|
@@ -1443,12 +1443,12 @@ The following options are useful only for clients (that is, if
|
|
|
[[ClientDNSRejectInternalAddresses]] **ClientDNSRejectInternalAddresses** **0**|**1**::
|
|
|
If true, Tor does not believe any anonymously retrieved DNS answer that
|
|
|
tells it that an address resolves to an internal address (like 127.0.0.1 or
|
|
|
- 192.168.0.1). This option prevents certain browser-based attacks; don't
|
|
|
- turn it off unless you know what you're doing. (Default: 1)
|
|
|
+ 192.168.0.1). This option prevents certain browser-based attacks; it
|
|
|
+ is not allowed to be set on the default network. (Default: 1)
|
|
|
|
|
|
[[ClientRejectInternalAddresses]] **ClientRejectInternalAddresses** **0**|**1**::
|
|
|
If true, Tor does not try to fulfill requests to connect to an internal
|
|
|
- address (like 127.0.0.1 or 192.168.0.1) __unless a exit node is
|
|
|
+ address (like 127.0.0.1 or 192.168.0.1) __unless an exit node is
|
|
|
specifically requested__ (for example, via a .exit hostname, or a
|
|
|
controller request). If true, multicast DNS hostnames for machines on the
|
|
|
local network (of the form *.local) are also rejected. (Default: 1)
|