summaryrefslogtreecommitdiff
path: root/doc/tor.1.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/tor.1.txt')
-rw-r--r--doc/tor.1.txt335
1 files changed, 267 insertions, 68 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 773fccf536..56d163bb21 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2,6 +2,8 @@
// See LICENSE for licensing information
// This is an asciidoc file used to generate the manpage/html reference.
// Learn asciidoc on http://www.methods.co.nz/asciidoc/userguide.html
+:man source: Tor
+:man manual: Tor Manual
TOR(1)
======
@@ -122,42 +124,42 @@ option name with a forward slash.
GENERAL OPTIONS
---------------
-**BandwidthRate** __N__ **bytes**|**KB**|**MB**|**GB**::
+**BandwidthRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
A token bucket limits the average incoming bandwidth usage on this node to
the specified number of bytes per second, and the average outgoing
bandwidth usage to that same value. If you want to run a relay in the
- public network, this needs to be _at the very least_ 30 KB (that is,
- 30720 bytes). (Default: 5 MB)
+ public network, this needs to be _at the very least_ 30 KBytes (that is,
+ 30720 bytes). (Default: 1 GByte)
-**BandwidthBurst** __N__ **bytes**|**KB**|**MB**|**GB**::
+**BandwidthBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
Limit the maximum token bucket size (also known as the burst) to the given
- number of bytes in each direction. (Default: 10 MB)
+ number of bytes in each direction. (Default: 1 GByte)
-**MaxAdvertisedBandwidth** __N__ **bytes**|**KB**|**MB**|**GB**::
+**MaxAdvertisedBandwidth** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
If set, we will not advertise more than this amount of bandwidth for our
BandwidthRate. Server operators who want to reduce the number of clients
who ask to build circuits through them (since this is proportional to
advertised bandwidth rate) can thus reduce the CPU demands on their server
without impacting network performance.
-**RelayBandwidthRate** __N__ **bytes**|**KB**|**MB**|**GB**::
+**RelayBandwidthRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
If not 0, a separate token bucket limits the average incoming bandwidth
usage for \_relayed traffic_ on this node to the specified number of bytes
per second, and the average outgoing bandwidth usage to that same value.
Relayed traffic currently is calculated to include answers to directory
requests, but that may change in future versions. (Default: 0)
-**RelayBandwidthBurst** __N__ **bytes**|**KB**|**MB**|**GB**::
+**RelayBandwidthBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
If not 0, limit the maximum token bucket size (also known as the burst) for
\_relayed traffic_ to the given number of bytes in each direction.
(Default: 0)
-**PerConnBWRate** __N__ **bytes**|**KB**|**MB**|**GB**::
+**PerConnBWRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
If set, do separate rate limiting for each connection from a non-relay.
You should never need to change this value, since a network-wide value is
published in the consensus and your relay will use that value. (Default: 0)
-**PerConnBWBurst** __N__ **bytes**|**KB**|**MB**|**GB**::
+**PerConnBWBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
If set, do separate rate limiting for each connection from a non-relay.
You should never need to change this value, since a network-wide value is
published in the consensus and your relay will use that value. (Default: 0)
@@ -179,6 +181,11 @@ GENERAL OPTIONS
using __options__ as its command-line options, and expects to receive
proxied client traffic from it.
+**ServerTransportListenAddr** __transport__ __IP__:__PORT__::
+ When this option is set, Tor will suggest __IP__:__PORT__ as the
+ listening address of any pluggable transport proxy that tries to
+ launch __transport__.
+
**ConnLimit** __NUM__::
The minimum number of file descriptors that must be available to the Tor
process before it will start. Tor will ask the OS for as many file
@@ -215,7 +222,7 @@ GENERAL OPTIONS
the TCP stream and will reduce throughput in proportion to round trip
time on long paths. (Default: 0)
-**ConstrainedSockSize** __N__ **bytes**|**KB**::
+**ConstrainedSockSize** __N__ **bytes**|**KBytes**::
When **ConstrainedSockets** is enabled the receive and transmit buffers for
all sockets will be set to this limit. Must be a value between 2048 and
262144, in 1024 byte increments. Default of 8192 is recommended.
@@ -285,7 +292,12 @@ GENERAL OPTIONS
**DataDirectory** __DIR__::
Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
-**DirServer** [__nickname__] [**flags**] __address__:__port__ __fingerprint__::
+**FallbackDir** __address__:__port__ orport=__port__ id=__fingerprint__ [weight=__num__]::
+ When we're unable to connect to any directory cache for directory info
+ (usually because we don't know about any yet) we try a FallbackDir.
+ By default, the directory authorities are also FallbackDirs.
+
+**DirAuthority** [__nickname__] [**flags**] __address__:__port__ __fingerprint__::
Use a nonstandard authoritative directory server at the provided address
and port, with the specified key fingerprint. This option can be repeated
many times, for multiple authoritative directory servers. Flags are
@@ -298,16 +310,24 @@ GENERAL OPTIONS
flag is set, or if the "v1" flag is set and the "no-hs" flag is **not** set.
Tor will use this authority as a bridge authoritative directory if the
"bridge" flag is set. If a flag "orport=**port**" is given, Tor will use the
- given port when opening encrypted tunnels to the dirserver. Lastly, if a
+ given port when opening encrypted tunnels to the dirserver. If a flag
+ "weight=**num**" is given, then the directory server is chosen randomly
+ with probability proportional to that weight (default 1.0). Lastly, if a
flag "v3ident=**fp**" is given, the dirserver is a v3 directory authority
whose v3 long-term signing key has the fingerprint **fp**. +
+
- If no **dirserver** line is given, Tor will use the default directory
- servers. NOTE: this option is intended for setting up a private Tor
+ If no **DirAuthority** line is given, Tor will use the default directory
+ authorities. NOTE: this option is intended for setting up a private Tor
network with its own directory authorities. If you use it, you will be
distinguishable from other users, because you won't believe the same
authorities they do.
+**DirAuthorityFallbackRate** __NUM__::
+ When configured to use both directory authorities and fallback
+ directories, the directory authorities also work as fallbacks. They are
+ chosen with their regular weights, multiplied by this number, which
+ should be 1.0 or less. (Default: 1.0)
+
**DynamicDHGroups** **0**|**1**::
If this option is set to 1, when running as a server, generate our
own Diffie-Hellman group instead of using the one from Apache's mod_ssl.
@@ -319,7 +339,7 @@ GENERAL OPTIONS
**AlternateHSAuthority** [__nickname__] [**flags**] __address__:__port__ __fingerprint__ +
**AlternateBridgeAuthority** [__nickname__] [**flags**] __address__:__port__ __ fingerprint__::
- These options behave as DirServer, but they replace fewer of the
+ These options behave as DirAuthority, but they replace fewer of the
default directory authorities. Using
AlternateDirAuthority replaces the default Tor directory authorities, but
leaves the default hidden service authorities and bridge authorities in
@@ -470,8 +490,10 @@ GENERAL OPTIONS
**OutboundBindAddress** __IP__::
Make all outbound connections originate from the IP address specified. This
is only useful when you have multiple network interfaces, and you want all
- of Tor's outgoing connections to use a single one. This setting will be
- ignored for connections to the loopback addresses (127.0.0.0/8 and ::1).
+ of Tor's outgoing connections to use a single one. This option may
+ be used twice, once with an IPv4 address and once with an IPv6 address.
+ This setting will be ignored for connections to the loopback addresses
+ (127.0.0.0/8 and ::1).
**PidFile** __FILE__::
On startup, write our PID to FILE. On clean shutdown, remove
@@ -657,7 +679,11 @@ The following options are useful only for clients (that is, if
Note also that if you are a relay, this (and the other node selection
options below) only affects your own circuits that Tor builds for you.
Clients can still build circuits through you to any node. Controllers
- can tell Tor to build circuits through any node.
+ can tell Tor to build circuits through any node. +
+ +
+ Country codes are case-insensitive. The code "\{??}" refers to nodes whose
+ country can't be identified. No country code, including \{??}, works if
+ no GeoIPFile can be loaded. See also the GeoIPExcludeUnknown option below.
**ExcludeExitNodes** __node__,__node__,__...__::
@@ -667,6 +693,14 @@ The following options are useful only for clients (that is, if
node listed in ExcludeNodes is automatically considered to be part of this
list too. See also the caveats on the "ExitNodes" option below.
+**GeoIPExcludeUnknown** **0**|**1**|**auto**::
+ If this option is set to 'auto', then whenever any country code is set in
+ ExcludeNodes or ExcludeExitNodes, all nodes with unknown country (\{??} and
+ possibly \{A1}) are treated as excluded as well. If this option is set to
+ '1', then all unknown countries are treated as excluded in ExcludeNodes
+ and ExcludeExitNodes. This option has no effect when a GeoIP file isn't
+ configured or can't be found. (Default: auto)
+
**ExitNodes** __node__,__node__,__...__::
A list of identity fingerprints, nicknames, country codes and address
patterns of nodes to use as exit node---that is, a
@@ -860,7 +894,7 @@ The following options are useful only for clients (that is, if
the same circuit. Currently, two addresses are "too close" if they lie in
the same /16 range. (Default: 1)
-**SOCKSPort** \['address':]__port__|**auto** [_isolation flags_]::
+**SOCKSPort** \['address':]__port__|**auto** [_flags_] [_isolation flags_]::
Open this port to listen for connections from SOCKS-speaking
applications. Set this to 0 if you don't want to allow application
connections via SOCKS. Set it to "auto" to have Tor pick a port for
@@ -893,7 +927,60 @@ The following options are useful only for clients (that is, if
on this port to share circuits with streams from every other
port with the same session group. (By default, streams received
on different SOCKSPorts, TransPorts, etc are always isolated from one
- another. This option overrides that behavior.)
+ another. This option overrides that behavior.) +
++
+ Other recognized _flags_ for a SOCKSPort are:
+ **NoIPv4Traffic**;;
+ Tell exits to not connect to IPv4 addresses in response to SOCKS
+ requests on this connection.
+ **IPv6Traffic**;;
+ Tell exits to allow IPv6 addresses in response to SOCKS requests on
+ this connection, so long as SOCKS5 is in use. (SOCKS4 can't handle
+ IPv6.)
+ **PreferIPv6**;;
+ Tells exits that, if a host has both an IPv4 and an IPv6 address,
+ we would prefer to connect to it via IPv6. (IPv4 is the default.) +
++
+ NOTE: Although this option allows you to specify an IP address
+ other than localhost, you should do so only with extreme caution.
+ The SOCKS protocol is unencrypted and (as we use it)
+ unauthenticated, so exposing it in this way could leak your
+ information to anybody watching your network, and allow anybody
+ to use your computer as an open proxy.
+ **CacheIPv4DNS**;;
+ Tells the client to remember IPv4 DNS answers we receive from exit
+ nodes via this connection. (On by default.)
+ **CacheIPv6DNS**;;
+ Tells the client to remember IPv6 DNS answers we receive from exit
+ nodes via this connection.
+ **CacheDNS**;;
+ Tells the client to remember all DNS answers we receive from exit
+ nodes via this connection.
+ **UseIPv4Cache**;;
+ Tells the client to use any cached IPv4 DNS answers we have when making
+ requests via this connection. (NOTE: This option, along UseIPv6Cache
+ and UseDNSCache, can harm your anonymity, and probably
+ won't help performance as much as you might expect. Use with care!)
+ **UseIPv6Cache**;;
+ Tells the client to use any cached IPv6 DNS answers we have when making
+ requests via this connection.
+ **UseDNSCache**;;
+ Tells the client to use any cached DNS answers we have when making
+ requests via this connection.
+ **PreferIPv6Automap**;;
+ When serving a hostname lookup request on this port that
+ should get automapped (according to AutomapHostsOnResove),
+ if we could return either an IPv4 or an IPv6 answer, prefer
+ an IPv6 answer. (On by default.)
+ **PreferSOCKSNoAuth**;;
+ Ordinarily, when an application offers both "username/password
+ authentication" and "no authentication" to Tor via SOCKS5, Tor
+ selects username/password authentication so that IsolateSOCKSAuth can
+ work. This can confuse some applications, if they offer a
+ username/password combination then get confused when asked for
+ one. You can disable this behavior, so that Tor will select "No
+ authentication" when IsolateSOCKSAuth is disabled, or when this
+ option is set.
**SOCKSListenAddress** __IP__[:__PORT__]::
Bind to this address to listen for connections from Socks-speaking
@@ -955,10 +1042,28 @@ The following options are useful only for clients (that is, if
increases the odds that an adversary who owns some servers will observe a
fraction of your paths. (Default: 1)
+**UseEntryGuardsAsDirectoryGuards** **0**|**1**::
+ If this option is set to 1, we try to use our entry guards as directory
+ guards, and failing that, pick more nodes to act as our directory guards.
+ This helps prevent an adversary from enumerating clients. It's only
+ available for clients (non-relay, non-bridge) that aren't configured to
+ download any non-default directory material. It doesn't currently
+ do anything when we lack a live consensus. (Default: 1)
+
**NumEntryGuards** __NUM__::
If UseEntryGuards is set to 1, we will try to pick a total of NUM routers
as long-term entries for our circuits. (Default: 3)
+**NumDirectoryGuards** __NUM__::
+ If UseEntryGuardsAsDirectoryGuards is enabled, we try to make sure we
+ have at least NUM routers to use as directory guards. (Default: 3)
+
+**GuardLifetime** __N__ **days**|**weeks**|**months**::
+ If nonzero, and UseEntryGuards is set, minimum time to keep a guard before
+ picking a new one. If zero, we use the GuardLifetime parameter from the
+ consensus directory. No value here may be less than 1 month or greater
+ than 5 years; out-of-range values are clamped. (Default: 0)
+
**SafeSocks** **0**|**1**::
When this option is enabled, Tor will reject application connections that
use unsafe variants of the socks protocol -- ones that only provide an IP
@@ -979,16 +1084,20 @@ The following options are useful only for clients (that is, if
applications to do DNS resolves themselves is usually a bad idea and
can leak your location to attackers. (Default: 1)
-**VirtualAddrNetwork** __Address__/__bits__::
+**VirtualAddrNetworkIPv4** __Address__/__bits__ +
+
+**VirtualAddrNetworkIPv6** [__Address__]/__bits__::
When Tor needs to assign a virtual (unused) address because of a MAPADDRESS
command from the controller or the AutomapHostsOnResolve feature, Tor
- picks an unassigned address from this range. (Default:
- 127.192.0.0/10) +
+ picks an unassigned address from this range. (Defaults:
+ 127.192.0.0/10 and [FE80::]/10 respectively.) +
+
When providing proxy server service to a network of computers using a tool
- like dns-proxy-tor, change this address to "10.192.0.0/10" or
- "172.16.0.0/12". The default **VirtualAddrNetwork** address range on a
- properly configured machine will route to the loopback interface. For
+ like dns-proxy-tor, change the IPv4 network to "10.192.0.0/10" or
+ "172.16.0.0/12" and change the IPv6 network to "[FC00]/7".
+ The default **VirtualAddrNetwork** address ranges on a
+ properly configured machine will route to the loopback or link-local
+ interface. For
local use, no change to the default VirtualAddrNetwork setting is needed.
**AllowNonRFC953Hostnames** **0**|**1**::
@@ -1065,7 +1174,9 @@ The following options are useful only for clients (that is, if
**DNSPort** \['address':]__port__|**auto** [_isolation flags_]::
If non-zero, open this port to listen for UDP DNS requests, and resolve
- them anonymously. Set the port to "auto" to have Tor pick a port for
+ them anonymously. This port only handles A, AAAA, and PTR requests---it
+ doesn't handle arbitrary DNS request types. Set the port to "auto" to
+ have Tor pick a port for
you. This directive can be specified multiple times to bind to multiple
addresses/ports. See SOCKSPort for an explanation of isolation
flags. (Default: 0)
@@ -1095,12 +1206,6 @@ The following options are useful only for clients (that is, if
regular router descriptors. Tor does not use this information for anything
itself; to save bandwidth, leave this option turned off. (Default: 0)
-**FallbackNetworkstatusFile** __FILENAME__::
- If Tor doesn't have a cached networkstatus file, it starts out using this
- one instead. Even if this file is out of date, Tor can still use it to
- learn about directory mirrors, so it doesn't need to put load on the
- authorities. (Default: None)
-
**WarnPlaintextPorts** __port__,__port__,__...__::
Tells Tor to issue a warnings whenever the user tries to make an anonymous
connection to one of these ports. This option is designed to alert users
@@ -1142,32 +1247,93 @@ The following options are useful only for clients (that is, if
"auto" (recommended) then it is on for all clients that do not set
FetchUselessDescriptors. (Default: auto)
+**UseNTorHandshake** **0**|**1**|**auto**::
+ The "ntor" circuit-creation handshake is faster and (we think) more
+ secure than the original ("TAP") circuit handshake, but starting to use
+ it too early might make your client stand out. If this option is 0, your
+ Tor client won't use the ntor handshake. If it's 1, your Tor client
+ will use the ntor handshake to extend circuits through servers that
+ support it. If this option is "auto" (recommended), then your client
+ will use the ntor handshake once enough directory authorities recommend
+ it. (Default: auto)
+
**PathBiasCircThreshold** __NUM__ +
**PathBiasNoticeRate** __NUM__ +
-**PathBiasDisableRate** __NUM__ +
+**PathBiasWarnRate** __NUM__ +
+
+**PathBiasExtremeRate** __NUM__ +
-**PathBiasScaleThreshold** __NUM__ +
+**PathBiasDropGuards** __NUM__ +
-**PathBiasScaleFactor** __NUM__::
+**PathBiasScaleThreshold** __NUM__::
These options override the default behavior of Tor's (**currently
experimental**) path bias detection algorithm. To try to find broken or
misbehaving guard nodes, Tor looks for nodes where more than a certain
- fraction of circuits through that node fail after the first hop. The
- PathBiasCircThreshold option controls how many circuits we need to build
- through a guard before we make these checks. The PathBiasNoticeRate and
- PathBiasDisableRate options control what fraction of circuits must
- succeed through a guard so we won't warn about it or disable it,
- respectively. When we have seen more than PathBiasScaleThreshold
- circuits through a guard, we divide our observations by
- PathBiasScaleFactor, so that new observations don't get swamped by old
- ones. +
+ fraction of circuits through that guard fail to get built.
+ +
+ The PathBiasCircThreshold option controls how many circuits we need to build
+ through a guard before we make these checks. The PathBiasNoticeRate,
+ PathBiasWarnRate and PathBiasExtremeRate options control what fraction of
+ circuits must succeed through a guard so we won't write log messages.
+ If less than PathBiasExtremeRate circuits succeed *and* PathBiasDropGuards
+ is set to 1, we disable use of that guard. +
+ +
+ When we have seen more than PathBiasScaleThreshold
+ circuits through a guard, we scale our observations by 0.5 (governed by
+ the consensus) so that new observations don't get swamped by old ones. +
+
By default, or if a negative value is provided for one of these options,
Tor uses reasonable defaults from the networkstatus consensus document.
- If no defaults are available there, these options default to 20, .70,
- 0.0, 200, and 4 respectively.
+ If no defaults are available there, these options default to 150, .70,
+ .50, .30, 0, and 300 respectively.
+
+**PathBiasUseThreshold** __NUM__ +
+
+**PathBiasNoticeUseRate** __NUM__ +
+
+**PathBiasExtremeUseRate** __NUM__ +
+
+**PathBiasScaleUseThreshold** __NUM__::
+ Similar to the above options, these options override the default behavior
+ of Tor's (**currently experimental**) path use bias detection algorithm.
+ +
+ Where as the path bias parameters govern thresholds for successfully
+ building circuits, these four path use bias parameters govern thresholds
+ only for circuit usage. Circuits which receive no stream usage
+ are not counted by this detection algorithm. A used circuit is considered
+ successful if it is capable of carrying streams or otherwise receiving
+ well-formed responses to RELAY cells.
+ +
+ By default, or if a negative value is provided for one of these options,
+ Tor uses reasonable defaults from the networkstatus consensus document.
+ If no defaults are available there, these options default to 20, .80,
+ .60, and 100, respectively.
+
+**ClientUseIPv6** **0**|**1**::
+ If this option is set to 1, Tor might connect to entry nodes over
+ IPv6. Note that clients configured with an IPv6 address in a
+ **Bridge** line will try connecting over IPv6 even if
+ **ClientUseIPv6** is set to 0. (Default: 0)
+
+**ClientPreferIPv6ORPort** **0**|**1**::
+ If this option is set to 1, Tor prefers an OR port with an IPv6
+ address over one with IPv4 if a given entry node has both. Other
+ things may influence the choice. This option breaks a tie to the
+ favor of IPv6. (Default: 0)
+
+**PathsNeededToBuildCircuits** __NUM__::
+ Tor clients don't build circuits for user traffic until they know
+ about enough of the network so that they could potentially construct
+ enough of the possible paths through the network. If this option
+ is set to a fraction between 0.25 and 0.95, Tor won't build circuits
+ until it has enough descriptors or microdescriptors to construct
+ that fraction of possible paths. Note that setting this option too low
+ can make your Tor client less anonymous, and setting it too high can
+ prevent your Tor client from bootstrapping. If this option is negative,
+ Tor will use a default value chosen by the directory
+ authorities. (Default: -1.)
SERVER OPTIONS
@@ -1259,9 +1425,13 @@ is non-zero):
at the beginning of your exit policy. See above entry on ExitPolicy.
(Default: 1)
-**MaxOnionsPending** __NUM__::
- If you have more than this number of onionskins queued for decrypt, reject
- new ones. (Default: 100)
+**IPv6Exit** **0**|**1**::
+ If set, and we are an exit node, allow clients to use us for IPv6
+ traffic. (Default: 0)
+
+**MaxOnionQueueDelay** __NUM__ [**msec**|**second**]::
+ If we have more onionskins queued for processing than we can process in
+ this amount of time, reject new ones. (Default: 1750 msec)
**MyFamily** __node__,__node__,__...__::
Declare that this Tor server is controlled or administered by a group or
@@ -1271,6 +1441,9 @@ is non-zero):
same circuit. (Each server only needs to list the other servers in its
family; it doesn't need to list itself, but it won't hurt.) Do not list
any bridge relay as it would compromise its concealment.
+ +
+ When listing a node, it's better to list it by fingerprint than by
+ nickname: fingerprints are more reliable.
**Nickname** __name__::
Set the server's nickname to \'name'. Nicknames must be between 1 and 19
@@ -1345,8 +1518,13 @@ is non-zero):
**ShutdownWaitLength** __NUM__::
When we get a SIGINT and we're a server, we begin shutting down:
we close listeners and start refusing new circuits. After **NUM**
- seconds, we exit. If we get a second SIGINT, we exit immedi-
- ately. (Default: 30 seconds)
+ seconds, we exit. If we get a second SIGINT, we exit immediately.
+ (Default: 30 seconds)
+
+**SSLKeyLifetime** __N__ **minutes**|**hours**|**days**|**weeks**::
+ When creating a link certificate for our outermost SSL handshake,
+ set its lifetime to this amount of time. If set to 0, Tor will choose
+ some reasonable random defaults. (Default: 0)
**HeartbeatPeriod** __N__ **minutes**|**hours**|**days**|**weeks**::
Log a heartbeat message every **HeartbeatPeriod** seconds. This is
@@ -1354,14 +1532,14 @@ is non-zero):
server is still alive and doing useful things. Settings this
to 0 will disable the heartbeat. (Default: 6 hours)
-**AccountingMax** __N__ **bytes**|**KB**|**MB**|**GB**|**TB**::
+**AccountingMax** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**::
Never send more than the specified number of bytes in a given accounting
period, or receive more than that number in the period. For example, with
- AccountingMax set to 1 GB, a server could send 900 MB and receive 800 MB
- and continue running. It will only hibernate once one of the two reaches 1
- GB. When the number of bytes gets low, Tor will stop accepting new
- connections and circuits. When the number of bytes
- is exhausted, Tor will hibernate until some
+ AccountingMax set to 1 GByte, a server could send 900 MBytes and
+ receive 800 MBytes and continue running. It will only hibernate once
+ one of the two reaches 1 GByte. When the number of bytes gets low,
+ Tor will stop accepting new connections and circuits. When the
+ number of bytes is exhausted, Tor will hibernate until some
time in the next accounting period. To prevent all servers from waking at
the same time, Tor will also wait until a random point in each period
before waking up. If you have bandwidth cost issues, enabling hibernation
@@ -1384,7 +1562,8 @@ is non-zero):
Prevent nodes that don't appear in the consensus from exiting using this
relay. If the option is 1, we always block exit attempts from such
nodes; if it's 0, we never do, and if the option is "auto", then we do
- whatever the authorities suggest in the consensus. (Default: auto)
+ whatever the authorities suggest in the consensus (and block if the consensus
+ is quiet on the issue). (Default: auto)
**ServerDNSResolvConfFile** __filename__::
Overrides the default DNS configuration with the configuration in
@@ -1442,7 +1621,16 @@ is non-zero):
does on behalf of clients. (Default: 1)
**GeoIPFile** __filename__::
- A filename containing GeoIP data, for use with BridgeRecordUsageByCountry.
+ A filename containing IPv4 GeoIP data, for use with by-country statistics.
+
+**GeoIPv6File** __filename__::
+ A filename containing IPv6 GeoIP data, for use with by-country statistics.
+
+**TLSECGroup** **P224**|**P256**::
+ What EC group should we try to use for incoming TLS connections?
+ P224 is faster, but makes us stand out more. Has no effect if
+ we're a client, or if our OpenSSL version lacks support for ECDHE.
+ (Default: P224 for public servers; P256 for bridges.)
**CellStatistics** **0**|**1**::
When this option is enabled, Tor writes statistics on the mean time that
@@ -1667,15 +1855,15 @@ DIRECTORY AUTHORITY SERVER OPTIONS
Authoritative directories only. Like AuthDirMaxServersPerAddr, but applies
to addresses shared with directory authorities. (Default: 5)
-**AuthDirFastGuarantee** __N__ **bytes**|**KB**|**MB**|**GB**::
+**AuthDirFastGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
Authoritative directories only. If non-zero, always vote the
Fast flag for any relay advertising this amount of capacity or
- more. (Default: 100 KB)
+ more. (Default: 100 KBytes)
-**AuthDirGuardBWGuarantee** __N__ **bytes**|**KB**|**MB**|**GB**::
+**AuthDirGuardBWGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
Authoritative directories only. If non-zero, this advertised capacity
or more is always sufficient to satisfy the bandwidth requirement
- for the Guard flag. (Default: 250 KB)
+ for the Guard flag. (Default: 250 KBytes)
**BridgePassword** __Password__::
If set, contains an HTTP authenticator that tells a bridge authority to
@@ -1733,6 +1921,12 @@ DIRECTORY AUTHORITY SERVER OPTIONS
votes on whether to accept relays as hidden service directories.
(Default: 1)
+**AuthDirHasIPv6Connectivity** **0**|**1**::
+ Authoritative directories only. When set to 0, OR ports with an
+ IPv6 address are being accepted without reachability testing.
+ When set to 1, IPv6 OR ports are being tested just like IPv4 OR
+ ports. (Default: 0)
+
HIDDEN SERVICE OPTIONS
----------------------
@@ -1818,12 +2012,12 @@ The following options are used for running a testing Tor network.
**TestingTorNetwork** is set. (Default: 30 minutes)
**TestingV3AuthInitialVoteDelay** __N__ **minutes**|**hours**::
- Like TestingV3AuthInitialVoteDelay, but for initial voting interval before
+ Like V3AuthVoteDelay, but for initial voting interval before
the first consensus has been created. Changing this requires that
**TestingTorNetwork** is set. (Default: 5 minutes)
**TestingV3AuthInitialDistDelay** __N__ **minutes**|**hours**::
- Like TestingV3AuthInitialDistDelay, but for initial voting interval before
+ Like V3AuthDistDelay, but for initial voting interval before
the first consensus has been created. Changing this requires that
**TestingTorNetwork** is set. (Default: 5 minutes)
@@ -1837,6 +2031,11 @@ The following options are used for running a testing Tor network.
time. Changing this requires that **TestingTorNetwork** is set. (Default:
10 minutes)
+**TestingMinFastFlagThreshold** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**::
+ Minimum value for the Fast flag. Overrides the ordinary minimum taken
+ from the consensus when TestingTorNetwork is set. (Default: 0.)
+
+
SIGNALS
-------
@@ -1963,7 +2162,7 @@ __HiddenServiceDirectory__**/client_keys**::
SEE ALSO
--------
-**privoxy**(1), **tsocks**(1), **torify**(1) +
+**privoxy**(1), **torsocks**(1), **torify**(1) +
**https://www.torproject.org/**