Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 2e378295d6
Branches Tags
tor
/
src
/
config
/
torrc.sample.in

torrc.sample.in 6.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138 
  1. ## Configuration file for a typical Tor user
    2. 

  2. ## Last updated 18 August 2007 for Tor 0.2.0.5-alpha.
    3. 

  3. ## (May or may not work for much older or much newer versions of Tor.)
    4. 

  4. ##
    5. 

  5. ## Lines that begin with "## " try to explain what's going on. Lines
    6. 

  6. ## that begin with just "#" are disabled commands: you can enable them
    7. 

  7. ## by removing the "#" symbol.
    8. 

  8. ##
    9. 

  9. ## See the man page, or https://www.torproject.org/tor-manual-dev.html,
    10. 

  10. ## for more options you can use in this file.
    11. 

  11. ##
    12. 

  12. ## Tor will look for this file in various places based on your platform:
    13. 

  13. ## http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#torrc
    14. 

  14. 

  15. 

  16. ## Replace this with "SocksPort 0" if you plan to run Tor only as a
    17. 

  17. ## server, and not make any local application connections yourself.
    18. 

  18. SocksPort 9050 # what port to open for local application connections
    19. 

  19. SocksListenAddress 127.0.0.1 # accept connections only from localhost
    20. 

  20. #SocksListenAddress 192.168.0.1:9100 # listen on this IP:port also
    21. 

  21. 

  22. ## Entry policies to allow/deny SOCKS requests based on IP address.
    23. 

  23. ## First entry that matches wins. If no SocksPolicy is set, we accept
    24. 

  24. ## all (and only) requests from SocksListenAddress.
    25. 

  25. #SocksPolicy accept 192.168.0.0/16
    26. 

  26. #SocksPolicy reject *
    27. 

  27. 

  28. ## Logs go to stdout at level "notice" unless redirected by something
    29. 

  29. ## else, like one of the below lines. You can have as many Log lines as
    30. 

  30. ## you want.
    31. 

  31. ##
    32. 

  32. ## We advise using "notice" in most cases, since anything more verbose
    33. 

  33. ## may provide sensitive information to an attacker who obtains the logs.
    34. 

  34. ##
    35. 

  35. ## Send all messages of level 'notice' or higher to @LOCALSTATEDIR@/log/tor/notices.log
    36. 

  36. #Log notice file @LOCALSTATEDIR@/log/tor/notices.log
    37. 

  37. ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
    38. 

  38. #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
    39. 

  39. ## Use the system log instead of Tor's logfiles
    40. 

  40. #Log notice syslog
    41. 

  41. ## To send all messages to stderr:
    42. 

  42. #Log debug stderr
    43. 

  43. 

  44. ## Uncomment this to start the process in the background... or use
    45. 

  45. ## --runasdaemon 1 on the command line. This is ignored on Windows;
    46. 

  46. ## see the FAQ entry if you want Tor to run as an NT service.
    47. 

  47. #RunAsDaemon 1
    48. 

  48. 

  49. ## The directory for keeping all the keys/etc. By default, we store
    50. 

  50. ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
    51. 

  51. #DataDirectory @LOCALSTATEDIR@/lib/tor
    52. 

  52. 

  53. ## The port on which Tor will listen for local connections from Tor
    54. 

  54. ## controller applications, as documented in control-spec.txt.
    55. 

  55. #ControlPort 9051
    56. 

  56. 

  57. ############### This section is just for location-hidden services ###
    58. 

  58. 

  59. ## Once you have configured a hidden service, you can look at the
    60. 

  60. ## contents of the file ".../hidden_service/hostname" for the address
    61. 

  61. ## to tell people.
    62. 

  62. ##
    63. 

  63. ## HiddenServicePort x y:z says to redirect requests on port x to the
    64. 

  64. ## address y:z.
    65. 

  65. 

  66. #HiddenServiceDir @LOCALSTATEDIR@/lib/tor/hidden_service/
    67. 

  67. #HiddenServicePort 80 127.0.0.1:80
    68. 

  68. 

  69. #HiddenServiceDir @LOCALSTATEDIR@/lib/tor/other_hidden_service/
    70. 

  70. #HiddenServicePort 80 127.0.0.1:80
    71. 

  71. #HiddenServicePort 22 127.0.0.1:22
    72. 

  72. 

  73. ################ This section is just for servers #####################
    74. 

  74. 

  75. ## NOTE: If you enable these, you should consider mailing the contents of
    76. 

  76. ## the "fingerprint" file to the tor-ops, so we have contact info for you
    77. 

  77. ## in case we need it. See https://www.torproject.org/docs/tor-doc-relay.
    78. 

  78. 

  79. ## A unique handle for your server.
    80. 

  80. #Nickname ididnteditheconfig
    81. 

  81. 

  82. ## The IP or FQDN for your server. Leave commented out and Tor will guess.
    83. 

  83. #Address noname.example.com
    84. 

  84. 

  85. ## Define these to limit the bandwidth usage of relayed (server)
    86. 

  86. ## traffic. Your own traffic is still unthrottled.
    87. 

  87. ## Note that RelayBandwidthRate must be at least 20 KB.
    88. 

  88. #RelayBandwidthRate 100 KBytes  # Throttle traffic to 100KB/s (800Kbps)
    89. 

  89. #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB/s (1600Kbps)
    90. 

  90. 

  91. ## Contact info to be published in the directory, so we can contact you
    92. 

  92. ## if your server is misconfigured or something else goes wrong.
    93. 

  93. #ContactInfo Random Person <nobody AT example dot com>
    94. 

  94. ## You might also include your PGP or GPG fingerprint if you have one:
    95. 

  95. #ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
    96. 

  96. 

  97. ## Required: what port to advertise for Tor connections.
    98. 

  98. #ORPort 9001
    99. 

  99. ## If you need to listen on a port other than the one advertised
    100. 

  100. ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the
    101. 

  101. ## line below too. You'll need to do ipchains or other port forwarding
    102. 

  102. ## yourself to make this work.
    103. 

  103. #ORListenAddress 0.0.0.0:9090
    104. 

  104. 

  105. ## Uncomment this to mirror directory information for others. Please do
    106. 

  106. ## if you have enough bandwidth.
    107. 

  107. #DirPort 9030 # what port to advertise for directory connections
    108. 

  108. ## If you need to listen on a port other than the one advertised
    109. 

  109. ## in DirPort (e.g. to advertise 80 but bind to 9091), uncomment the line
    110. 

  110. ## below too. You'll need to do ipchains or other port forwarding yourself
    111. 

  111. ## to make this work.
    112. 

  112. #DirListenAddress 0.0.0.0:9091
    113. 

  113. 

  114. ## Uncomment this if you run more than one Tor server, and add the
    115. 

  115. ## nickname of each Tor server you control, even if they're on different
    116. 

  116. ## networks. You declare it here so Tor clients can avoid using more than
    117. 

  117. ## one of your servers in a single circuit. See
    118. 

  118. ## http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#MultipleServers
    119. 

  119. #MyFamily nickname1,nickname2,...
    120. 

  120. 

  121. ## A comma-separated list of exit policies. They're considered first
    122. 

  122. ## to last, and the first match wins. If you want to _replace_
    123. 

  123. ## the default exit policy, end this with either a reject *:* or an
    124. 

  124. ## accept *:*. Otherwise, you're _augmenting_ (prepending to) the
    125. 

  125. ## default exit policy. Leave commented to just use the default, which is
    126. 

  126. ## available in the man page or at https://www.torproject.org/documentation.html
    127. 

  127. ##
    128. 

  128. ## Look at https://www.torproject.org/faq-abuse.html#TypicalAbuses
    129. 

  129. ## for issues you might encounter if you use the default exit policy.
    130. 

  130. ##
    131. 

  131. ## If certain IPs and ports are blocked externally, e.g. by your firewall,
    132. 

  132. ## you should update your exit policy to reflect this -- otherwise Tor
    133. 

  133. ## users will be told that those destinations are down.
    134. 

  134. ##
    135. 

  135. #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
    136. 

  136. #ExitPolicy accept *:119 # accept nntp as well as default exit policy
    137. 

  137. #ExitPolicy reject *:* # no exits allowed
    138. 

  138.