don't allow any connections on the control port except when the other process knows the password whose one-way hash is \fIhashed_password\fP. You can |