|
|
@@ -0,0 +1,137 @@
|
|
|
+.TH TOR 1 "November 2003" "TOR"
|
|
|
+.SH NAME
|
|
|
+tor \- The second-generation onion router
|
|
|
+.SH SYNOPSIS
|
|
|
+.B tor
|
|
|
+[\fIOPTION value\fR]...
|
|
|
+.SH DESCRIPTION
|
|
|
+.I tor
|
|
|
+is a connection-oriented anonymizing communication
|
|
|
+service. Users choose a source-routed path through a set of nodes, and
|
|
|
+negotiate a "virtual circuit" through the network, in which each node
|
|
|
+knows its predecessor and successor, but no others. Traffic flowing down
|
|
|
+the circuit is unwrapped by a symmetric key at each node, which reveals
|
|
|
+the downstream node.
|
|
|
+.PP
|
|
|
+Basically \fItor\fR provides a distributed network of servers ("onion
|
|
|
+routers"). Users bounce their tcp streams -- web traffic, ftp, ssh, etc --
|
|
|
+around the routers, and recipients, observers, and even the routers
|
|
|
+themselves have difficulty tracking the source of the stream.
|
|
|
+.SH OPTIONS
|
|
|
+Options can be specified either on the commandline (\fI--option value\fR), or in the configuration file (\fIoption value\fR).
|
|
|
+.TP
|
|
|
+\fB-h, -help\fP
|
|
|
+Display a short help message and exit.
|
|
|
+.TP
|
|
|
+\fB-f \fR\fIFILE\fP
|
|
|
+FILE contains further "option value" pairs. (Default: @CONFDIR@/torrc)
|
|
|
+.TP
|
|
|
+\fBloglevel debug|info|warn|err\fP
|
|
|
+Set the verboseness level of the primary log. (Default: warn)
|
|
|
+.TP
|
|
|
+\fBlogfile \fR\fIFILE\fP
|
|
|
+Rather than logging to stdout, log to FILE.
|
|
|
+.TP
|
|
|
+\fBdebuglogfile \fR\fIFILE\fP
|
|
|
+In addition to other logging, we will log to FILE at log-level debug.
|
|
|
+.TP
|
|
|
+\fBgroup \fR\fIGID\fP
|
|
|
+On startup, setgid to this user.
|
|
|
+.TP
|
|
|
+\fBkeepaliveperiod \fR\fINUM\fP
|
|
|
+To keep firewalls from expiring connections, send a padding keepalive cell on open connections every NUM seconds. (Default: 300)
|
|
|
+.TP
|
|
|
+\fBpidfile \fR\fIFILE\fP
|
|
|
+On startup, write our PID to FILE. On clean shutdown, remove FILE.
|
|
|
+.TP
|
|
|
+\fBrouterfile \fR\fIFILE\fP
|
|
|
+FILE contains a list of directory servers, to bootstrap into the network. (Default: @CONFDIR@/dirservers)
|
|
|
+.TP
|
|
|
+\fBrunasdaemon \fR\fI0|1\fP
|
|
|
+If 1, Tor forks and daemonizes to the background. (Default: 0)
|
|
|
+.TP
|
|
|
+\fBtotalbandwidth \fR\fINUM\fP
|
|
|
+A token bucket limits the average incoming bandwidth on this node to NUM bytes per second. (Default: 800000)
|
|
|
+.TP
|
|
|
+\fBuser \fR\fIUID\fP
|
|
|
+On startup, setuid to this user.
|
|
|
+
|
|
|
+.SH CLIENT OPTIONS
|
|
|
+.PP
|
|
|
+The following options are useful only for clients (that is, if \fBsocksport\fP is non-zero):
|
|
|
+.TP
|
|
|
+\fBnewcircuitperiod \fR\fINUM\fP
|
|
|
+Every NUM seconds consider whether to build a new circuit. (Default: 60)
|
|
|
+.TP
|
|
|
+\fBpathlencoinweight \fR\fI0.0-1.0\fP
|
|
|
+Paths are 3 hops plus a geometric distribution centered around this coinweight. Must be >=0.0 and <1.0. (Default: 0.3)
|
|
|
+.TP
|
|
|
+\fBsocksport \fR\fIPORT\fP
|
|
|
+Bind to this port to listen for connections from socks-speaking applications.
|
|
|
+.TP
|
|
|
+\fBsocksbindaddress \fR\fIIP\fP
|
|
|
+Bind to this address to listen for connections from socks-speaking applications. (Default: 127.0.0.1)
|
|
|
+
|
|
|
+.SH SERVER OPTIONS
|
|
|
+.PP
|
|
|
+The following options are useful only for servers (that is, if \fBorport\fP is non-zero):
|
|
|
+.TP
|
|
|
+\fBaddress address\fP
|
|
|
+The fqdn of this server (e.g. moria.mit.edu).
|
|
|
+.TP
|
|
|
+\fBdatadirectory \fR\fIDIR\fP
|
|
|
+Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
|
|
|
+.TP
|
|
|
+\fBexitpolicy \fR\fIpolicy,policy,...\fP
|
|
|
+Set an exit policy for this server. Each policy is of the form "reject 127.0.0.1:*". Also handles masks and bits.
|
|
|
+.TP
|
|
|
+\fBmaxonionspending \fR\fINUM\fP
|
|
|
+If you have more than this number of onionskins queued for decrypt, reject new ones. (Default: 100)
|
|
|
+.TP
|
|
|
+\fBnickname \fR\fIname\fP
|
|
|
+Set the server's nickname to 'name'.
|
|
|
+.TP
|
|
|
+\fBnumcpus \fR\fInum\fP
|
|
|
+How many processes to use at once for decrypting onionskins. (Default: 1)
|
|
|
+.TP
|
|
|
+\fBorport \fR\fIPORT\fP
|
|
|
+Bind to this port to listen for connections from Tor clients and servers.
|
|
|
+.TP
|
|
|
+\fBorbindaddress \fR\fIIP\fP
|
|
|
+Bind to this address to listen for connections from Tor clients and servers. (Default: 0.0.0.0)
|
|
|
+
|
|
|
+.SH DIRECTORY SERVER OPTIONS
|
|
|
+.PP
|
|
|
+The following options are useful only for directory servers (that is, if \fBdirport\fP is non-zero):
|
|
|
+.TP
|
|
|
+\fBdirport \fR\fIPORT\fP
|
|
|
+Bind the directory service to this port.
|
|
|
+.TP
|
|
|
+\fBdirbindaddress \fR\fIIP\fP
|
|
|
+Bind the directory service to this address. (Default: 0.0.0.0)
|
|
|
+.TP
|
|
|
+\fBrecommendedversions \fR\fISTRING\fP
|
|
|
+STRING is a command-separated list of Tor versions currently believed to be safe. The list is included in each directory, and nodes which pull down the directory learn whether they need to upgrade.
|
|
|
+
|
|
|
+.SH FILES
|
|
|
+.TP
|
|
|
+.I @CONFDIR@/torrc
|
|
|
+The configuration file, which contains "option value" pairs.
|
|
|
+.TP
|
|
|
+.I @CONFDIR@/dirservers
|
|
|
+A list of directory servers, to bootstrap into the network.
|
|
|
+.TP
|
|
|
+.I @LOCALSTATEDIR@/lib/tor/
|
|
|
+The tor server stores keys/etc here.
|
|
|
+
|
|
|
+.SH SEE ALSO
|
|
|
+.BR privoxy (1),
|
|
|
+.BR tsocks (1)
|
|
|
+
|
|
|
+.BR http://freehaven.net/tor/
|
|
|
+
|
|
|
+.SH BUGS
|
|
|
+Plenty, probably. It's still in alpha. Please report them.
|
|
|
+.SH AUTHORS
|
|
|
+Roger Dingledine <arma@mit.edu>.
|
|
|
+
|
Roger Dingledine