tor.1.in 26 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664
  1. .TH TOR 1 "September 2005" "TOR"
  2. .SH NAME
  3. tor \- The second-generation onion router
  4. .SH SYNOPSIS
  5. .B tor
  6. [\fIOPTION value\fR]...
  7. .SH DESCRIPTION
  8. .I tor
  9. is a connection-oriented anonymizing communication
  10. service. Users choose a source-routed path through a set of nodes, and
  11. negotiate a "virtual circuit" through the network, in which each node
  12. knows its predecessor and successor, but no others. Traffic flowing down
  13. the circuit is unwrapped by a symmetric key at each node, which reveals
  14. the downstream node.
  15. .PP
  16. Basically \fItor\fR provides a distributed network of servers ("onion
  17. routers"). Users bounce their TCP streams -- web traffic, ftp, ssh, etc --
  18. around the routers, and recipients, observers, and even the routers
  19. themselves have difficulty tracking the source of the stream.
  20. .SH OPTIONS
  21. \fB-h, -help\fP
  22. Display a short help message and exit.
  23. .LP
  24. .TP
  25. \fB-f \fR\fIFILE\fP
  26. FILE contains further "option value" pairs. (Default: @CONFDIR@/torrc)
  27. .LP
  28. .TP
  29. Other options can be specified either on the command-line (\fI--option
  30. value\fR), or in the configuration file (\fIoption value\fR).
  31. Options are case-insensitive.
  32. .LP
  33. .TP
  34. \fBBandwidthRate \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
  35. A token bucket limits the average incoming bandwidth on this node to
  36. the specified number of bytes per second. (Default: 2 MB)
  37. .LP
  38. .TP
  39. \fBBandwidthBurst \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
  40. Limit the maximum token bucket size (also known as the burst) to the given number of bytes. (Default: 5 MB)
  41. .LP
  42. .TP
  43. \fBMaxAdvertisedBandwidth \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
  44. If set, we will not advertise more than this amount of bandwidth for our
  45. BandwidthRate. Server operators who want to reduce the number of clients
  46. who ask to build circuits through them (since this is proportional to
  47. advertised bandwidth rate) can thus reduce the CPU demands on their
  48. server without impacting network performance.
  49. .LP
  50. .TP
  51. \fBControlPort \fR\fIPort\fP
  52. If set, Tor will accept connections from the same machine (localhost only) on
  53. this port, and allow those connections to control the Tor process using the
  54. Tor Control Protocol (described in control-spec.txt). Note: unless you also
  55. specify one of \fBHashedControlPassword\fP or \fBCookieAuthentication\fP,
  56. setting this option will cause Tor to allow any process on the local host to
  57. control it.
  58. .LP
  59. .TP
  60. \fBHashedControlPassword \fR\fIhashed_password\fP
  61. Don't allow any connections on the control port except when the other process
  62. knows the password whose one-way hash is \fIhashed_password\fP. You can
  63. compute the hash of a password by running "tor --hash-password
  64. \fIpassword\fP".
  65. .LP
  66. .TP
  67. \fBCookieAuthentication \fR\fB0\fR|\fB1\fP
  68. If this option is set to 1, don't allow any connections on the control port
  69. except when the connecting process knows the contents of a file named
  70. "control_auth_cookie", which Tor will create in its data directory. This
  71. authentication methods should only be used on systems with good filesystem
  72. security. (Default: 0)
  73. .LP
  74. .TP
  75. \fBDataDirectory \fR\fIDIR\fP
  76. Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
  77. .LP
  78. .TP
  79. \fBDirFetchPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
  80. Every time the specified period elapses, Tor downloads a directory.
  81. A directory contains a signed list of all known servers as well as
  82. their current liveness status. A value of "0 seconds" tells Tor to choose an
  83. appropriate default. (Default: 1 hour for clients, 20 minutes for servers)
  84. .LP
  85. .TP
  86. \fBDirServer \fR[\fInickname\fR] [\fBv1\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
  87. Use a nonstandard authoritative directory server at the provided
  88. address and port, with the specified key fingerprint. This option can
  89. be repeated many times, for multiple authoritative directory
  90. servers. If the "v1" option is provided, Tor will use this server as an
  91. authority for old-style (v1) directories as well. (Only directory mirrors
  92. care about this.) If no \fBdirserver\fP line is given, Tor will use the default
  93. directory servers: moria1, moria2, and tor26. NOTE: this option is intended
  94. for setting up a private Tor network with its own directory authorities. If
  95. you use it, you will be distinguishable from other users, because you won't
  96. believe the same authorities they do.
  97. .LP
  98. .TP
  99. \fBGroup \fR\fIGID\fP
  100. On startup, setgid to this user.
  101. .LP
  102. .TP
  103. \fBHttpProxy\fR \fIhost\fR[:\fIport\fR]\fP
  104. Tor will make all its directory requests through this host:port
  105. (or host:80 if port is not specified),
  106. rather than connecting directly to any directory servers.
  107. .LP
  108. .TP
  109. \fBHttpProxyAuthenticator\fR \fIusername:password\fP
  110. If defined, Tor will use this username:password for Basic Http proxy
  111. authentication, as in RFC 2617. This is currently the only form of
  112. Http proxy authentication that Tor supports; feel free to submit a
  113. patch if you want it to support others.
  114. .LP
  115. .TP
  116. \fBHttpsProxy\fR \fIhost\fR[:\fIport\fR]\fP
  117. Tor will make all its OR (SSL) connections through this host:port
  118. (or host:443 if port is not specified), via HTTP CONNECT rather than
  119. connecting directly to servers. You may want to set \fBFascistFirewall\fR
  120. to restrict the set of ports you might try to connect to, if your Https
  121. proxy only allows connecting to certain ports.
  122. .LP
  123. .TP
  124. \fBHttpsProxyAuthenticator\fR \fIusername:password\fP
  125. If defined, Tor will use this username:password for Basic Https proxy
  126. authentication, as in RFC 2617. This is currently the only form of
  127. Https proxy authentication that Tor supports; feel free to submit a
  128. patch if you want it to support others.
  129. .LP
  130. .TP
  131. \fBKeepalivePeriod \fR\fINUM\fP
  132. To keep firewalls from expiring connections, send a padding keepalive
  133. cell every NUM seconds on open connections that are in use. If the
  134. connection has no open circuits, it will instead be closed after NUM
  135. seconds of idleness. (Default: 5 minutes)
  136. .LP
  137. .TP
  138. \fBLog \fR\fIminSeverity\fR[-\fImaxSeverity\fR] \fBstderr\fR|\fBstdout\fR|\fBsyslog\fR\fP
  139. Send all messages between \fIminSeverity\fR and \fImaxSeverity\fR to
  140. the standard output stream, the standard error stream, or to the system
  141. log. (The "syslog" value is only supported on Unix.) Recognized
  142. severity levels are debug, info, notice, warn, and err. If only one
  143. severity level is given, all messages of that level or higher will be
  144. sent to the listed destination.
  145. .LP
  146. .TP
  147. \fBLog \fR\fIminSeverity\fR[-\fImaxSeverity\fR] \fBfile\fR \fIFILENAME\fP
  148. As above, but send log messages to the listed filename. The "Log"
  149. option may appear more than once in a configuration file. Messages
  150. are sent to all the logs that match their severity level.
  151. .LP
  152. .TP
  153. \fBMaxConn \fR\fINUM\fP
  154. Maximum number of simultaneous sockets allowed. You probably don't need
  155. to adjust this. (Default: 1024)
  156. .LP
  157. .TP
  158. \fBOutboundBindAddress \fR\fIIP\fP
  159. Make all outbound connections originate from the IP address specified. This
  160. is only useful when you have multiple network interfaces, and you want all
  161. of Tor's outgoing connections to use a single one.
  162. .LP
  163. .TP
  164. \fBPidFile \fR\fIFILE\fP
  165. On startup, write our PID to FILE. On clean shutdown, remove FILE.
  166. .LP
  167. .TP
  168. \fBRunAsDaemon \fR\fB0\fR|\fB1\fR\fP
  169. If 1, Tor forks and daemonizes to the background. (Default: 0)
  170. .LP
  171. .TP
  172. \fBSafeLogging \fR\fB0\fR|\fB1\fP
  173. If 1, Tor replaces potentially sensitive strings in the logs
  174. (e.g. addresses) with the string [scrubbed]. This way logs can still be
  175. useful, but they don't leave behind personally identifying information
  176. about what sites a user might have visited. (Default: 1)
  177. .LP
  178. .TP
  179. \fBStatusFetchPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
  180. Every time the specified period elapses, Tor downloads signed status
  181. information about the current state of known servers. A value of
  182. "0 seconds" tells Tor to choose an appropriate default. (Default: 30
  183. minutes for clients, 15 minutes for servers)
  184. .LP
  185. .TP
  186. \fBUser \fR\fIUID\fP
  187. On startup, setuid to this user.
  188. .LP
  189. .TP
  190. \fBHardwareAccel \fR\fI0|1\fP
  191. If non-zero, try to use crypto hardware acceleration when
  192. available. (Default: 1. )
  193. .SH CLIENT OPTIONS
  194. .PP
  195. The following options are useful only for clients (that is, if \fBSOCKSPort\fP is non-zero):
  196. .LP
  197. .TP
  198. \fBAllowUnverifiedNodes\fR \fBentry\fR|\fBexit\fR|\fBmiddle\fR|\fBintroduction\fR|\fBrendezvous\fR|...\fP
  199. Where on our circuits should we allow Tor servers that the directory
  200. servers haven't authenticated as "verified"? (Default: middle,rendezvous)
  201. .LP
  202. .TP
  203. \fBClientOnly \fR\fB0\fR|\fB1\fR\fP
  204. If set to 1, Tor will under no circumstances run as a server. The default
  205. is to run as a client unless ORPort is configured. (Usually,
  206. you don't need to set this; Tor is pretty smart at figuring out whether
  207. you are reliable and high-bandwidth enough to be a useful server.)
  208. This option will likely be deprecated in the future; see the NoPublish
  209. option below. (Default: 0)
  210. .LP
  211. .TP
  212. \fBEntryNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  213. A list of preferred nodes to use for the first hop in the circuit, if possible.
  214. .LP
  215. .TP
  216. \fBExitNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  217. A list of preferred nodes to use for the last hop in the circuit, if possible.
  218. .LP
  219. .TP
  220. \fBExcludeNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  221. A list of nodes to never use when building a circuit.
  222. .LP
  223. .TP
  224. \fBStrictExitNodes \fR\fB0\fR|\fB1\fR\fP
  225. If 1, Tor will never use any nodes besides those listed in "exitnodes" for
  226. the last hop of a circuit.
  227. .LP
  228. .TP
  229. \fBStrictEntryNodes \fR\fB0\fR|\fB1\fR\fP
  230. If 1, Tor will never use any nodes besides those listed in "entrynodes" for
  231. the first hop of a circuit.
  232. .LP
  233. .TP
  234. \fBFascistFirewall \fR\fB0\fR|\fB1\fR\fP
  235. If 1, Tor will only create outgoing connections to ORs running on ports that
  236. your firewall allows (defaults to 80 and 443; see \fBFirewallPorts\fR). This will
  237. allow you to run Tor as a client behind a firewall with restrictive policies,
  238. but will not allow you to run as a server behind such a firewall.
  239. This option is deprecated; use
  240. ReachableAddresses instead.
  241. .LP
  242. .TP
  243. \fBFirewallPorts \fR\fIPORTS\fP
  244. A list of ports that your firewall allows you to connect to. Only
  245. used when \fBFascistFirewall\fR is set. This option is deprecated; use
  246. ReachableAddresses instead. (Default: 80, 443)
  247. .LP
  248. .TP
  249. \fBReachableAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
  250. A comma-separated list of IPs that your firewall allows you to connect
  251. to. Only used when \fBFascistFirewall\fR is set. The format is as
  252. for the addresses in ExitPolicy, except that "accept" is understood
  253. unless "reject" is explicitly provided. For example, 'ReachableAddresses
  254. 99.0.0.0/8, reject 18.0.0.0/8:80, accept *:80' means that your
  255. firewall allows connections to everything inside net 99, rejects port
  256. 80 connections to net 18, and accepts connections to port 80 otherwise.
  257. (Default: 'accept *:*'.)
  258. .LP
  259. .TP
  260. \fBLongLivedPorts \fR\fIPORTS\fP
  261. A list of ports for services that tend to have long-running connections
  262. (e.g. chat and interactive shells). Circuits for streams that use these
  263. ports will contain only high-uptime nodes, to reduce the chance that a
  264. node will go down before the stream is finished. (Default: 21, 22, 706, 1863, 5050,
  265. 5190, 5222, 5223, 6667, 8300, 8888)
  266. .LP
  267. .TP
  268. \fBMapAddress\fR \fIaddress\fR \fInewaddress\fR
  269. When a request for address arrives to Tor, it will rewrite it to newaddress before
  270. processing it. For example, if you always want connections to www.indymedia.org to
  271. exit via \fItorserver\fR (where \fItorserver\fR is the nickname of the server),
  272. use "MapAddress www.indymedia.org www.indymedia.org.torserver.exit".
  273. .LP
  274. .TP
  275. \fBNewCircuitPeriod \fR\fINUM\fP
  276. Every NUM seconds consider whether to build a new circuit. (Default: 30 seconds)
  277. .LP
  278. .TP
  279. \fBMaxCircuitDirtiness \fR\fINUM\fP
  280. Feel free to reuse a circuit that was first used at most NUM seconds
  281. ago, but never attach a new stream to a circuit that is too old. (Default: 10 minutes)
  282. .LP
  283. .TP
  284. \fBNodeFamily \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  285. The named Tor servers constitute a "family" of similar or co-administered
  286. servers, so never use any two of them in the same circuit. Defining a
  287. NodeFamily is only needed when a server doesn't list the family itself
  288. (with MyFamily). This option can be used multiple times.
  289. .LP
  290. .TP
  291. .\" \fBPathlenCoinWeight \fR\fI0.0-1.0\fP
  292. .\" Paths are 3 hops plus a geometric distribution centered around this coinweight.
  293. .\" Must be >=0.0 and <1.0. (Default: 0.3) NOT USED CURRENTLY
  294. .\" .TP
  295. \fBRendNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  296. A list of preferred nodes to use for the rendezvous point, if possible.
  297. .LP
  298. .TP
  299. \fBRendExcludeNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  300. A list of nodes to never use when choosing a rendezvous point.
  301. .LP
  302. .TP
  303. \fBSOCKSPort \fR\fIPORT\fP
  304. Advertise this port to listen for connections from SOCKS-speaking
  305. applications. Set this to 0 if you don't want to allow application
  306. connections. (Default: 9050)
  307. .LP
  308. .TP
  309. \fBSOCKSBindAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
  310. Bind to this address to listen for connections from SOCKS-speaking
  311. applications. (Default: 127.0.0.1) You can also specify a port
  312. (e.g. 192.168.0.1:9100). This directive can be specified multiple times
  313. to bind to multiple addresses/ports.
  314. .LP
  315. .TP
  316. \fBSOCKSPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
  317. Set an entrance policy for this server, to limit who can connect to the SOCKS ports.
  318. The policies have the same form as exit policies below.
  319. .LP
  320. .TP
  321. \fBTrackHostExits \fR\fIhost\fR,\fI.domain\fR,\fI...\fR\fP
  322. For each value in the comma separated list, Tor will track recent connections
  323. to hosts that match this value and attempt to
  324. reuse the same exit node for each. If the value is prepended with a '.', it is
  325. treated as matching an entire domain. If one of the values is just a '.', it
  326. means match everything. This option is useful if you frequently connect to
  327. sites that will expire all your authentication cookies (ie log you out) if
  328. your IP address changes. Note that this option does have the disadvantage of
  329. making it more clear that a given history is
  330. associated with a single user. However, most people who would wish to observe
  331. this will observe it through cookies or other protocol-specific means anyhow.
  332. .LP
  333. .TP
  334. \fBTrackHostExitsExpire \fR\fINUM\fP
  335. Since exit servers go up and down, it is desirable to expire the association
  336. between host and exit server after NUM seconds. The default
  337. is 1800 seconds (30 minutes).
  338. .LP
  339. .TP
  340. \fBUseHelperNodes \fR\fI0|1\fP
  341. If this option is set to 1, we pick a few entry servers as our "helpers", and
  342. try to use only those fixed entry servers. This is desirable, because
  343. constantly changing servers increases the odds that an adversary who owns
  344. some servers will observe a fraction of your paths.
  345. (Defaults to 0; will eventually default to 1.)
  346. .LP
  347. .TP
  348. \fBNumHelperNodes \fR\fINUM\fP
  349. If UseHelperNodes is set to 1, we will try to pick a total of NUM helper
  350. nodes as entries for our circuits.
  351. (Defaults to 3.)
  352. .SH SERVER OPTIONS
  353. .PP
  354. The following options are useful only for servers (that is, if \fBORPort\fP is non-zero):
  355. .LP
  356. .TP
  357. \fBAddress \fR\fIaddress\fP
  358. The IP or fqdn of this server (e.g. moria.mit.edu). You can leave this
  359. unset, and Tor will guess your IP.
  360. .LP
  361. .TP
  362. \fBAssumeReachable \fR\fB0\fR|\fB1\fR\fP
  363. This option is used when bootstrapping a new Tor network. If set to 1,
  364. don't do self-reachability testing; just upload your server descriptor
  365. immediately. If \fBAuthoritativeDirectory\fP is also set, this option
  366. instructs the dirserver to bypass remote reachability testing too and
  367. list all connected servers as running.
  368. .LP
  369. .TP
  370. \fBContactInfo \fR\fIemail_address\fP
  371. Administrative contact information for server.
  372. .LP
  373. .TP
  374. \fBExitPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
  375. Set an exit policy for this server. Each policy is of the form
  376. "\fBaccept\fP|\fBreject\fP \fIADDR\fP[\fB/\fP\fIMASK\fP]\fB[:\fP\fIPORT\fP]".
  377. If \fB/\fP\fIMASK\fP is omitted then this policy just applies to the host
  378. given. Instead of giving a host or network you can also use "\fB*\fP" to
  379. denote the universe (0.0.0.0/0). \fIPORT\fP can be a single port number,
  380. an interval of ports "\fIFROM_PORT\fP\fB-\fP\fITO_PORT\fP", or "\fB*\fP".
  381. If \fiPORT\fP is omitted, that means "\fB*\fP".
  382. For example, "reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept *:*" would
  383. reject any traffic destined for localhost and any 192.168.1.* address, but
  384. accept anything else.
  385. To specify all internal and link-local networks (including 0.0.0.0/8,
  386. 169.254.0.0/16, 127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8, and
  387. 172.16.0.0/12), you can use the "private" alias instead of an address.
  388. For example, to allow HTTP to 127.0.0.1 and block all other
  389. connections to internal networks, you can say "accept
  390. 127.0.0.1:80,reject private:*". See RFC 1918 and RFC 3330 for more
  391. details about internal and reserved IP address space.
  392. This directive can be specified multiple times so you don't have to put
  393. it all on one line.
  394. Policies are considered first to last, and the first match wins. If
  395. you want to _replace_ the default exit policy, end your exit policy with
  396. either a reject *:* or an accept *:*. Otherwise, you're _augmenting_
  397. (prepending to) the default exit policy. The default exit policy is:
  398. .PD 0
  399. .RS 12
  400. .IP "reject private:*" 0
  401. .IP "reject *:25"
  402. .IP "reject *:119"
  403. .IP "reject *:135-139"
  404. .IP "reject *:445"
  405. .IP "reject *:465"
  406. .IP "reject *:587"
  407. .IP "reject *:1214"
  408. .IP "reject *:4661-4666"
  409. .IP "reject *:6346-6429"
  410. .IP "reject *:6699"
  411. .IP "reject *:6881-6999"
  412. .IP "accept *:*"
  413. .RE
  414. .PD
  415. .LP
  416. .TP
  417. \fBMaxOnionsPending \fR\fINUM\fP
  418. If you have more than this number of onionskins queued for decrypt, reject new ones. (Default: 100)
  419. .LP
  420. .TP
  421. \fBMyFamily \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  422. Declare that this Tor server is controlled or administered by a group
  423. or organization identical or similar to that of the other named servers.
  424. When two servers both declare that they are in the same 'family', Tor clients
  425. will not use them in the same circuit. (Each server only needs to list the
  426. other servers in its family; it doesn't need to list itself, but it won't hurt.)
  427. .LP
  428. .TP
  429. \fBNickname \fR\fIname\fP
  430. Set the server's nickname to 'name'.
  431. .LP
  432. .TP
  433. \fBNoPublish \fR\fB0\fR|\fB1\fR\fP
  434. If you set NoPublish 1, Tor will act as a server if you have an ORPort
  435. defined, but it will not publish its descriptor to the dirservers. This
  436. option is useful if you're testing out your server, or if you're using
  437. alternate dirservers (e.g. for other Tor networks such as Blossom).
  438. (Default: 0)
  439. .LP
  440. .TP
  441. \fBNumCPUs \fR\fInum\fP
  442. How many processes to use at once for decrypting onionskins. (Default: 1)
  443. .LP
  444. .TP
  445. \fBORPort \fR\fIPORT\fP
  446. Advertise this port to listen for connections from Tor clients and servers.
  447. .LP
  448. .TP
  449. \fBORBindAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
  450. Bind to this IP address to listen for connections from Tor clients and
  451. servers. If you specify a port, bind to this port rather than the one
  452. specified in ORPort. (Default: 0.0.0.0)
  453. .LP
  454. .TP
  455. \fBRedirectExit \fR\fIpattern target\fP
  456. Whenever an outgoing connection tries to connect to one of a given set
  457. of addresses, connect to \fItarget\fP (an \fIaddress:port\fP pair) instead.
  458. The address
  459. pattern is given in the same format as for an exit policy. The
  460. address translation applies after exit policies are applied. Multiple
  461. \fBRedirectExit\fP options can be used: once any one has matched
  462. successfully, no subsequent rules are considered. You can specify that no
  463. redirection is to be performed on a given set of addresses by using the
  464. special target string "pass", which prevents subsequent rules from being
  465. considered.
  466. .LP
  467. .TP
  468. \fBShutdownWaitLength\fR \fINUM\fP
  469. When we get a SIGINT and we're a server, we begin shutting down: we close
  470. listeners and start refusing new circuits. After \fBNUM\fP seconds,
  471. we exit. If we get a second SIGINT, we exit immediately. (Default:
  472. 30 seconds)
  473. .LP
  474. .TP
  475. \fBDirPostPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
  476. Every time the specified period elapses, Tor uploads its server
  477. descriptors to the directory servers. This information is also
  478. uploaded whenever it changes. (Default: 20 minutes)
  479. .LP
  480. .TP
  481. \fBAccountingMax \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
  482. Never send more than the specified number of bytes in a given
  483. accounting period, or receive more than that number in the period.
  484. For example, with AccountingMax set to 1 GB, a server could send 900 MB
  485. and receive 800 MB and continue running. It will only hibernate once one
  486. of the two reaches 1 GB.
  487. When the number of bytes is exhausted, Tor will hibernate until some
  488. time in the next accounting period. To prevent all servers from
  489. waking at the same time, Tor will also wait until a random point in
  490. each period before waking up. If you have bandwidth cost issues,
  491. enabling hibernation is preferable to setting a low bandwidth, since it
  492. provides users with a collection of fast servers that are up some of
  493. the time, which is more useful than a set of slow servers that are
  494. always "available".
  495. .LP
  496. .TP
  497. \fBAccountingStart \fR\fBday\fR|\fBweek\fR|\fBmonth\fR [\fIday\fR] \fIHH:MM\fR\fP
  498. Specify how long accounting periods last. If \fBmonth\fP is given,
  499. each accounting period runs from the time \fIHH:MM\fR on the
  500. \fIday\fRth day of one month to the same day and time of the next.
  501. (The day must be between 1 and 28.) If \fBweek\fP is given, each
  502. accounting period runs from the time \fIHH:MM\fR of the \fIday\fRth
  503. day of one week to the same day and time of the next week, with Monday
  504. as day 1 and Sunday as day 7. If \fBday\fR is given, each accounting
  505. period runs from the time \fIHH:MM\fR each day to the same time on the
  506. next day. All times are local, and given in 24-hour time. (Defaults to
  507. "month 1 0:00".)
  508. .SH DIRECTORY SERVER OPTIONS
  509. .PP
  510. The following options are useful only for directory servers (that is, if \fBDirPort\fP is non-zero):
  511. .LP
  512. .TP
  513. \fBAuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP
  514. When this option is set to 1, Tor operates as an authoritative
  515. directory server. Instead of caching the directory, it generates its
  516. own list of good servers, signs it, and sends that to the clients.
  517. Unless the clients already have you listed as a trusted directory, you
  518. probably do not want to set this option. Please coordinate with the other
  519. admins at tor-ops@freehaven.net if you think you should be a directory.
  520. .LP
  521. .TP
  522. \fBDirPort \fR\fIPORT\fP
  523. Advertise the directory service on this port.
  524. .LP
  525. .TP
  526. \fBDirBindAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
  527. Bind the directory service to this address. If you specify a port, bind
  528. to this port rather than the one specified in DirPort. (Default: 0.0.0.0)
  529. .LP
  530. .TP
  531. \fBDirPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
  532. Set an entrance policy for this server, to limit who can connect to the directory ports.
  533. The policies have the same form as exit policies above.
  534. .LP
  535. .TP
  536. \fBRecommendedVersions \fR\fISTRING\fP
  537. STRING is a command-separated list of Tor versions currently believed
  538. to be safe. The list is included in each directory, and nodes which
  539. pull down the directory learn whether they need to upgrade. This
  540. option can appear multiple times: the values from multiple lines are
  541. spliced together.
  542. .LP
  543. .TP
  544. \fBDirAllowPrivateAddresses \fR\fB0\fR|\fB1\fR\fP
  545. If set to 1, Tor will accept router descriptors with arbitrary "Address"
  546. elements. Otherwise, if the address is not an IP or is a private IP,
  547. it will reject the router descriptor. Defaults to 0.
  548. .LP
  549. .TP
  550. \fBRunTesting \fR\fB0\fR|\fB1\fR\fP
  551. If set to 1, Tor tries to build circuits through all of the servers it
  552. knows about, so it can tell which are up and which are down. This
  553. option is only useful for authoritative directories, so you probably
  554. don't want to use it.
  555. .SH HIDDEN SERVICE OPTIONS
  556. .PP
  557. The following options are used to configure a hidden service.
  558. .LP
  559. .TP
  560. \fBHiddenServiceDir \fR\fIDIRECTORY\fP
  561. Store data files for a hidden service in DIRECTORY. Every hidden
  562. service must have a separate directory. You may use this option multiple
  563. times to specify multiple services.
  564. .LP
  565. .TP
  566. \fBHiddenServicePort \fR\fIVIRTPORT \fR[\fITARGET\fR]\fP
  567. Configure a virtual port VIRTPORT for a hidden service. You may use this
  568. option multiple times; each time applies to the service using the most recent
  569. hiddenservicedir. By default, this option maps the virtual port to the
  570. same port on 127.0.0.1. You may override the target port, address, or both
  571. by specifying a target of addr, port, or addr:port.
  572. .LP
  573. .TP
  574. \fBHiddenServiceNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  575. If possible, use the specified nodes as introduction points for the hidden
  576. service. If this is left unset, Tor will be smart and pick some reasonable
  577. ones; most people can leave this unset.
  578. .LP
  579. .TP
  580. \fBHiddenServiceExcludeNodes \fR\fInickname\fR,\fInickname\fR,\fI...\fP
  581. Do not use the specified nodes as introduction points for the hidden
  582. service. In normal use there is no reason to set this.
  583. .LP
  584. .TP
  585. \fBRendPostPeriod \fR\fIN\fR \fBseconds\fR|\fBminutes\fR|\fBhours\fR|\fBdays\fR|\fBweeks\fP
  586. Every time the specified period elapses, Tor uploads any rendezvous
  587. service descriptors to the directory servers. This information is also
  588. uploaded whenever it changes. (Default: 20 minutes)
  589. .\" UNDOCUMENTED
  590. .\" ignoreversion
  591. .SH SIGNALS
  592. Tor catches the following signals:
  593. .LP
  594. .TP
  595. \fBSIGTERM\fR
  596. Tor will catch this, clean up and sync to disk if necessary, and exit.
  597. .LP
  598. .TP
  599. \fBSIGINT\fR
  600. Tor clients behave as with SIGTERM; but Tor servers will do a controlled
  601. slow shutdown, closing listeners and waiting 30 seconds before exiting.
  602. (The delay can be configured with the ShutdownWaitLength config option.)
  603. .LP
  604. .TP
  605. \fBSIGHUP\fR
  606. The signal instructs Tor to reload its configuration (including closing
  607. and reopening logs), fetch a new directory, and kill and restart its
  608. helper processes if applicable.
  609. .LP
  610. .TP
  611. \fBSIGUSR1\fR
  612. Log statistics about current connections, past connections, and
  613. throughput.
  614. .LP
  615. .TP
  616. \fBSIGUSR2\fR
  617. Switch all logs to loglevel debug. You can go back to the old loglevels
  618. by sending a SIGHUP.
  619. .LP
  620. .TP
  621. \fBSIGCHLD\fR
  622. Tor receives this signal when one of its helper processes has exited,
  623. so it can clean up.
  624. .LP
  625. .TP
  626. \fBSIGPIPE\fR
  627. Tor catches this signal and ignores it.
  628. .LP
  629. .TP
  630. \fBSIGXFSZ\fR
  631. If this signal exists on your platform, Tor catches and ignores it.
  632. .SH FILES
  633. .LP
  634. .TP
  635. .I @CONFDIR@/torrc
  636. The configuration file, which contains "option value" pairs.
  637. .LP
  638. .TP
  639. .I @LOCALSTATEDIR@/lib/tor/
  640. The tor process stores keys and other data here.
  641. .SH SEE ALSO
  642. .BR privoxy (1),
  643. .BR tsocks (1),
  644. .BR torify (1)
  645. .BR http://tor.eff.org/
  646. .SH BUGS
  647. Plenty, probably. Tor is still in development. Please report them.
  648. .SH AUTHORS
  649. Roger Dingledine <arma@mit.edu>, Nick Mathewson <nickm@alum.mit.edu>.