|
@@ -267,8 +267,8 @@ ReachableAddresses instead. (Default: 80, 443)
|
|
|
.LP
|
|
.LP
|
|
|
.TP
|
|
.TP
|
|
|
\fBReachableAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
|
|
\fBReachableAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
|
|
|
-A comma-separated list of IPs that your firewall allows you to connect
|
|
|
|
|
-to. The format is as
|
|
|
|
|
|
|
+A comma-separated list of IP addressess and ports that your firewall allows you
|
|
|
|
|
+to connect to. The format is as
|
|
|
for the addresses in ExitPolicy, except that "accept" is understood
|
|
for the addresses in ExitPolicy, except that "accept" is understood
|
|
|
unless "reject" is explicitly provided. For example, 'ReachableAddresses
|
|
unless "reject" is explicitly provided. For example, 'ReachableAddresses
|
|
|
99.0.0.0/8, reject 18.0.0.0/8:80, accept *:80' means that your
|
|
99.0.0.0/8, reject 18.0.0.0/8:80, accept *:80' means that your
|
|
@@ -277,6 +277,28 @@ firewall allows connections to everything inside net 99, rejects port
|
|
|
(Default: 'accept *:*'.)
|
|
(Default: 'accept *:*'.)
|
|
|
.LP
|
|
.LP
|
|
|
.TP
|
|
.TP
|
|
|
|
|
+\fBReachableDirAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
|
|
|
|
|
+Like \fBReachableAddresses\fP, a list of addresses and ports. Tor will obey
|
|
|
|
|
+these restrictions when fetching directory information, using standard HTTP
|
|
|
|
|
+GET requests. If not set explicitly then the value of \fBfBReachableAddresses\fP
|
|
|
|
|
+is used. If \fBHttpProxy\fR is set then these connections will go through that
|
|
|
|
|
+proxy.
|
|
|
|
|
+.LP
|
|
|
|
|
+.TP
|
|
|
|
|
+\fBReachableORAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
|
|
|
|
|
+Like \fBReachableAddresses\fP, a list of addresses and ports. Tor will obey
|
|
|
|
|
+these restrictions when connecting to Onion Routers, using TLS/SSL. If not set
|
|
|
|
|
+explicitly then the value of \fBfBReachableAddresses\fP is used. If
|
|
|
|
|
+\fBHttpsProxy\fR is set then these connections will go through that proxy.
|
|
|
|
|
+
|
|
|
|
|
+The separation between \fBReachableORAddresses\fP and
|
|
|
|
|
+\fBReachableDirAddresses\fP is only interesting when you are connecting through
|
|
|
|
|
+proxies (see \fBHttpProxy\fR and \fBHttpsProxy\fR). Most proxies limit TLS
|
|
|
|
|
+connections (which Tor uses to connect to Onion Routers) to port 443, and some
|
|
|
|
|
+limit HTTP GET requests (which Tor uses for fetching directory information) to
|
|
|
|
|
+port 80.
|
|
|
|
|
+.LP
|
|
|
|
|
+.TP
|
|
|
\fBLongLivedPorts \fR\fIPORTS\fP
|
|
\fBLongLivedPorts \fR\fIPORTS\fP
|
|
|
A list of ports for services that tend to have long-running connections
|
|
A list of ports for services that tend to have long-running connections
|
|
|
(e.g. chat and interactive shells). Circuits for streams that use these
|
|
(e.g. chat and interactive shells). Circuits for streams that use these
|
Peter Palfrader