diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-03-03 10:45:39 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2014-03-03 10:45:39 -0500 |
| commit | 4050dfa320e3322beb263bff3afc1db10df5af96 (patch) | |
| tree | 1fa8529e760c165c9dae8e8a8f566d748b0c0b7e /doc | |
| parent | d98f743b282a8b28ed8d2d14db3bbfee40c5e6b0 (diff) | |
| download | tor-4050dfa320e3322beb263bff3afc1db10df5af96.tar.gz tor-4050dfa320e3322beb263bff3afc1db10df5af96.zip | |
Warn if ports are specified in {Socks,Dir}Policy
We have ignored any ports listed here since 80365b989 (0.0.7rc1),
but we didn't warn the user that we were ignoring them. This patch
adds a warning if you put explicit ports in any of the options
{Socks,Dir}Policy or AuthDir{Reject,Invalid,BadDir,BadExit}. It
also adjusts the manpage to say that ports are ignored.
Fixes ticket 11108.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/tor.1.txt | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 2b6de2ab61..31a56e92ef 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1025,7 +1025,7 @@ The following options are useful only for clients (that is, if [[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__:: Set an entrance policy for this server, to limit who can connect to the SocksPort and DNSPort ports. The policies have the same form as exit - policies below. + policies below, except that port specifiers are ignored. [[SocksTimeout]] **SocksTimeout** __NUM__:: Let a socks connection wait NUM seconds handshaking, and NUM seconds @@ -1822,7 +1822,8 @@ if DirPort is non-zero): [[DirPolicy]] **DirPolicy** __policy__,__policy__,__...__:: Set an entrance policy for this server, to limit who can connect to the - directory ports. The policies have the same form as exit policies above. + directory ports. The policies have the same form as exit policies above, + except that port specifiers are ignored. [[FetchV2Networkstatus]] **FetchV2Networkstatus** **0**|**1**:: If set, we try to fetch the (obsolete, unused) version 2 network status @@ -1866,7 +1867,11 @@ DIRECTORY AUTHORITY SERVER OPTIONS [[AuthDirBadDir]] **AuthDirBadDir** __AddressPattern...__:: Authoritative directories only. A set of address patterns for servers that will be listed as bad directories in any network status document this - authority publishes, if **AuthDirListBadDirs** is set. + authority publishes, if **AuthDirListBadDirs** is set. + + + + (The address pattern syntax here and in the options below + is the same as for exit policies, except that you don't need to say + "accept" or "reject", and ports are not needed.) [[AuthDirBadExit]] **AuthDirBadExit** __AddressPattern...__:: Authoritative directories only. A set of address patterns for servers that |