diff options
Diffstat (limited to 'doc/tor.1.txt')
-rw-r--r-- | doc/tor.1.txt | 175 |
1 files changed, 100 insertions, 75 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt index f168a2fb48..2f97ecdb3e 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -42,7 +42,7 @@ COMMAND-LINE OPTIONS [[opt-f]] **-f** __FILE__:: Specify a new configuration file to contain further Tor configuration - options. (Default: $HOME/.torrc, or @CONFDIR@/torrc if that file is not + options. (Default: @CONFDIR@/torrc, or $HOME/.torrc if that file is not found) [[opt-allow-missing-torrc]] **--allow-missing-torrc**:: @@ -143,7 +143,17 @@ GENERAL OPTIONS the specified number of bytes per second, and the average outgoing bandwidth usage to that same value. If you want to run a relay in the public network, this needs to be _at the very least_ 30 KBytes (that is, - 30720 bytes). (Default: 1 GByte) + 30720 bytes). (Default: 1 GByte) + + + + With this option, and in other options that take arguments in bytes, + KBytes, and so on, other formats are also supported. Notably, "KBytes" can + also be written as "kilobytes" or "kb"; "MBytes" can be written as + "megabytes" or "MB"; "kbits" can be written as "kilobits"; and so forth. + Tor also accepts "byte" and "bit" in the singular. + The prefixes "tera" and "T" are also recognized. + If no units are given, we default to bytes. + To avoid confusion, we recommend writing "bytes" or "bits" explicitly, + since it's easy to forget that "B" means bytes, not bits. [[BandwidthBurst]] **BandwidthBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: Limit the maximum token bucket size (also known as the burst) to the given @@ -331,12 +341,8 @@ GENERAL OPTIONS and port, with the specified key fingerprint. This option can be repeated many times, for multiple authoritative directory servers. Flags are separated by spaces, and determine what kind of an authority this directory - is. By default, every authority is authoritative for current ("v2")-style - directories, unless the "no-v2" flag is given. If the "v1" flags is - provided, Tor will use this server as an authority for old-style (v1) - directories as well. (Only directory mirrors care about this.) Tor will - use this server as an authority for hidden service information if the "hs" - flag is set, or if the "v1" flag is set and the "no-hs" flag is **not** set. + is. By default, an authority is not authoritative for any directory style + or version unless an appropriate flag is given. Tor will use this authority as a bridge authoritative directory if the "bridge" flag is set. If a flag "orport=**port**" is given, Tor will use the given port when opening encrypted tunnels to the dirserver. If a flag @@ -365,17 +371,14 @@ GENERAL OPTIONS [[AlternateDirAuthority]] **AlternateDirAuthority** [__nickname__] [**flags**] __address__:__port__ __fingerprint__ + -[[AlternateHSAuthority]] **AlternateHSAuthority** [__nickname__] [**flags**] __address__:__port__ __fingerprint__ + - [[AlternateBridgeAuthority]] **AlternateBridgeAuthority** [__nickname__] [**flags**] __address__:__port__ __ fingerprint__:: These options behave as DirAuthority, but they replace fewer of the default directory authorities. Using AlternateDirAuthority replaces the default Tor directory authorities, but - leaves the default hidden service authorities and bridge authorities in - place. Similarly, AlternateHSAuthority replaces the default hidden - service authorities, but not the directory or bridge authorities; and + leaves the default bridge authorities in + place. Similarly, AlternateBridgeAuthority replaces the default bridge authority, - but leaves the directory and hidden service authorities alone. + but leaves the directory authorities alone. [[DisableAllSwap]] **DisableAllSwap** **0**|**1**:: If set to 1, Tor will attempt to lock all current and future memory pages, @@ -488,15 +491,15 @@ GENERAL OPTIONS attacker who obtains the logs. If only one severity level is given, all messages of that level or higher will be sent to the listed destination. -**Log** __minSeverity__[-__maxSeverity__] **file** __FILENAME__:: +[[Log2]] **Log** __minSeverity__[-__maxSeverity__] **file** __FILENAME__:: As above, but send log messages to the listed filename. The "Log" option may appear more than once in a configuration file. Messages are sent to all the logs that match their severity level. -**Log** **[**__domain__,...**]**__minSeverity__[-__maxSeverity__] ... **file** __FILENAME__ + +[[Log3]] **Log** **[**__domain__,...**]**__minSeverity__[-__maxSeverity__] ... **file** __FILENAME__ + -**Log** **[**__domain__,...**]**__minSeverity__[-__maxSeverity__] ... **stderr**|**stdout**|**syslog**:: +[[Log4]] **Log** **[**__domain__,...**]**__minSeverity__[-__maxSeverity__] ... **stderr**|**stdout**|**syslog**:: As above, but select messages by range of log severity __and__ by a set of "logging domains". Each logging domain corresponds to an area of functionality inside Tor. You can specify any number of severity ranges @@ -539,6 +542,12 @@ GENERAL OPTIONS following the Tor specification. Otherwise, they are logged with severity \'info'. (Default: 0) +[[PredictedPortsRelevanceTime]] **PredictedPortsRelevanceTime** __NUM__:: + Set how long, after the client has mad an anonymized connection to a + given port, we will try to make sure that we build circuits to + exits that support that port. The maximum value for this option is 1 + hour. (Default: 1 hour) + [[RunAsDaemon]] **RunAsDaemon** **0**|**1**:: If 1, Tor forks and daemonizes to the background. This option has no effect on Windows; instead you should use the --service command-line option. @@ -608,7 +617,7 @@ GENERAL OPTIONS This feature is experimental; don't use it yet unless you're eager to help tracking down bugs. (Default: 0) -[[_UseFilteringSSLBufferevents]] **_UseFilteringSSLBufferevents** **0**|**1**:: +[[UseFilteringSSLBufferevents]] **UseFilteringSSLBufferevents** **0**|**1**:: Tells Tor to do its SSL communication using a chain of bufferevents: one for SSL and one for networking. This option has no effect if bufferevents are disabled (in which case it can't turn on), or @@ -626,7 +635,7 @@ CLIENT OPTIONS -------------- The following options are useful only for clients (that is, if -[[SocksPort]] **SocksPort**, **TransPort**, **DNSPort**, or **NATDPort** is non-zero): +**SocksPort**, **TransPort**, **DNSPort**, or **NATDPort** is non-zero): [[AllowInvalidNodes]] **AllowInvalidNodes** **entry**|**exit**|**middle**|**introduction**|**rendezvous**|**...**:: If some Tor servers are obviously not working right, the directory @@ -682,12 +691,13 @@ The following options are useful only for clients (that is, if number like 60. (Default: 0) [[ClientOnly]] **ClientOnly** **0**|**1**:: - If set to 1, Tor will under no circumstances run as a relay or serve - directory requests. This config option is mostly meaningless: we - added it back when we were considering having Tor clients auto-promote - themselves to being relays if they were stable and fast enough. The - current behavior is simply that Tor is a client unless ORPort or - DirPort are configured. (Default: 0) + If set to 1, Tor will not run as a relay or serve + directory requests, even if the ORPort, ExtORPort, or DirPort options are + set. (This config option is + mostly unnecessary: we added it back when we were considering having + Tor clients auto-promote themselves to being relays if they were stable + and fast enough. The current behavior is simply that Tor is a client + unless ORPort, ExtORPort, or DirPort are configured.) (Default: 0) [[ExcludeNodes]] **ExcludeNodes** __node__,__node__,__...__:: A list of identity fingerprints, nicknames, country codes and address @@ -953,9 +963,10 @@ The following options are useful only for clients (that is, if on this port to share circuits with streams from every other port with the same session group. (By default, streams received on different SOCKSPorts, TransPorts, etc are always isolated from one - another. This option overrides that behavior.) + -+ - Other recognized _flags_ for a SOCKSPort are: + another. This option overrides that behavior.) + +[[OtherSOCKSPortFlags]]:: + Other recognized __flags__ for a SOCKSPort are: **NoIPv4Traffic**;; Tell exits to not connect to IPv4 addresses in response to SOCKS requests on this connection. @@ -966,13 +977,14 @@ The following options are useful only for clients (that is, if **PreferIPv6**;; Tells exits that, if a host has both an IPv4 and an IPv6 address, we would prefer to connect to it via IPv6. (IPv4 is the default.) + -+ - NOTE: Although this option allows you to specify an IP address - other than localhost, you should do so only with extreme caution. - The SOCKS protocol is unencrypted and (as we use it) - unauthenticated, so exposing it in this way could leak your - information to anybody watching your network, and allow anybody - to use your computer as an open proxy. + + + NOTE: Although this option allows you to specify an IP address + other than localhost, you should do so only with extreme caution. + The SOCKS protocol is unencrypted and (as we use it) + unauthenticated, so exposing it in this way could leak your + information to anybody watching your network, and allow anybody + to use your computer as an open proxy. + + + **CacheIPv4DNS**;; Tells the client to remember IPv4 DNS answers we receive from exit nodes via this connection. (On by default.) @@ -1021,7 +1033,8 @@ The following options are useful only for clients (that is, if [[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__:: Set an entrance policy for this server, to limit who can connect to the SocksPort and DNSPort ports. The policies have the same form as exit - policies below. + policies below, except that port specifiers are ignored. Any address + not matched by some entry in the policy is accepted. [[SocksTimeout]] **SocksTimeout** __NUM__:: Let a socks connection wait NUM seconds handshaking, and NUM seconds @@ -1068,7 +1081,7 @@ The following options are useful only for clients (that is, if increases the odds that an adversary who owns some servers will observe a fraction of your paths. (Default: 1) -[[UseEntryGuardsAsDirectoryGuards]] **UseEntryGuardsAsDirectoryGuards** **0**|**1**:: +[[UseEntryGuardsAsDirGuards]] **UseEntryGuardsAsDirGuards** **0**|**1**:: If this option is set to 1, and UseEntryGuards is also set to 1, we try to use our entry guards as directory guards, and failing that, pick more nodes to act as our directory guards. @@ -1174,20 +1187,29 @@ The following options are useful only for clients (that is, if compatibility, TransListenAddress is only allowed when TransPort is just a port number.) -[[TransProxyType]] **TransProxyTYpe** **default**|**TPROXY**:: +[[TransProxyType]] **TransProxyType** **default**|**TPROXY**|**ipfw**|**pf-divert**:: TransProxyType may only be enabled when there is transparent proxy listener enabled. + - Set this to TPROXY if you wish to be able to use the TPROXY Linux module to - transparently proxy connections that are configured using the TransPort + Set this to "TPROXY" if you wish to be able to use the TPROXY Linux module + to transparently proxy connections that are configured using the TransPort option. This setting lets the listener on the TransPort accept connections for all addresses, even when the TransListenAddress is configured for an internal address. Detailed information on how to configure the TPROXY feature can be found in the Linux kernel source tree in the file Documentation/networking/tproxy.txt. + + Set this option to "ipfw" to use the FreeBSD ipfw interface. + + + On *BSD operating systems when using pf, set this to "pf-divert" to take + advantage of +divert-to+ rules, which do not modify the packets like + +rdr-to+ rules do. Detailed information on how to configure pf to use + +divert-to+ rules can be found in the pf.conf(5) manual page. On OpenBSD, + +divert-to+ is available to use on versions greater than or equal to + OpenBSD 4.4. + + Set this to "default", or leave it unconfigured, to use regular IPTables - on Linux, or to use pf on the *BSD operating systems. + on Linux, or to use pf +rdr-to+ rules on *BSD systems. + (Default: "default".) @@ -1562,7 +1584,7 @@ is non-zero): If set to a path, only the specified path will be executed. (Default: tor-fw-helper) -[[PublishServerDescriptor]] **PublishServerDescriptor** **0**|**1**|**v1**|**v2**|**v3**|**bridge**,**...**:: +[[PublishServerDescriptor]] **PublishServerDescriptor** **0**|**1**|**v3**|**bridge**,**...**:: This option specifies which descriptors Tor will publish when acting as a relay. You can choose multiple arguments, separated by commas. @@ -1723,14 +1745,15 @@ is non-zero): localhost, RFC1918 addresses, and so on. This can create security issues; you should probably leave it off. (Default: 0) -[[MaxMemInCellQueues]] **MaxMemInCellQueues** __N__ **bytes**|**KB**|**MB**|**GB**:: +[[MaxMemInQueues]] **MaxMemInQueues** __N__ **bytes**|**KB**|**MB**|**GB**:: This option configures a threshold above which Tor will assume that it - needs to stop queueing cells because it's about to run out of memory. - If it hits this threshold, it will begin killing circuits until it - has recovered at least 10% of this memory. Do not set this option too + needs to stop queueing or buffering data because it's about to run out of + memory. If it hits this threshold, it will begin killing circuits until + it has recovered at least 10% of this memory. Do not set this option too low, or your relay may be unreliable under load. This option only - affects circuit queues, so the actual process size will be larger than - this. (Default: 8GB) + affects some queues, so the actual process size will be larger than + this. If this option is set to 0, Tor will try to pick a reasonable + default based on your system's physical memory. (Default: 0) DIRECTORY SERVER OPTIONS ------------------------ @@ -1750,18 +1773,7 @@ if DirPort is non-zero): When this option is set, it takes an HTML file and publishes it as "/" on the DirPort. Now relay operators can provide a disclaimer without needing to set up a separate webserver. There's a sample disclaimer in - contrib/tor-exit-notice.html. - -[[V1AuthoritativeDirectory]] **V1AuthoritativeDirectory** **0**|**1**:: - When this option is set in addition to **AuthoritativeDirectory**, Tor - generates version 1 directory and running-routers documents (for legacy - Tor clients up to 0.1.0.x). - -[[V2AuthoritativeDirectory]] **V2AuthoritativeDirectory** **0**|**1**:: - When this option is set in addition to **AuthoritativeDirectory**, Tor - generates version 2 network statuses and serves descriptors, etc as - described in doc/spec/dir-spec-v2.txt (for Tor clients and servers running - 0.1.1.x and 0.1.2.x). + contrib/operator-tools/tor-exit-notice.html. [[V3AuthoritativeDirectory]] **V3AuthoritativeDirectory** **0**|**1**:: When this option is set in addition to **AuthoritativeDirectory**, Tor @@ -1785,11 +1797,6 @@ if DirPort is non-zero): accept or publish descriptors that contradict a registered binding. See **approved-routers** in the **FILES** section below. -[[HSAuthoritativeDir]] **HSAuthoritativeDir** **0**|**1**:: - When this option is set in addition to **AuthoritativeDirectory**, Tor also - accepts and serves v0 hidden service descriptors, - which are produced and used by Tor 0.2.1.x and older. (Default: 0) - [[HidServDirectoryV2]] **HidServDirectoryV2** **0**|**1**:: When this option is set, Tor accepts and serves v2 hidden service descriptors. Setting DirPort is not required for this, because clients @@ -1823,12 +1830,9 @@ if DirPort is non-zero): [[DirPolicy]] **DirPolicy** __policy__,__policy__,__...__:: Set an entrance policy for this server, to limit who can connect to the - directory ports. The policies have the same form as exit policies above. - -[[FetchV2Networkstatus]] **FetchV2Networkstatus** **0**|**1**:: - If set, we try to fetch the (obsolete, unused) version 2 network status - consensus documents from the directory authorities. No currently - supported Tor version uses them. (Default: 0) + directory ports. The policies have the same form as exit policies above, + except that port specifiers are ignored. Any address not matched by + some entry in the policy is accepted. DIRECTORY AUTHORITY SERVER OPTIONS @@ -1867,7 +1871,11 @@ DIRECTORY AUTHORITY SERVER OPTIONS [[AuthDirBadDir]] **AuthDirBadDir** __AddressPattern...__:: Authoritative directories only. A set of address patterns for servers that will be listed as bad directories in any network status document this - authority publishes, if **AuthDirListBadDirs** is set. + authority publishes, if **AuthDirListBadDirs** is set. + + + + (The address pattern syntax here and in the options below + is the same as for exit policies, except that you don't need to say + "accept" or "reject", and ports are not needed.) [[AuthDirBadExit]] **AuthDirBadExit** __AddressPattern...__:: Authoritative directories only. A set of address patterns for servers that @@ -1997,6 +2005,12 @@ DIRECTORY AUTHORITY SERVER OPTIONS When set to 1, IPv6 OR ports are being tested just like IPv4 OR ports. (Default: 0) +[[MinMeasuredBWsForAuthToIgnoreAdvertised]] **MinMeasuredBWsForAuthToIgnoreAdvertised** __N__:: + A total value, in abstract bandwidth units, describing how much + measured total bandwidth an authority should have observed on the network + before it will treat advertised bandwidths as wholly + unreliable. (Default: 500) + HIDDEN SERVICE OPTIONS ---------------------- @@ -2033,7 +2047,7 @@ The following options are used to configure a hidden service. authorization protocol or \'stealth' for a less scalable protocol that also hides service activity from unauthorized clients. Only clients that are listed here are authorized to access the hidden service. Valid client names - are 1 to 19 characters long and only use characters in A-Za-z0-9+-_ (no + are 1 to 16 characters long and only use characters in A-Za-z0-9+-_ (no spaces). If this option is set, the hidden service is not accessible for clients without authorization any more. Generated authorization data can be found in the hostname file. Clients need to put this authorization data in @@ -2175,7 +2189,7 @@ The following options are used for running a testing Tor network. Try this often to download a v3 authority certificate before giving up. Changing this requires that **TestingTorNetwork** is set. (Default: 8) -**TestingDirAuthVoteGuard** __node__,__node__,__...__:: +[[TestingDirAuthVoteGuard]] **TestingDirAuthVoteGuard** __node__,__node__,__...__:: A list of identity fingerprints, nicknames, country codes and address patterns of nodes to vote Guard for regardless of their uptime and bandwidth. See the **ExcludeNodes** option for more @@ -2199,6 +2213,10 @@ The following options are used for running a testing Tor network. events. Changing this requires that **TestingTorNetwork** is set. (Default: 0) +[[TestingMinExitFlagThreshold]] **TestingMinExitFlagThreshold** __N__ **KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: + Sets a lower-bound for assigning an exit flag when running as an + authority on a testing network. Overrides the usual default lower bound + of 4 KB. (Default: 0) SIGNALS ------- @@ -2240,6 +2258,9 @@ FILES **@CONFDIR@/torrc**:: The configuration file, which contains "option value" pairs. +**$HOME/.torrc**:: + Fallback location for torrc, if @CONFDIR@/torrc is not found. + **@LOCALSTATEDIR@/lib/tor/**:: The tor process stores keys and other data here. @@ -2306,6 +2327,10 @@ __DataDirectory__**/keys/***:: __DataDirectory__**/fingerprint**:: Only used by servers. Holds the fingerprint of the server's identity key. +__DataDirectory__**/hashed-fingerprint**:: + Only used by bridges. Holds the hashed fingerprint of the bridge's + identity key. (That is, the hash of the hash of the identity key.) + __DataDirectory__**/approved-routers**:: Only for naming authoritative directory servers (see **NamingAuthoritativeDirectory**). This file lists nickname to identity @@ -2377,7 +2402,7 @@ __HiddenServiceDirectory__**/client_keys**:: SEE ALSO -------- -**privoxy**(1), **torsocks**(1), **torify**(1) + +**torsocks**(1), **torify**(1) + **https://www.torproject.org/** |