summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/tor.1.txt68
1 files changed, 30 insertions, 38 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 2ada5688cd..c5ef054f61 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -98,8 +98,8 @@ COMMAND-LINE OPTIONS
Other options can be specified on the command-line in the format "--option
value", in the format "option value", or in a configuration file. For
instance, you can tell Tor to start listening for SOCKS connections on port
-9999 by passing --SOCKSPort 9999 or SOCKSPort 9999 to it on the command line,
-or by putting "SOCKSPort 9999" in the configuration file. You will need to
+9999 by passing --SocksPort 9999 or SocksPort 9999 to it on the command line,
+or by putting "SocksPort 9999" in the configuration file. You will need to
quote options with spaces in them: if you want Tor to log all debugging
messages to debug.log, you will probably need to say --Log 'debug file
debug.log'.
@@ -125,17 +125,17 @@ the defaults file.
This rule is simple for options that take a single value, but it can become
complicated for options that are allowed to occur more than once: if you
-specify four SOCKSPorts in your configuration file, and one more SOCKSPort on
+specify four SocksPorts in your configuration file, and one more SocksPort on
the command line, the option on the command line will replace __all__ of the
-SOCKSPorts in the configuration file. If this isn't what you want, prefix
+SocksPorts in the configuration file. If this isn't what you want, prefix
the option name with a plus sign (+), and it will be appended to the previous
-set of options instead. For example, setting SOCKSPort 9100 will use only
-port 9100, but setting +SOCKSPort 9100 will use ports 9100 and 9050 (because
+set of options instead. For example, setting SocksPort 9100 will use only
+port 9100, but setting +SocksPort 9100 will use ports 9100 and 9050 (because
this is the default).
Alternatively, you might want to remove every instance of an option in the
configuration file, and not replace it at all: you might want to say on the
-command line that you want no SOCKSPorts at all. To do that, prefix the
+command line that you want no SocksPorts at all. To do that, prefix the
option name with a forward slash (/). You can use the plus sign (+) and the
forward slash (/) in the configuration file and on the command line.
@@ -221,7 +221,7 @@ GENERAL OPTIONS
any pluggable transport proxy that tries to launch __transport__. +
(Example: ServerTransportOptions obfs45 shared-secret=bridgepasswd cache=/var/lib/tor/cache)
-[[ExtORPort]] **ExtORPort** \['address':]__port__|**auto**
+[[ExtORPort]] **ExtORPort** \['address':]__port__|**auto**::
Open this port to listen for Extended ORPort connections from your
pluggable transports.
@@ -289,9 +289,9 @@ GENERAL OPTIONS
any process on the local host to control it. (Setting both authentication
methods means eithermethod is sufficient to authenticate to Tor.) This
option is required for many Tor controllers; most use the value of 9051.
- Set it to "auto" to have Tor pick a port for you. (Default: 0)
+ Set it to "auto" to have Tor pick a port for you. (Default: 0) +
+
- Recognized flags are::
+ Recognized flags are...
**GroupWritable**;;
Unix domain sockets only: makes the socket get created as
group-writable.
@@ -968,7 +968,7 @@ The following options are useful only for clients (that is, if
the same circuit. Currently, two addresses are "too close" if they lie in
the same /16 range. (Default: 1)
-[[SOCKSPort]] **SOCKSPort** \['address':]__port__|**unix:**__path__|**auto** [_flags_] [_isolation flags_]::
+[[SocksPort]] **SocksPort** \['address':]__port__|**unix:**__path__|**auto** [_flags_] [_isolation flags_]::
Open this port to listen for connections from SOCKS-speaking
applications. Set this to 0 if you don't want to allow application
connections via SOCKS. Set it to "auto" to have Tor pick a port for
@@ -983,7 +983,7 @@ The following options are useful only for clients (that is, if
to use your computer as an open proxy. +
+
The _isolation flags_ arguments give Tor rules for which streams
- received on this SOCKSPort are allowed to share circuits with one
+ received on this SocksPort are allowed to share circuits with one
another. Recognized isolation flags are:
**IsolateClientAddr**;;
Don't share circuits with streams from a different
@@ -1010,11 +1010,11 @@ The following options are useful only for clients (that is, if
If no other isolation rules would prevent it, allow streams
on this port to share circuits with streams from every other
port with the same session group. (By default, streams received
- on different SOCKSPorts, TransPorts, etc are always isolated from one
+ on different SocksPorts, TransPorts, etc are always isolated from one
another. This option overrides that behavior.)
-[[OtherSOCKSPortFlags]]::
- Other recognized __flags__ for a SOCKSPort are:
+[[OtherSocksPortFlags]]::
+ Other recognized __flags__ for a SocksPort are:
**NoIPv4Traffic**;;
Tell exits to not connect to IPv4 addresses in response to SOCKS
requests on this connection.
@@ -1066,14 +1066,14 @@ The following options are useful only for clients (that is, if
authentication" when IsolateSOCKSAuth is disabled, or when this
option is set.
-[[SOCKSListenAddress]] **SOCKSListenAddress** __IP__[:__PORT__]::
+[[SocksListenAddress]] **SocksListenAddress** __IP__[:__PORT__]::
Bind to this address to listen for connections from Socks-speaking
applications. (Default: 127.0.0.1) You can also specify a port (e.g.
192.168.0.1:9100). This directive can be specified multiple times to bind
to multiple addresses/ports. (DEPRECATED: As of 0.2.3.x-alpha, you can
- now use multiple SOCKSPort entries, and provide addresses for SOCKSPort
- entries, so SOCKSListenAddress no longer has a purpose. For backward
- compatibility, SOCKSListenAddress is only allowed when SOCKSPort is just
+ now use multiple SocksPort entries, and provide addresses for SocksPort
+ entries, so SocksListenAddress no longer has a purpose. For backward
+ compatibility, SocksListenAddress is only allowed when SocksPort is just
a port number.)
[[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__::
@@ -1280,7 +1280,7 @@ The following options are useful only for clients (that is, if
Use 0 if you don't want to allow NATD connections. Set the port
to "auto" to have Tor pick a port for you. This directive can be
specified multiple times to bind to multiple addresses/ports. See
- SOCKSPort for an explanation of isolation flags. +
+ SocksPort for an explanation of isolation flags. +
+
This option is only for people who cannot use TransPort. (Default: 0)
@@ -1308,7 +1308,7 @@ The following options are useful only for clients (that is, if
doesn't handle arbitrary DNS request types. Set the port to "auto" to
have Tor pick a port for
you. This directive can be specified multiple times to bind to multiple
- addresses/ports. See SOCKSPort for an explanation of isolation
+ addresses/ports. See SocksPort for an explanation of isolation
flags. (Default: 0)
[[DNSListenAddress]] **DNSListenAddress** __IP__[:__PORT__]::
@@ -1801,7 +1801,7 @@ is non-zero):
[[ServerDNSTestAddresses]] **ServerDNSTestAddresses** __address__,__address__,__...__::
When we're detecting DNS hijacking, make sure that these __valid__ addresses
aren't getting redirected. If they are, then our DNS is completely useless,
- and we'll reset our exit policy to "reject *:*". This option only affects
+ and we'll reset our exit policy to "reject \*:*". This option only affects
name lookups that your server does on behalf of clients. (Default:
"www.google.com, www.mit.edu, www.yahoo.com, www.slashdot.org")
@@ -1938,11 +1938,6 @@ if DirPort is non-zero):
to set up a separate webserver. There's a sample disclaimer in
contrib/operator-tools/tor-exit-notice.html.
-[[HidServDirectoryV2]] **HidServDirectoryV2** **0**|**1**::
- When this option is set, Tor accepts and serves v2 hidden service
- descriptors. Setting DirPort is not required for this, because clients
- connect via the ORPort by default. (Default: 1)
-
[[DirPort]] **DirPort** \['address':]__PORT__|**auto** [_flags_]::
If this option is nonzero, advertise the directory service on this port.
Set it to "auto" to have Tor pick a port for you. This option can occur
@@ -2003,7 +1998,7 @@ on the public Tor network.
multiple times: the values from multiple lines are spliced together. When
this is set then **VersioningAuthoritativeDirectory** should be set too.
-[[RecommendedPackageVersions]] **RecommendedPackageVersions** __PACKAGENAME__ __VERSION__ __URL__ __DIGESTTYPE__**=**__DIGEST__ ::
+[[RecommendedPackages]] **RecommendedPackages** __PACKAGENAME__ __VERSION__ __URL__ __DIGESTTYPE__**=**__DIGEST__ ::
Adds "package" line to the directory authority's vote. This information
is used to vote on the correct URL and digest for the released versions
of different Tor-related packages, so that the consensus can certify
@@ -2154,11 +2149,6 @@ on the public Tor network.
that fine-grained information about nodes can be discarded when it hasn't
changed for a given amount of time. (Default: 24 hours)
-[[VoteOnHidServDirectoriesV2]] **VoteOnHidServDirectoriesV2** **0**|**1**::
- When this option is set in addition to **AuthoritativeDirectory**, Tor
- votes on whether to accept relays as hidden service directories.
- (Default: 1)
-
[[AuthDirHasIPv6Connectivity]] **AuthDirHasIPv6Connectivity** **0**|**1**::
Authoritative directories only. When set to 0, OR ports with an
IPv6 address are being accepted without reachability testing.
@@ -2422,7 +2412,7 @@ The following options are used for running a testing Tor network.
information on how to specify nodes.
+
In order for this option to have any effect, **TestingTorNetwork**
- and **VoteOnHidServDirectoriesV2** both have to be set.
+ must be set.
[[TestingDirAuthVoteHSDirIsStrict]] **TestingDirAuthVoteHSDirIsStrict** **0**|**1** ::
If True (1), a node will never receive the HSDir flag unless it is specified
@@ -2451,7 +2441,7 @@ The following options are used for running a testing Tor network.
authority on a testing network. Overrides the usual default lower bound
of 4 KB. (Default: 0)
-[[TestingLinkCertLifetime]] **TestingLinkCertifetime** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**|**months**::
+[[TestingLinkCertLifetime]] **TestingLinkCertLifetime** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**|**months**::
Overrides the default lifetime for the certificates used to authenticate
our X509 link cert with our ed25519 signing key.
(Default: 2 days)
@@ -2461,8 +2451,10 @@ The following options are used for running a testing Tor network.
key.
(Default: 2 days)
-[[TestingLinkKeySlop]] **TestingLinkKeySlop** __N__ **seconds**|**minutes**|**hours**::
-[[TestingAuthKeySlop]] **TestingAuthKeySlop** __N__ **seconds**|**minutes**|**hours**::
+[[TestingLinkKeySlop]] **TestingLinkKeySlop** __N__ **seconds**|**minutes**|**hours** +
+
+[[TestingAuthKeySlop]] **TestingAuthKeySlop** __N__ **seconds**|**minutes**|**hours** +
+
[[TestingSigningKeySlop]] **TestingSigningKeySlop** __N__ **seconds**|**minutes**|**hours**::
How early before the official expiration of a an Ed25519 signing key do
we replace it and issue a new key?
@@ -2656,7 +2648,7 @@ SEE ALSO
BUGS
----
-Plenty, probably. Tor is still in development. Please report them.
+Plenty, probably. Tor is still in development. Please report them at https://trac.torproject.org/.
AUTHORS
-------