123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138 |
- ## Configuration file for a typical Tor user
- ## Last updated 18 August 2007 for Tor 0.2.0.5-alpha.
- ## (May or may not work for much older or much newer versions of Tor.)
- ##
- ## Lines that begin with "## " try to explain what's going on. Lines
- ## that begin with just "#" are disabled commands: you can enable them
- ## by removing the "#" symbol.
- ##
- ## See the man page, or https://www.torproject.org/tor-manual-dev.html,
- ## for more options you can use in this file.
- ##
- ## Tor will look for this file in various places based on your platform:
- ## http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#torrc
- ## Replace this with "SocksPort 0" if you plan to run Tor only as a
- ## server, and not make any local application connections yourself.
- SocksPort 9050 # what port to open for local application connections
- SocksListenAddress 127.0.0.1 # accept connections only from localhost
- #SocksListenAddress 192.168.0.1:9100 # listen on this IP:port also
- ## Entry policies to allow/deny SOCKS requests based on IP address.
- ## First entry that matches wins. If no SocksPolicy is set, we accept
- ## all (and only) requests from SocksListenAddress.
- #SocksPolicy accept 192.168.0.0/16
- #SocksPolicy reject *
- ## Logs go to stdout at level "notice" unless redirected by something
- ## else, like one of the below lines. You can have as many Log lines as
- ## you want.
- ##
- ## We advise using "notice" in most cases, since anything more verbose
- ## may provide sensitive information to an attacker who obtains the logs.
- ##
- ## Send all messages of level 'notice' or higher to @LOCALSTATEDIR@/log/tor/notices.log
- #Log notice file @LOCALSTATEDIR@/log/tor/notices.log
- ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
- #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
- ## Use the system log instead of Tor's logfiles
- #Log notice syslog
- ## To send all messages to stderr:
- #Log debug stderr
- ## Uncomment this to start the process in the background... or use
- ## --runasdaemon 1 on the command line. This is ignored on Windows;
- ## see the FAQ entry if you want Tor to run as an NT service.
- #RunAsDaemon 1
- ## The directory for keeping all the keys/etc. By default, we store
- ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
- #DataDirectory @LOCALSTATEDIR@/lib/tor
- ## The port on which Tor will listen for local connections from Tor
- ## controller applications, as documented in control-spec.txt.
- #ControlPort 9051
- ############### This section is just for location-hidden services ###
- ## Once you have configured a hidden service, you can look at the
- ## contents of the file ".../hidden_service/hostname" for the address
- ## to tell people.
- ##
- ## HiddenServicePort x y:z says to redirect requests on port x to the
- ## address y:z.
- #HiddenServiceDir @LOCALSTATEDIR@/lib/tor/hidden_service/
- #HiddenServicePort 80 127.0.0.1:80
- #HiddenServiceDir @LOCALSTATEDIR@/lib/tor/other_hidden_service/
- #HiddenServicePort 80 127.0.0.1:80
- #HiddenServicePort 22 127.0.0.1:22
- ################ This section is just for servers #####################
- ## NOTE: If you enable these, you should consider mailing the contents of
- ## the "fingerprint" file to the tor-ops, so we have contact info for you
- ## in case we need it. See https://www.torproject.org/docs/tor-doc-relay.
- ## A unique handle for your server.
- #Nickname ididnteditheconfig
- ## The IP or FQDN for your server. Leave commented out and Tor will guess.
- #Address noname.example.com
- ## Define these to limit the bandwidth usage of relayed (server)
- ## traffic. Your own traffic is still unthrottled.
- ## Note that RelayBandwidthRate must be at least 20 KB.
- #RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps)
- #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB/s (1600Kbps)
- ## Contact info to be published in the directory, so we can contact you
- ## if your server is misconfigured or something else goes wrong.
- #ContactInfo Random Person <nobody AT example dot com>
- ## You might also include your PGP or GPG fingerprint if you have one:
- #ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
- ## Required: what port to advertise for Tor connections.
- #ORPort 9001
- ## If you need to listen on a port other than the one advertised
- ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the
- ## line below too. You'll need to do ipchains or other port forwarding
- ## yourself to make this work.
- #ORListenAddress 0.0.0.0:9090
- ## Uncomment this to mirror directory information for others. Please do
- ## if you have enough bandwidth.
- #DirPort 9030 # what port to advertise for directory connections
- ## If you need to listen on a port other than the one advertised
- ## in DirPort (e.g. to advertise 80 but bind to 9091), uncomment the line
- ## below too. You'll need to do ipchains or other port forwarding yourself
- ## to make this work.
- #DirListenAddress 0.0.0.0:9091
- ## Uncomment this if you run more than one Tor server, and add the
- ## nickname of each Tor server you control, even if they're on different
- ## networks. You declare it here so Tor clients can avoid using more than
- ## one of your servers in a single circuit. See
- ## http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#MultipleServers
- #MyFamily nickname1,nickname2,...
- ## A comma-separated list of exit policies. They're considered first
- ## to last, and the first match wins. If you want to _replace_
- ## the default exit policy, end this with either a reject *:* or an
- ## accept *:*. Otherwise, you're _augmenting_ (prepending to) the
- ## default exit policy. Leave commented to just use the default, which is
- ## available in the man page or at https://www.torproject.org/documentation.html
- ##
- ## Look at https://www.torproject.org/faq-abuse.html#TypicalAbuses
- ## for issues you might encounter if you use the default exit policy.
- ##
- ## If certain IPs and ports are blocked externally, e.g. by your firewall,
- ## you should update your exit policy to reflect this -- otherwise Tor
- ## users will be told that those destinations are down.
- ##
- #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
- #ExitPolicy accept *:119 # accept nntp as well as default exit policy
- #ExitPolicy reject *:* # no exits allowed
|