summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-09-19 13:36:43 -0400
committerNick Mathewson <nickm@torproject.org>2017-09-19 13:36:43 -0400
commita2caa466eed1715603ece5bd7e74536f834e075e (patch)
tree19e0f3c9551e848fc63d6549a6ceaf8f62d93ced /doc
parent7fcae5bffa336e089b6b0dd9e30504f08f9f3976 (diff)
parent29e98d16d2efade887367c3c81fb0bbdeba943ef (diff)
downloadtor-a2caa466eed1715603ece5bd7e74536f834e075e.tar.gz
tor-a2caa466eed1715603ece5bd7e74536f834e075e.zip
Merge branch 'ticket21405'
Diffstat (limited to 'doc')
-rw-r--r--doc/tor.1.txt40
1 files changed, 24 insertions, 16 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index ae04bfff5e..38c3fe42b2 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -251,7 +251,9 @@ GENERAL OPTIONS
[[ClientTransportPlugin]] **ClientTransportPlugin** __transport__ socks4|socks5 __IP__:__PORT__::
**ClientTransportPlugin** __transport__ exec __path-to-binary__ [options]::
In its first form, when set along with a corresponding Bridge line, the Tor
- client forwards its traffic to a SOCKS-speaking proxy on "IP:PORT". It's the
+ client forwards its traffic to a SOCKS-speaking proxy on "IP:PORT".
+ (IPv4 addresses should written as-is; IPv6 addresses should be wrapped in
+ square brackets.) It's the
duty of that proxy to properly forward the traffic to the bridge. +
+
In its second form, when set along with a corresponding Bridge line, the Tor
@@ -268,7 +270,8 @@ GENERAL OPTIONS
[[ServerTransportListenAddr]] **ServerTransportListenAddr** __transport__ __IP__:__PORT__::
When this option is set, Tor will suggest __IP__:__PORT__ as the
listening address of any pluggable transport proxy that tries to
- launch __transport__.
+ launch __transport__. (IPv4 addresses should written as-is; IPv6
+ addresses should be wrapped in square brackets.)
[[ServerTransportOptions]] **ServerTransportOptions** __transport__ __k=v__ __k=v__ ...::
When this option is set, Tor will pass the __k=v__ parameters to
@@ -412,7 +415,7 @@ GENERAL OPTIONS
DataDirectory. If the option is set to 1, make the DataDirectory readable
by the default GID. (Default: 0)
-[[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__ id=__fingerprint__ [weight=__num__] [ipv6=__address__:__orport__]::
+[[FallbackDir]] **FallbackDir** __ipv4address__:__port__ orport=__port__ id=__fingerprint__ [weight=__num__] [ipv6=**[**__ipv6address__**]**:__orport__]::
When we're unable to connect to any directory cache for directory info
(usually because we don't know about any yet) we try a directory authority.
Clients also simultaneously try a FallbackDir, to avoid hangs on client
@@ -428,7 +431,7 @@ GENERAL OPTIONS
FallbackDir line is present, it replaces the hard-coded FallbackDirs,
regardless of the value of UseDefaultFallbackDirs.) (Default: 1)
-[[DirAuthority]] **DirAuthority** [__nickname__] [**flags**] __address__:__port__ __fingerprint__::
+[[DirAuthority]] **DirAuthority** [__nickname__] [**flags**] __ipv4address__:__port__ __fingerprint__::
Use a nonstandard authoritative directory server at the provided address
and port, with the specified key fingerprint. This option can be repeated
many times, for multiple authoritative directory servers. Flags are
@@ -442,11 +445,12 @@ GENERAL OPTIONS
with probability proportional to that weight (default 1.0). If a
flag "v3ident=**fp**" is given, the dirserver is a v3 directory authority
whose v3 long-term signing key has the fingerprint **fp**. Lastly,
- if an "ipv6=__address__:__orport__" flag is present, then the directory
+ if an "ipv6=**[**__ipv6address__**]**:__orport__" flag is present, then
+ the directory
authority is listening for IPv6 connections on the indicated IPv6 address
and OR Port. +
+
- Tor will contact the authority at __address__ to
+ Tor will contact the authority at __ipv4address__ to
download directory documents. The provided __port__ value is a dirport;
clients ignore this in favor of the specified "orport=" value. If an
IPv6 ORPort is supplied, Tor will
@@ -464,9 +468,9 @@ GENERAL OPTIONS
chosen with their regular weights, multiplied by this number, which
should be 1.0 or less. (Default: 1.0)
-[[AlternateDirAuthority]] **AlternateDirAuthority** [__nickname__] [**flags**] __address__:__port__ __fingerprint__ +
+[[AlternateDirAuthority]] **AlternateDirAuthority** [__nickname__] [**flags**] __ipv4address__:__port__ __fingerprint__ +
-[[AlternateBridgeAuthority]] **AlternateBridgeAuthority** [__nickname__] [**flags**] __address__:__port__ __ fingerprint__::
+[[AlternateBridgeAuthority]] **AlternateBridgeAuthority** [__nickname__] [**flags**] __ipv4address__:__port__ __ fingerprint__::
These options behave as DirAuthority, but they replace fewer of the
default directory authorities. Using
AlternateDirAuthority replaces the default Tor directory authorities, but
@@ -656,6 +660,7 @@ GENERAL OPTIONS
is only useful when you have multiple network interfaces, and you want all
of Tor's outgoing connections to use a single one. This option may
be used twice, once with an IPv4 address and once with an IPv6 address.
+ IPv6 addresses should be wrapped in square brackets.
This setting will be ignored for connections to the loopback addresses
(127.0.0.0/8 and ::1).
@@ -664,14 +669,17 @@ GENERAL OPTIONS
originate from the IP address specified. This option overrides
**OutboundBindAddress** for the same IP version. This option may
be used twice, once with an IPv4 address and once with an IPv6
- address. This setting will be ignored for connections to the loopback
+ address. IPv6 addresses should be wrapped in square brackets.
+ This setting will be ignored for connections to the loopback
addresses (127.0.0.0/8 and ::1).
[[OutboundBindAddressExit]] **OutboundBindAddressExit** __IP__::
Make all outbound exit connections originate from the IP address
specified. This option overrides **OutboundBindAddress** for the
same IP version. This option may be used twice, once with an IPv4
- address and once with an IPv6 address. This setting will be ignored
+ address and once with an IPv6 address.
+ IPv6 addresses should be wrapped in square brackets.
+ This setting will be ignored
for connections to the loopback addresses (127.0.0.0/8 and ::1).
[[PidFile]] **PidFile** __FILE__::
@@ -994,7 +1002,7 @@ The following options are useful only for clients (that is, if
**FascistFirewall** is set. This option is deprecated; use ReachableAddresses
instead. (Default: 80, 443)
-[[ReachableAddresses]] **ReachableAddresses** __ADDR__[/__MASK__][:__PORT__]...::
+[[ReachableAddresses]] **ReachableAddresses** __IP__[/__MASK__][:__PORT__]...::
A comma-separated list of IP addresses and ports that your firewall allows
you to connect to. The format is as for the addresses in ExitPolicy, except
that "accept" is understood unless "reject" is explicitly provided. For
@@ -1003,7 +1011,7 @@ The following options are useful only for clients (that is, if
99, rejects port 80 connections to net 18, and accepts connections to port
80 otherwise. (Default: \'accept \*:*'.)
-[[ReachableDirAddresses]] **ReachableDirAddresses** __ADDR__[/__MASK__][:__PORT__]...::
+[[ReachableDirAddresses]] **ReachableDirAddresses** __IP__[/__MASK__][:__PORT__]...::
Like **ReachableAddresses**, a list of addresses and ports. Tor will obey
these restrictions when fetching directory information, using standard HTTP
GET requests. If not set explicitly then the value of
@@ -1011,7 +1019,7 @@ The following options are useful only for clients (that is, if
connections will go through that proxy. (DEPRECATED: This option has
had no effect for some time.)
-[[ReachableORAddresses]] **ReachableORAddresses** __ADDR__[/__MASK__][:__PORT__]...::
+[[ReachableORAddresses]] **ReachableORAddresses** __IP__[/__MASK__][:__PORT__]...::
Like **ReachableAddresses**, a list of addresses and ports. Tor will obey
these restrictions when connecting to Onion Routers, using TLS/SSL. If not
set explicitly then the value of **ReachableAddresses** is used. If
@@ -1334,9 +1342,9 @@ The following options are useful only for clients (that is, if
helps to determine whether an application using Tor is possibly leaking
DNS requests. (Default: 0)
-[[VirtualAddrNetworkIPv4]] **VirtualAddrNetworkIPv4** __Address__/__bits__ +
+[[VirtualAddrNetworkIPv4]] **VirtualAddrNetworkIPv4** __IPv4Address__/__bits__ +
-[[VirtualAddrNetworkIPv6]] **VirtualAddrNetworkIPv6** [__Address__]/__bits__::
+[[VirtualAddrNetworkIPv6]] **VirtualAddrNetworkIPv6** [__IPv6Address__]/__bits__::
When Tor needs to assign a virtual (unused) address because of a MAPADDRESS
command from the controller or the AutomapHostsOnResolve feature, Tor
picks an unassigned address from this range. (Defaults:
@@ -1956,7 +1964,7 @@ is non-zero):
correct this. This option only affects name lookups that your server does
on behalf of clients. (Default: 1)
-[[ServerDNSTestAddresses]] **ServerDNSTestAddresses** __address__,__address__,__...__::
+[[ServerDNSTestAddresses]] **ServerDNSTestAddresses** __hostname__,__hostname__,__...__::
When we're detecting DNS hijacking, make sure that these __valid__ addresses
aren't getting redirected. If they are, then our DNS is completely useless,
and we'll reset our exit policy to "reject \*:*". This option only affects