tor.1.in 62.5 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
.TH TOR 1 "February 2008" "TOR"
Roger Dingledine's avatar
Roger Dingledine committed
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
.SH NAME
tor \- The second-generation onion router
.SH SYNOPSIS
.B tor
[\fIOPTION value\fR]...
.SH DESCRIPTION
.I tor
is a connection-oriented anonymizing communication
service. Users choose a source-routed path through a set of nodes, and
negotiate a "virtual circuit" through the network, in which each node
knows its predecessor and successor, but no others. Traffic flowing down
the circuit is unwrapped by a symmetric key at each node, which reveals
the downstream node.
.PP
Basically \fItor\fR provides a distributed network of servers ("onion
Roger Dingledine's avatar
Roger Dingledine committed
17
routers"). Users bounce their TCP streams -- web traffic, ftp, ssh, etc --
Roger Dingledine's avatar
Roger Dingledine committed
18
19
20
21
22
around the routers, and recipients, observers, and even the routers
themselves have difficulty tracking the source of the stream.
.SH OPTIONS
\fB-h, -help\fP
Display a short help message and exit.
23
.LP
Roger Dingledine's avatar
Roger Dingledine committed
24
25
26
.TP
\fB-f \fR\fIFILE\fP
FILE contains further "option value" pairs. (Default: @CONFDIR@/torrc)
27
.LP
Roger Dingledine's avatar
Roger Dingledine committed
28
.TP
29
30
31
32
33
34
35
36
37
38
39
40
\fB--hash-password\fP
Generates a hashed password for control port access.
.LP
.TP
\fB--list-fingerprint\fP
Generate your keys and output your nickname and fingerprint.
.LP
.TP
\fB--verify-config\fP
Verify the configuration file is valid.
.LP
.TP
Andrew Lewman's avatar
Andrew Lewman committed
41
\fB--nt-service\fP
42
\fB--service [install|remove|start|stop]\fP
Roger Dingledine's avatar
Roger Dingledine committed
43
Manage the Tor Windows NT/2000/XP service.  Current instructions can
44
be found at http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#WinNTService
45
46
47
48
49
50
51
.LP
.TP
\fB--list-torrc-options\fP
List all valid options.
.LP
.TP
\fB--version\fP
52
53
54
55
56
57
58
Display Tor version and exit.
.LP
.TP
\fB--quiet\fP
Do not start Tor with a console log unless explicitly requested to do
so.  (By default, Tor starts out logging messages at level "notice" or
higher to the console, until it has parsed its configuration.)
59
60
.LP
.TP
Roger Dingledine's avatar
Roger Dingledine committed
61
Other options can be specified either on the command-line (\fI--option
62
63
64
value\fR), or in the configuration file (\fIoption value\fR or
\fIoption "value"\fR).  Options are case-insensitive.  C-style escaped
characters are allowed inside quoted values.
65
.LP
66
.TP
67
\fBBandwidthRate \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
68
69
A token bucket limits the average incoming bandwidth usage on this node
to the specified number of bytes per second, and the average outgoing
Roger Dingledine's avatar
Roger Dingledine committed
70
bandwidth usage to that same value. (Default: 5 MB)
71
.LP
72
.TP
73
\fBBandwidthBurst \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
74
Limit the maximum token bucket size (also known as the burst) to the
Roger Dingledine's avatar
Roger Dingledine committed
75
given number of bytes in each direction. (Default: 10 MB)
76
.LP
77
.TP
78
\fBMaxAdvertisedBandwidth \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
79
80
81
82
83
If set, we will not advertise more than this amount of bandwidth for our
BandwidthRate. Server operators who want to reduce the number of clients
who ask to build circuits through them (since this is proportional to
advertised bandwidth rate) can thus reduce the CPU demands on their
server without impacting network performance.
84
.LP
85
.TP
86
87
88
89
\fBRelayBandwidthRate \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
If defined, a separate token bucket limits the average incoming bandwidth
usage for _relayed traffic_ on this node to the specified number of
bytes per second, and the average outgoing bandwidth usage to that same
90
91
value. Relayed traffic currently is calculated to include answers to directory
requests, but that may change in future versions. (Default: 0)
92
93
94
95
96
97
98
99
.LP
.TP
\fBRelayBandwidthBurst \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
Limit the maximum token bucket size (also known as the burst) for
_relayed traffic_ to the
given number of bytes in each direction. (Default: 0)
.LP
.TP
100
101
102
103
104
105
106
107
\fBConnLimit \fR\fINUM\fP
The minimum number of file descriptors that must be available to
the Tor process before it will start. Tor will ask the OS for as
many file descriptors as the OS will allow (you can find this
by "ulimit -H -n"). If this number is less than ConnLimit, then
Tor will refuse to start.

You probably don't need to adjust this. It has no effect on
108
Windows since that platform lacks getrlimit(). (Default: 1000)
109
110
.LP
.TP
111
\fBConstrainedSockets \fR\fB0\fR|\fB1\fR\fP
112
113
If set, Tor will tell the kernel to attempt to shrink the buffers for all
sockets to the size specified in \fBConstrainedSockSize\fP.  This is useful
114
for virtual servers and other environments where system level TCP
115
116
117
buffers may be limited.  If you're on a virtual server, and you
encounter the "Error creating network
socket: No buffer space available" message, you are likely experiencing
118
119
120
this problem.

The preferred solution is to have the admin increase the buffer pool for
121
122
the host itself via /proc/sys/net/ipv4/tcp_mem or equivalent facility; this
configuration option is a second-resort.
123
124
125
126
127

The DirPort option should also not be used if TCP buffers are scarce.  The
cached directory requests consume additional sockets which exacerbates the
problem.

128
129
You should \fBnot\fP enable this feature unless you encounter the "no buffer
space available" issue.  Reducing the TCP buffers affects window size for
130
the TCP stream and will reduce throughput in proportion to round trip
131
time on long paths.  (Default: 0.)
132
133
.LP
.TP
134
135
\fBConstrainedSockSize \fR\fIN\fR \fBbytes\fR|\fBKB\fP
When \fBConstrainedSockets\fP is enabled the receive and transmit buffers for
136
all sockets will be set to this limit.  Must be a value between 2048
137
and 262144, in 1024 byte increments.  Default of 8192 is recommended.
138
139
.LP
.TP
140
\fBControlPort \fR\fIPort\fP
141
142
143
144
145
146
147
If set, Tor will accept connections on this port and allow those
connections to control the Tor process using the Tor Control Protocol
(described in control-spec.txt).  Note: unless you also specify one of
\fBHashedControlPassword\fP or \fBCookieAuthentication\fP, setting
this option will cause Tor to allow any process on the local host to
control it. This option is required for many Tor controllers; most use
the value of 9051.
148
.LP
149
.TP
150
151
152
153
154
155
\fBControlListenAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
Bind the controller listener to this address. If you specify a port,
bind to this port rather than the one specified in ControlPort. We
strongly recommend that you leave this alone unless you know what you're
doing, since giving attackers access to your control listener is really
dangerous. (Default: 127.0.0.1)
156
157
This directive can be specified multiple times to bind to multiple
addresses/ports.
158
159
.LP
.TP
160
161
162
163
164
\fBControlSocket \fR\fIPath\fP
Like ControlPort, but listens on a Unix domain socket, rather than a TCP
socket.  (Unix and Unix-like systems only.)
.LP
.TP
165
166
167
168
\fBHashedControlPassword \fR\fIhashed_password\fP
Don't allow any connections on the control port except when the other process
knows the password whose one-way hash is \fIhashed_password\fP.  You can
compute the hash of a password by running "tor --hash-password
169
170
\fIpassword\fP". You can provide several acceptable passwords by using
more than HashedControlPassword line.
171
.LP
172
173
174
175
176
.TP
\fBCookieAuthentication \fR\fB0\fR|\fB1\fP
If this option is set to 1, don't allow any connections on the control port
except when the connecting process knows the contents of a file named
"control_auth_cookie", which Tor will create in its data directory.  This
177
authentication method should only be used on systems with good filesystem
178
security. (Default: 0)
179
.LP
180
.TP
181
182
183
184
185
\fBCookieAuthFile \fR\fIPath\fP
If set, this option overrides the default location and file name for Tor's
cookie file.  (See CookieAuthentication above.)
.LP
.TP
186
\fBCookieAuthFileGroupReadable \fR\fB0\fR|\fB1\fR|\fIGroupName\fP
187
188
189
190
191
192
193
If this option is set to 0, don't allow the filesystem group to read
the cookie file.  If the option is set to 1, make the cookie file
readable by the default GID.  [Making the file readable by other
groups is not yet implemented; let us know if you need this for some
reason.]  (Default: 0).
.LP
.TP
194
195
\fBDataDirectory \fR\fIDIR\fP
Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
196
.LP
197
.TP
198
\fBDirServer \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
Nick Mathewson's avatar
Nick Mathewson committed
199
200
201
Use a nonstandard authoritative directory server at the provided
address and port, with the specified key fingerprint.  This option can
be repeated many times, for multiple authoritative directory
202
203
204
servers.  Flags are separated by spaces, and determine what kind of an
authority this directory is.  By default, every authority is authoritative
for current ("v2")-style directories, unless the "no-v2" flag is given.  If the "v1" flags is provided, Tor will use this server as an
205
authority for old-style (v1) directories as well.  (Only directory mirrors
206
207
care about this.)  Tor will use this server as an authority for hidden
service information if the "hs" flag is set, or if the "v1" flag is set and
208
the "no-hs" flag is \fBnot\fP set.  Tor will use this authority as a bridge
209
authoritative directory if the "bridge" flag is set.  If a flag
210
"orport=\fBport\fR" is given, Tor will use the given port when opening
211
212
213
encrypted tunnels to the dirserver.  Lastly, if a flag "v3ident=\fBfp\fR" is
given, the dirserver is a v3 directory authority whose v3 long-term
signing key has the fingerprint \fBfp\fR.
214

215
216
If no \fBdirserver\fP line is given, Tor will use the default
directory servers.  NOTE: this option is intended
217
218
219
for setting up a private Tor network with its own directory authorities.  If
you use it, you will be distinguishable from other users, because you won't
believe the same authorities they do.
220
.LP
Nick Mathewson's avatar
Nick Mathewson committed
221
.TP
222
\fBAlternateDirAuthority \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
223
224
.LP
.TP
225
\fBAlternateHSAuthority \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
226
227
.LP
.TP
228
229
230
231
\fBAlternateBridgeAuthority \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
As DirServer, but replaces less of the default directory authorities.
Using AlternateDirAuthority replaces the default Tor directory
authorities, but leaves the hidden service authorities and bridge
Roger Dingledine's avatar
Roger Dingledine committed
232
authorities in place.  Similarly, Using AlternateHSAuthority replaces
233
234
the default hidden service authorities, but not the directory or
bridge authorities.
235
236
.LP
.TP
237
238
239
240
241
242
243
\fBFetchDirInfoEarly \fR\fB0\fR|\fB1\fR\fP
If set to 1, Tor will always fetch directory information like other
directory caches, even if you don't meet the normal criteria for
fetching early. Normal users should leave it off.
(Default: 0)
.LP
.TP
244
245
246
247
248
249
250
251
252
253
254
255
256
257
\fBFetchHidServDescriptors \fR\fB0\fR|\fB1\fR\fP
If set to 0, Tor will never fetch any hidden service descriptors from
the rendezvous directories. This option is only useful if you're using
a Tor controller that handles hidserv fetches for you.
(Default: 1)
.LP
.TP
\fBFetchServerDescriptors \fR\fB0\fR|\fB1\fR\fP
If set to 0, Tor will never fetch any network status summaries or server
descriptors from the directory servers. This option is only useful if
you're using a Tor controller that handles directory fetches for you.
(Default: 1)
.LP
.TP
258
259
260
261
262
263
264
265
266
\fBFetchUselessDescriptors \fR\fB0\fR|\fB1\fR\fP
If set to 1, Tor will fetch every non-obsolete descriptor from the
authorities that it hears about. Otherwise, it will avoid fetching
useless descriptors, for example for routers that are not running.
This option is useful if you're using the contributed "exitlist"
script to enumerate Tor nodes that exit to certain addresses.
(Default: 0)
.LP
.TP
267
\fBHttpProxy\fR \fIhost\fR[:\fIport\fR]\fP
268
269
Tor will make all its directory requests through this host:port
(or host:80 if port is not specified),
270
rather than connecting directly to any directory servers.
271
.LP
272
.TP
273
274
275
276
277
\fBHttpProxyAuthenticator\fR \fIusername:password\fP
If defined, Tor will use this username:password for Basic Http proxy
authentication, as in RFC 2617. This is currently the only form of
Http proxy authentication that Tor supports; feel free to submit a
patch if you want it to support others.
278
.LP
279
.TP
280
\fBHttpsProxy\fR \fIhost\fR[:\fIport\fR]\fP
281
282
283
284
285
Tor will make all its OR (SSL) connections through this host:port
(or host:443 if port is not specified), via HTTP CONNECT rather than
connecting directly to servers.  You may want to set \fBFascistFirewall\fR
to restrict the set of ports you might try to connect to, if your Https
proxy only allows connecting to certain ports.
286
.LP
287
.TP
288
289
290
291
\fBHttpsProxyAuthenticator\fR \fIusername:password\fP
If defined, Tor will use this username:password for Basic Https proxy
authentication, as in RFC 2617. This is currently the only form of
Https proxy authentication that Tor supports; feel free to submit a
292
patch if you want it to support others.
293
.LP
294
.TP
295
\fBKeepalivePeriod \fR\fINUM\fP
296
To keep firewalls from expiring connections, send a padding keepalive
297
298
299
cell every NUM seconds on open connections that are in use. If the
connection has no open circuits, it will instead be closed after NUM
seconds of idleness. (Default: 5 minutes)
300
.LP
Roger Dingledine's avatar
Roger Dingledine committed
301
.TP
302
303
304
305
\fBLog \fR\fIminSeverity\fR[-\fImaxSeverity\fR] \fBstderr\fR|\fBstdout\fR|\fBsyslog\fR\fP
Send all messages between \fIminSeverity\fR and \fImaxSeverity\fR to
the standard output stream, the standard error stream, or to the system
log. (The "syslog" value is only supported on Unix.)  Recognized
306
307
308
severity levels are debug, info, notice, warn, and err.  We advise using
"notice" in most cases, since anything more verbose may provide sensitive
information to an attacker who obtains the logs.  If only one
309
310
severity level is given, all messages of that level or higher will be
sent to the listed destination.
311
.LP
312
313
314
315
316
.TP
\fBLog \fR\fIminSeverity\fR[-\fImaxSeverity\fR] \fBfile\fR \fIFILENAME\fP
As above, but send log messages to the listed filename.  The "Log"
option may appear more than once in a configuration file.  Messages
are sent to all the logs that match their severity level.
317
.LP
318
.TP
319
\fBOutboundBindAddress \fR\fIIP\fP
320
321
322
Make all outbound connections originate from the IP address specified.  This
is only useful when you have multiple network interfaces, and you want all
of Tor's outgoing connections to use a single one.
323
.LP
324
.TP
Thomas Sjögren's avatar
Thomas Sjögren committed
325
\fBPidFile \fR\fIFILE\fP
Roger Dingledine's avatar
Roger Dingledine committed
326
On startup, write our PID to FILE. On clean shutdown, remove FILE.
327
.LP
Roger Dingledine's avatar
Roger Dingledine committed
328
.TP
329
330
331
332
333
334
\fBProtocolWarnings \fR\fB0\fR|\fB1\fR\fP
If 1, Tor will log with severity 'warn' various cases of other parties
not following the Tor specification. Otherwise, they are logged with
severity 'info'. (Default: 0)
.LP
.TP
335
\fBRunAsDaemon \fR\fB0\fR|\fB1\fR\fP
336
337
338
If 1, Tor forks and daemonizes to the background. This option has
no effect on Windows; instead you should use the --service command-line
option. (Default: 0)
339
.LP
Roger Dingledine's avatar
Roger Dingledine committed
340
.TP
341
342
343
344
345
\fBSafeLogging \fR\fB0\fR|\fB1\fP
If 1, Tor replaces potentially sensitive strings in the logs
(e.g. addresses) with the string [scrubbed]. This way logs can still be
useful, but they don't leave behind personally identifying information
about what sites a user might have visited. (Default: 1)
346
.LP
347
.TP
348
\fBUser \fR\fIUID\fP
349
On startup, setuid to this user and setgid to their primary group.
350
.LP
351
.TP
352
\fBHardwareAccel \fR\fB0\fR|\fB1\fP
353
If non-zero, try to use crypto hardware acceleration when
354
available. This is untested and probably buggy. (Default: 0)
355
356
.LP
.TP
357
\fBAvoidDiskWrites \fR\fB0\fR|\fB1\fP
358
359
360
361
362
If non-zero, try to write to disk less frequently than we would otherwise.
This is useful when running on flash memory or other media that support only
a limited number of writes.  (Default: 0)
.LP
.TP
363
\fBTunnelDirConns \fR\fB0\fR|\fB1\fP
364
365
366
367
368
If non-zero, when a directory server we contact supports it, we will
build a one-hop circuit and make an encrypted connection via its
ORPort. (Default: 0)
.LP
.TP
369
\fBPreferTunneledDirConns \fR\fB0\fR|\fB1\fP
370
371
If non-zero, we will avoid directory servers that don't support tunneled
directory connections, when possible. (Default: 0)
Roger Dingledine's avatar
Roger Dingledine committed
372
373
374

.SH CLIENT OPTIONS
.PP
375
The following options are useful only for clients (that is, if \fBSocksPort\fP is non-zero):
376
.LP
Roger Dingledine's avatar
Roger Dingledine committed
377
.TP
378
\fBAllowInvalidNodes\fR \fBentry\fR|\fBexit\fR|\fBmiddle\fR|\fBintroduction\fR|\fBrendezvous\fR|...\fP
379
If some Tor servers are obviously not working right, the directory
380
authorities can manually mark them as invalid, meaning that it's not
381
382
383
recommended you use them for entry or exit positions in your circuits. You
can opt to use them in some circuit positions, though. The default is
"middle,rendezvous", and other choices are not advised.
384
.LP
385
.TP
386
387
388
389
390
391
392
393
\fBExcludeSingleHopRelays \fR\fB0\fR|\fB1\fR\fP
This option controls whether circuits built by Tor will include relays with
the AllowSingleHopExits flag set to true.  If ExcludeSingleHopRelays is set to
0, these relays will be included.  Note that these relays might be at higher
risk of being seized or observed, so they are not normally included.
(Default: 1)
.LP
.TP
394
395
396
397
398
399
400
401
402
\fBBridge \fR\fIIP:ORPort\fR [fingerprint]\fP
When set along with UseBridges, instructs Tor to use the relay at
"IP:ORPort" as a "bridge" relaying into the Tor network. If "fingerprint"
is provided (using the same format as for DirServer), we will verify that
the relay running at that location has the right fingerprint. We also use
fingerprint to look up the bridge descriptor at the bridge authority, if
it's provided and if UpdateBridgesFromAuthority is set too.
.LP
.TP
403
404
405
406
407
408
409
\fBCircuitBuildTimeout \fR\fINUM\fP
Try for at most NUM seconds when building circuits. If the circuit
isn't open in that time, give up on it.
(Default: 1 minute.)
.LP
.TP
\fBCircuitIdleTimeout \fR\fINUM\fP
Andrew Lewman's avatar
Andrew Lewman committed
410
If we have kept a clean (never used) circuit around for NUM seconds,
411
412
413
414
415
416
417
418
then close it. This way when the Tor client is entirely idle, it can
expire all of its circuits, and then expire its TLS connections. Also,
if we end up making a circuit that is not useful for exiting any of
the requests we're receiving, it won't forever take up a slot in the
circuit list.
(Default: 1 hour.)
.LP
.TP
419
\fBClientOnly \fR\fB0\fR|\fB1\fR\fP
420
421
If set to 1, Tor will under no circumstances run as a server or serve
directory requests. The default
Roger Dingledine's avatar
Roger Dingledine committed
422
is to run as a client unless ORPort is configured.  (Usually,
Nick Mathewson's avatar
Nick Mathewson committed
423
you don't need to set this; Tor is pretty smart at figuring out whether
Roger Dingledine's avatar
Roger Dingledine committed
424
you are reliable and high-bandwidth enough to be a useful server.)
425
(Default: 0)
426
.LP
Nick Mathewson's avatar
Nick Mathewson committed
427
.TP
428
\fBExcludeNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
429
430
431
A list of identity fingerprints, nicknames, country codes and address patterns
of nodes to never use when building a circuit.  (Example: ExcludeNodes
SlowServer, $ABCDEFFFFFFFFFFFFFFF, {cc}, 255.254.0.0/8)
432
433
434
.LP
.TP
\fBExcludeExitNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
435
436
A list of identity fingerprints, nicknames, country codes and address patterns
of nodes to never use when picking an exit node.  Note that any node
437
438
listed in ExcludeNodes is automatically considered to be part of this
list.
439
440
.LP
.TP
441
\fBEntryNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
442
443
A list of identity fingerprints, nicknames, country codes and address patterns
of nodes to use for the first hop in the circuit.
444
445
These are treated only as preferences unless StrictEntryNodes (see
below) is also set.
446
.LP
447
.TP
448
\fBExitNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
449
450
A list of identity fingerprints, nicknames, country codes and address patterns
of nodes to use for the last hop in the circuit.
451
452
These are treated only as preferences unless StrictExitNodes (see
below) is also set.
453
.LP
454
.TP
455
456
457
\fBStrictEntryNodes \fR\fB0\fR|\fB1\fR\fP
If 1, Tor will never use any nodes besides those listed in "EntryNodes" for
the first hop of a circuit.
458
.LP
459
.TP
460
\fBStrictExitNodes \fR\fB0\fR|\fB1\fR\fP
461
If 1, Tor will never use any nodes besides those listed in "ExitNodes" for
462
the last hop of a circuit.
463
.LP
464
.TP
465
\fBFascistFirewall \fR\fB0\fR|\fB1\fR\fP
466
If 1, Tor will only create outgoing connections to ORs running on ports that
467
your firewall allows (defaults to 80 and 443; see \fBFirewallPorts\fR).  This will
468
allow you to run Tor as a client behind a firewall with restrictive policies,
Roger Dingledine's avatar
Roger Dingledine committed
469
but will not allow you to run as a server behind such a firewall.
470
If you prefer more fine-grained control, use ReachableAddresses instead.
471
.LP
472
.TP
473
\fBFirewallPorts \fR\fIPORTS\fP
474
475
476
477
478
A list of ports that your firewall allows you to connect to.  Only
used when \fBFascistFirewall\fR is set. This option is deprecated; use
ReachableAddresses instead. (Default: 80, 443)
.LP
.TP
479
480
481
482
483
484
485
486
487
\fBHidServAuth \fR\fIonion-address\fR \fIauth-cookie\fP \fIservice-name\fR 
Client authorization for a hidden service. Valid onion addresses contain 16
characters in a-z2-7 plus ".onion", and valid auth cookies contain 22
characters in A-Za-z0-9+/. The service name is only used for internal
purposes, e.g., for Tor controllers. This option may be used multiple times
for different hidden services. If a hidden service uses authorization and
this option is not set, the hidden service is not accessible.
.LP
.TP
Thomas Sjögren's avatar
Thomas Sjögren committed
488
\fBReachableAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
489
A comma-separated list of IP addresses and ports that your firewall allows you
490
to connect to. The format is as
491
for the addresses in ExitPolicy, except that "accept" is understood
492
unless "reject" is explicitly provided.  For example, 'ReachableAddresses
493
494
495
496
99.0.0.0/8, reject 18.0.0.0/8:80, accept *:80' means that your
firewall allows connections to everything inside net 99, rejects port
80 connections to net 18, and accepts connections to port 80 otherwise.
(Default: 'accept *:*'.)
497
498
.LP
.TP
499
500
501
\fBReachableDirAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
Like \fBReachableAddresses\fP, a list of addresses and ports.  Tor will obey
these restrictions when fetching directory information, using standard HTTP
502
GET requests. If not set explicitly then the value of \fBReachableAddresses\fP
503
504
505
506
507
508
509
is used.  If \fBHttpProxy\fR is set then these connections will go through that
proxy.
.LP
.TP
\fBReachableORAddresses \fR\fIADDR\fP[\fB/\fP\fIMASK\fP][:\fIPORT\fP]...\fP
Like \fBReachableAddresses\fP, a list of addresses and ports.  Tor will obey
these restrictions when connecting to Onion Routers, using TLS/SSL.  If not set
510
explicitly then the value of \fBReachableAddresses\fP is used. If
511
512
513
514
515
516
517
518
519
520
\fBHttpsProxy\fR is set then these connections will go through that proxy.

The separation between \fBReachableORAddresses\fP and
\fBReachableDirAddresses\fP is only interesting when you are connecting through
proxies (see \fBHttpProxy\fR and \fBHttpsProxy\fR).  Most proxies limit TLS
connections (which Tor uses to connect to Onion Routers) to port 443, and some
limit HTTP GET requests (which Tor uses for fetching directory information) to
port 80.
.LP
.TP
521
522
523
524
\fBLongLivedPorts \fR\fIPORTS\fP
A list of ports for services that tend to have long-running connections
(e.g. chat and interactive shells). Circuits for streams that use these
ports will contain only high-uptime nodes, to reduce the chance that a
525
node will go down before the stream is finished.
526
(Default: 21, 22, 706, 1863, 5050, 5190, 5222, 5223, 6667, 6697, 8300)
527
.LP
528
.TP
529
\fBMapAddress\fR \fIaddress\fR \fInewaddress\fR
530
531
532
533
When a request for address arrives to Tor, it will rewrite it to
newaddress before processing it. For example, if you always want
connections to www.indymedia.org to exit via \fItorserver\fR (where
\fItorserver\fR is the nickname of the server),
534
use "MapAddress www.indymedia.org www.indymedia.org.torserver.exit".
535
.LP
536
.TP
537
\fBNewCircuitPeriod \fR\fINUM\fP
538
Every NUM seconds consider whether to build a new circuit. (Default: 30 seconds)
539
.LP
Roger Dingledine's avatar
Roger Dingledine committed
540
.TP
541
\fBMaxCircuitDirtiness \fR\fINUM\fP
542
543
544
Feel free to reuse a circuit that was first used at most NUM seconds ago,
but never attach a new stream to a circuit that is too old.
(Default: 10 minutes)
545
.LP
546
.TP
547
548
549
\fBNodeFamily \fR\fInode\fR,\fInode\fR,\fI...\fP
The Tor servers, defined by their identity fingerprints or nicknames,
constitute a "family" of similar or co-administered
550
551
552
servers, so never use any two of them in the same circuit. Defining a
NodeFamily is only needed when a server doesn't list the family itself
(with MyFamily). This option can be used multiple times.
553
.LP
Nick Mathewson's avatar
Nick Mathewson committed
554
.TP
555
\fBEnforceDistinctSubnets \fR\fB0\fR|\fB1\fR\fP
Roger Dingledine's avatar
Roger Dingledine committed
556
557
If 1, Tor will not put two servers whose IP addresses are "too
close" on the same circuit.  Currently, two addresses are
558
559
"too close" if they lie in the same /16 range. (Default: 1)

560
.\" \fBPathlenCoinWeight \fR\fI0.0-1.0\fP
561
.\" Paths are 3 hops plus a geometric distribution centered around this coinweight.
562
.\" Must be >=0.0 and <1.0. (Default: 0.3) NOT USED CURRENTLY
563
.\" .TP
564
565
.LP
.TP
566
567
\fBSocksPort \fR\fIPORT\fP
Advertise this port to listen for connections from Socks-speaking
568
569
applications.  Set this to 0 if you don't want to allow application
connections. (Default: 9050)
570
.LP
Roger Dingledine's avatar
Roger Dingledine committed
571
.TP
572
573
\fBSocksListenAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
Bind to this address to listen for connections from Socks-speaking
574
applications. (Default: 127.0.0.1) You can also specify a port
575
576
577
(e.g. 192.168.0.1:9100).
This directive can be specified multiple times to bind to multiple
addresses/ports.
578
.LP
579
.TP
580
581
\fBSocksPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
Set an entrance policy for this server, to limit who can connect to the
582
SocksPort and DNSPort ports.
583
The policies have the same form as exit policies below.
584
.LP
585
.TP
586
\fBSocksTimeout \fR\fINUM\fP
587
588
Let a socks connection wait NUM seconds handshaking, and NUM seconds
unattached waiting for an appropriate circuit, before we fail it.
589
590
591
(Default: 2 minutes.)
.LP
.TP
592
\fBTrackHostExits \fR\fIhost\fR,\fI.domain\fR,\fI...\fR\fP
593
594
595
596
597
598
599
600
601
602
For each value in the comma separated list, Tor will track recent connections
to hosts that match this value and attempt to
reuse the same exit node for each. If the value is prepended with a '.', it is
treated as matching an entire domain. If one of the values is just a '.', it
means match everything. This option is useful if you frequently connect to
sites that will expire all your authentication cookies (ie log you out) if
your IP address changes. Note that this option does have the disadvantage of
making it more clear that a given history is
associated with a single user. However, most people who would wish to observe
this will observe it through cookies or other protocol-specific means anyhow.
603
.LP
604
605
606
.TP
\fBTrackHostExitsExpire \fR\fINUM\fP
Since exit servers go up and down, it is desirable to expire the association
607
between host and exit server after NUM seconds. The default
608
is 1800 seconds (30 minutes).
Nick Mathewson's avatar
Nick Mathewson committed
609
610
.LP
.TP
611
612
613
614
615
616
617
618
619
620
621
622
\fBUpdateBridgesFromAuthority \fR\fB0\fR|\fB1\fR\fP
When set (along with UseBridges), Tor will try to fetch bridge descriptors
from the configured bridge authorities when feasible. It will fall back
to a direct request if the authority responds with a 404. (Default: 0)
.LP
.TP
\fBUseBridges \fR\fB0\fR|\fB1\fR\fP
When set, Tor will fetch descriptors for each bridge listed in the
"Bridge" config lines, and use these relays as both entry guards and
directory guards. (Default: 0)
.LP
.TP
623
\fBUseEntryGuards \fR\fB0\fR|\fB1\fR\fP
Roger Dingledine's avatar
Roger Dingledine committed
624
If this option is set to 1, we pick a few long-term entry servers, and
625
try to stick with them.  This is desirable because
Nick Mathewson's avatar
Nick Mathewson committed
626
627
constantly changing servers increases the odds that an adversary who owns
some servers will observe a fraction of your paths.
628
(Defaults to 1.)
Nick Mathewson's avatar
Nick Mathewson committed
629
630
.LP
.TP
631
632
\fBNumEntryGuards \fR\fINUM\fP
If UseEntryGuards is set to 1, we will try to pick a total of NUM routers
Roger Dingledine's avatar
Roger Dingledine committed
633
as long-term entries for our circuits.
Nick Mathewson's avatar
Nick Mathewson committed
634
(Defaults to 3.)
Peter Palfrader's avatar
Peter Palfrader committed
635
636
.LP
.TP
637
\fBSafeSocks \fR\fB0\fR|\fB1\fR\fP
638
639
640
641
642
643
644
When this option is enabled, Tor will reject application connections that
use unsafe variants of the socks protocol -- ones that only provide an
IP address, meaning the application is doing a DNS resolve first.
Specifically, these are socks4 and socks5 when not doing remote DNS.
(Defaults to 0.)
.LP
.TP
Peter Palfrader's avatar
Peter Palfrader committed
645
\fBTestSocks \fR\fB0\fR|\fB1\fR\fP
646
647
When this option is enabled, Tor will make a notice-level log entry for
each connection to the Socks port indicating whether the request used
648
649
650
a safe socks protocol or an unsafe one (see above entry on SafeSocks).
This helps to determine whether an application using Tor is possibly
leaking DNS requests.
Roger Dingledine's avatar
Roger Dingledine committed
651
(Default: 0)
652
653
.LP
.TP
654
\fBVirtualAddrNetwork \fR\fIAddress\fB/\fIbits\fP
655
When a controller asks for a virtual (unused) address with the
656
MAPADDRESS command, Tor picks an unassigned address from this range.
657
(Default: 127.192.0.0/10)
658

659
When providing proxy server service to a network of computers using a tool like
Roger Dingledine's avatar
Roger Dingledine committed
660
dns-proxy-tor,
661
662
change this address to "10.192.0.0/10" or "172.16.0.0/12".
The default \fBVirtualAddrNetwork\fP address range on a 
663
properly configured machine will route to the loopback interface. 
664
665
For local use, no change to the
default \fBVirtualAddrNetwork\fP setting is needed.
666
667
668
.LP
.TP
\fBAllowNonRFC953Hostnames \fR\fB0\fR|\fB1\fR\fP
669
When this option is disabled, Tor blocks hostnames containing illegal
670
671
characters (like @ and :) rather than sending them to an exit node to be
resolved.  This helps trap accidental attempts to resolve URLs and so on.
672
(Default: 0)
673
674
.LP
.TP
675
\fBFastFirstHopPK \fR\fB0\fR|\fB1\fR\fP
676
677
678
679
680
681
682
683
When this option is disabled, Tor uses the public key step for the first
hop of creating circuits. Skipping it is generally safe since we have
already used TLS to authenticate the relay and to establish forward-secure
keys. Turning this option off makes circuit building slower.

Note that Tor will always use the public key step for the first hop if
it's operating as a relay, and it will never use the public key step if
it doesn't yet know the onion key of the first hop.
684
(Default: 1)
685
686
687
.LP
.TP
\fBTransPort\fP \fR\fIPORT\fP
688
689
690
691
692
693
694
If non-zero, enables transparent proxy support on \fR\fIPORT\fP (by
convention, 9040).
.\" This is required to enable support for \fBdns-proxy-tor\fP.
.\" ControlPort must be set when using \fBTransPort\fP.
Requires OS support for transparent proxies, such as BSDs' pf or
Linux's IPTables.
If you're planning 
695
696
697
to use Tor as a transparent proxy for a network, you'll want to examine 
and change VirtualAddrNetwork from the default setting. You'll also want
to set the TransListenAddress option for the network you'd like to proxy.
698
(Default: 0).
699
700
.LP
.TP
701
702
703
704
\fBTransListenAddress\fP \fR\fIIP\fR[:\fIPORT\fR]\fP
Bind to this address to listen for transparent proxy connections.
(Default: 127.0.0.1).  
This is useful for exporting a transparent proxy server 
705
706
707
to an entire network.
.LP
.TP
708
\fBNATDPort\fP \fR\fIPORT\fP
709
Allow old versions of ipfw (as included in old versions of FreeBSD,
710
711
712
713
714
715
716
717
etc.) to send connections through Tor using the NATD protocol.
This option is only for people who cannot
use TransPort.
.LP
.TP
\fBNATDListenAddress\fP \fR\fIIP\fR[:\fIPORT\fR]\fP
Bind to this address to listen for NATD connections.
(Default: 127.0.0.1).
718
719
720
721
722
723
724
.LP
.TP
\fBAutomapHostsOnResolve\fP \fR\fB0\fR|\fB1\fR\fP
When this option is enabled, and we get a request to resolve an
address that ends with one of the suffixes in
\fBAutomapHostsSuffixes\fP, we map an unused virtual address to that
address, and return the new virtual address.  This is handy for making
725
".onion" addresses work with applications that resolve an address and
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
then connect to it.
(Default: 0).
.LP
.TP
\fBAutomapHostsSuffixes\fP \fR\fISUFFIX\fR,\fISUFFIX\fR,...\fP
A comma-separated list of suffixes to use with \fBAutomapHostsOnResolve\fP.
The "." suffix is equivalent to "all addresses."
(Default: .exit,.onion).
.LP
.TP
\fBDNSPort\fP \fR\fIPORT\fP
If non-zero, Tor listens for UDP DNS requests on this port and resolves them
anonymously.
(Default: 0).
.LP
.TP
\fBDNSListenAddress\fP \fR\fIIP\fR[:\fIPORT\fR]\fP
Bind to this address to listen for DNS connections.
(Default: 127.0.0.1).
.LP
.TP
747
748
749
750
751
752
753
\fBClientDNSRejectInternalAddresses\fP \fR\fB0\fR|\fB1\fR\fP
If true, Tor does not believe any anonymously retrieved DNS answer that tells
it that an address resolves to an internal address (like 127.0.0.1 or
192.168.0.1).  This option prevents certain browser-based attacks; don't turn
it off unless you know what you're doing.  (Default: 1).
.LP
.TP
754
755
756
757
758
759
\fBDownloadExtraInfo\fP \fR\fB0\fR|\fB1\fR\fP
If true, Tor downloads and caches "extra-info" documents.  These
documents contain information about servers other than the information
in their regular router descriptors.  Tor does not use this information for
anything itself; to save bandwidth, leave this option turned off.
(Default: 0).
760
761
762
.LP
.TP
\fBFallbackNetworkstatusFile\fP \fIFILENAME\fP
763
If Tor doesn't have a cached networkstatus file, it starts out using
764
765
766
this one instead.  Even if this file is out of date, Tor can still use
it to learn about directory mirrors, so it doesn't need to put load on
the authorities.  (Default: None).
767
768
769
770
771
772
773
774
775
776
777
778
779
.LP
.TP
\fBWarnPlaintextPorts\fP \fR\fIport\fR,\fIport\fR,\fI...\fP
Tells Tor to issue a warnings whenever the user tries to make an
anonymous connection to one of these ports.  This option is designed
to alert users to services that risk sending passwords in the clear.
(Default: 23,109,110,143).
.LP
.TP
\fBRejectPlaintextPorts\fP \fR\fIport\fR,\fIport\fR,\fI...\fP
Like WarnPlaintextPorts, but instead of warning about risky port uses,
Tor will instead refuse to make the connection.
(Default: None).
780

Roger Dingledine's avatar
Roger Dingledine committed
781
782
.SH SERVER OPTIONS
.PP
783
The following options are useful only for servers (that is, if \fBORPort\fP is non-zero):
784
.LP
Roger Dingledine's avatar
Roger Dingledine committed
785
.TP
786
\fBAddress \fR\fIaddress\fP
787
788
The IP address or fqdn of this server (e.g. moria.mit.edu). You can
leave this unset, and Tor will guess your IP address.
789
.LP
Roger Dingledine's avatar
Roger Dingledine committed
790
.TP
791
792
793
794
795
796
\fBAllowSingleHopExits \fR\fB0\fR|\fB1\fR\fP
This option controls whether clients can use this server as a single hop 
proxy.  If set to 1, clients can use this server as an exit even if it is
the only hop in the circuit.  (Default: 0)
.LP
.TP
797
798
799
800
801
802
803
804
\fBAssumeReachable \fR\fB0\fR|\fB1\fR\fP
This option is used when bootstrapping a new Tor network. If set to 1,
don't do self-reachability testing; just upload your server descriptor
immediately. If \fBAuthoritativeDirectory\fP is also set, this option
instructs the dirserver to bypass remote reachability testing too and
list all connected servers as running.
.LP
.TP
805
806
807
808
809
810
811
\fBBridgeRelay \fR\fB0\fR|\fB1\fR\fP
Sets the relay to act as a "bridge" with respect to relaying connections
from bridge users to the Tor network. Mainly it influences how the relay
will cache and serve directory information. Usually used in combination
with PublishServerDescriptor.
.LP
.TP
812
\fBContactInfo \fR\fIemail_address\fP
813
814
815
Administrative contact information for server. This line might get
picked up by spam harvesters, so you may want to obscure the fact
that it's an email address.
816
.LP
Roger Dingledine's avatar
Roger Dingledine committed
817
.TP
818
\fBExitPolicy \fR\fIpolicy\fR,\fIpolicy\fR,\fI...\fP
Peter Palfrader's avatar
Peter Palfrader committed
819
Set an exit policy for this server. Each policy is of the form
820
"\fBaccept\fP|\fBreject\fP \fIADDR\fP[\fB/\fP\fIMASK\fP]\fB[:\fP\fIPORT\fP]".
821
If \fB/\fP\fIMASK\fP is omitted then this policy just applies to the host
Peter Palfrader's avatar
Peter Palfrader committed
822
given.  Instead of giving a host or network you can also use "\fB*\fP" to
823
824
denote the universe (0.0.0.0/0).  \fIPORT\fP can be a single port number,
an interval of ports "\fIFROM_PORT\fP\fB-\fP\fITO_PORT\fP", or "\fB*\fP".
Andrew Lewman's avatar
Andrew Lewman committed
825
If \fIPORT\fP is omitted, that means "\fB*\fP".
Peter Palfrader's avatar
Peter Palfrader committed
826

827
828
For example, "accept 18.7.22.69:*,reject 18.0.0.0/8:*,accept *:*" would
reject any traffic destined for MIT except for web.mit.edu, and
Peter Palfrader's avatar
Peter Palfrader committed
829
accept anything else.
830

831
832
833
To specify all internal and link-local networks (including 0.0.0.0/8,
169.254.0.0/16, 127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8, and
172.16.0.0/12), you can use the "private" alias instead of an address.
834
These addresses are rejected by default (at the beginning of your
835
836
exit policy), along with your public IP address, unless you set the
ExitPolicyRejectPrivate config option
837
838
to 0. For example, once you've done that, you could allow HTTP to
127.0.0.1 and block all other connections to internal networks with
839
840
841
"accept 127.0.0.1:80,reject private:*", though that may also allow
connections to your own computer that are addressed to its public
(external) IP address. See RFC 1918 and RFC 3330 for more
842
843
details about internal and reserved IP address space.

844
845
846
This directive can be specified multiple times so you don't have to put
it all on one line.

847
Policies are considered first to last, and the first match wins. If
848
849
850
you want to _replace_ the default exit policy, end your exit policy with
either a reject *:* or an accept *:*. Otherwise, you're _augmenting_
(prepending to) the default exit policy. The default exit policy is:
851
852
.PD 0
.RS 12
853
854
855
856
.IP "reject *:25"
.IP "reject *:119"
.IP "reject *:135-139"
.IP "reject *:445"
857
.IP "reject *:563"
858
.IP "reject *:1214"
859
860
.IP "reject *:4661-4666"
.IP "reject *:6346-6429"
861
.IP "reject *:6699"
862
.IP "reject *:6881-6999"
863
.IP "accept *:*"
864
865
.RE
.PD
866
.LP
Roger Dingledine's avatar
Roger Dingledine committed
867
.TP
868
\fBExitPolicyRejectPrivate \fR\fB0\fR|\fB1\fR\fP
869
870
Reject all private (local) networks, along with your own public IP
address, at the beginning of your exit
871
872
873
policy. See above entry on ExitPolicy. (Default: 1)
.LP
.TP
874
\fBMaxOnionsPending \fR\fINUM\fP
Roger Dingledine's avatar
Roger Dingledine committed
875
If you have more than this number of onionskins queued for decrypt, reject new ones. (Default: 100)
876
.LP
Roger Dingledine's avatar
Roger Dingledine committed
877
.TP
878
\fBMyFamily \fR\fInode\fR,\fInode\fR,\fI...\fP
Nick Mathewson's avatar
Nick Mathewson committed
879
Declare that this Tor server is controlled or administered by a group
880
or organization identical or similar to that of the other servers, defined by their identity fingerprints or nicknames.
Nick Mathewson's avatar
Nick Mathewson committed
881
When two servers both declare that they are in the same 'family', Tor clients
Roger Dingledine's avatar
Roger Dingledine committed
882
883
will not use them in the same circuit.  (Each server only needs to list the
other servers in its family; it doesn't need to list itself, but it won't hurt.)
884
.LP
Nick Mathewson's avatar
Nick Mathewson committed
885
.TP
886
\fBNickname \fR\fIname\fP
887
888
889
Set the server's nickname to 'name'. Nicknames must be between 1
and 19 characters inclusive, and must contain only the characters
[a-zA-Z0-9].
890
.LP
Roger Dingledine's avatar
Roger Dingledine committed
891
.TP
892
\fBNumCPUs \fR\fInum\fP
Roger Dingledine's avatar
Roger Dingledine committed
893
How many processes to use at once for decrypting onionskins. (Default: 1)
894
.LP
Roger Dingledine's avatar
Roger Dingledine committed
895
.TP
896
\fBORPort \fR\fIPORT\fP
897
Advertise this port to listen for connections from Tor clients and servers.
898
.LP
Roger Dingledine's avatar
Roger Dingledine committed
899
.TP
900
\fBORListenAddress \fR\fIIP\fR[:\fIPORT\fR]\fP
901
902
903
Bind to this IP address to listen for connections from Tor clients and
servers. If you specify a port, bind to this port rather than the one
specified in ORPort. (Default: 0.0.0.0)
904
905
This directive can be specified multiple times to bind to multiple
addresses/ports.
906
.LP
Nick Mathewson's avatar
Nick Mathewson committed
907
.TP
908
909
910
911
912
913
914
915
916
\fBPublishServerDescriptor \fR\fB0\fR|\fB1\fR|\fBv1\fR|\fBv2\fR|\fBv3\fR|\fBbridge\fR|\fBhidserv\fR, ...\fP
This option is only considered if you have an ORPort defined. You can
choose multiple arguments, separated by commas.

If set to 0, Tor will act as a server but it will not publish its
descriptor to the directory authorities. (This is useful if you're
testing out your server, or if you're using a Tor controller that handles
directory publishing for you.) Otherwise, Tor will publish its descriptor
to all directory authorities of the type(s) specified. The value "1" is
917
treated as a synonym for the default, which is currently "v2,v3".
918
919
.LP
.TP
920
\fBRedirectExit \fR\fIpattern target\fP
921
THIS OPTION IS DEPRECATED.  It will go away in a future version of Tor.
Nick Mathewson's avatar
Nick Mathewson committed
922
Whenever an outgoing connection tries to connect to one of a given set
923
924
of addresses, connect to \fItarget\fP (an \fIaddress:port\fP pair) instead.
The address
Nick Mathewson's avatar
Nick Mathewson committed
925
926
pattern is given in the same format as for an exit policy.  The
address translation applies after exit policies are applied.  Multiple
927
\fBRedirectExit\fP options can be used: once any one has matched
928
929
930
931
successfully, no subsequent rules are considered.  You can specify that no
redirection is to be performed on a given set of addresses by using the
special target string "pass", which prevents subsequent rules from being
considered.
932
.LP
Nick Mathewson's avatar
Nick Mathewson committed
933
.TP
Thomas Sjögren's avatar
Thomas Sjögren committed
934
\fBShutdownWaitLength\fR \fINUM\fP
935
936
937
938
When we get a SIGINT and we're a server, we begin shutting down: we close
listeners and start refusing new circuits. After \fBNUM\fP seconds,
we exit. If we get a second SIGINT, we exit immediately.  (Default:
30 seconds)
939
.LP
940
.TP
941
942
\fBAccountingMax \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
Never send more than the specified number of bytes in a given
943
accounting period, or receive more than that number in the period.
944
945
946
For example, with AccountingMax set to 1 GB, a server could send 900 MB
and receive 800 MB and continue running. It will only hibernate once one
of the two reaches 1 GB.
947
948
949
950
When the number of bytes is exhausted, Tor will hibernate until some
time in the next accounting period.  To prevent all servers from
waking at the same time, Tor will also wait until a random point in
each period before waking up.  If you have bandwidth cost issues,
951
enabling hibernation is preferable to setting a low bandwidth, since it
Nick Mathewson's avatar
Nick Mathewson committed
952
953
954
provides users with a collection of fast servers that are up some of
the time, which is more useful than a set of slow servers that are
always "available".
955
.LP
Nick Mathewson's avatar
Nick Mathewson committed
956
.TP
957
958
959
960
961
962
963
964
965
\fBAccountingStart \fR\fBday\fR|\fBweek\fR|\fBmonth\fR [\fIday\fR] \fIHH:MM\fR\fP
Specify how long accounting periods last.  If \fBmonth\fP is given,
each accounting period runs from the time \fIHH:MM\fR on the
\fIday\fRth day of one month to the same day and time of the next.
(The day must be between 1 and 28.)  If \fBweek\fP is given, each
accounting period runs from the time \fIHH:MM\fR of the \fIday\fRth
day of one week to the same day and time of the next week, with Monday
as day 1 and Sunday as day 7.  If \fBday\fR is given, each accounting
period runs from the time \fIHH:MM\fR each day to the same time on the
966
967
next day.  All times are local, and given in 24-hour time.  (Defaults to
"month 1 0:00".)
968
969
970
971
972
.LP
.TP
\fBServerDNSResolvConfFile \fR\fIfilename\fP
Overrides the default DNS configuration with the configuration in
\fIfilename\fP.  The file format is the same as the standard Unix
973
"\fBresolv.conf\fP" file (7).  This option, like all other
974
ServerDNS options, only affects name lookups that your server does on
975
behalf of clients. (Defaults to use the system DNS configuration.)
976
977
.LP
.TP
978
979
980
981
982
983
984
985
\fBServerDNSAllowBrokenConfig \fR\fB0\fR|\fB1\fR\fP
If this option is false, Tor exits immediately if there are problems
parsing the system DNS configuration or connecting to nameservers.
Otherwise, Tor continues to periodically retry the system namesevers
until it eventually succeeds.
(Defaults to "1".)
.LP
.TP
986
987
988
989
990
\fBServerDNSSearchDomains \fR\fB0\fR|\fB1\fR\fP
If set to \fB1\fP, then we will search for addresses in the local search
domain.  For example, if this system is configured to believe it is in
"example.com", and a client tries to connect to "www", the client will be
connected to "www.example.com".
991
This option only affects name lookups that your server does on
992
behalf of clients.
993
(Defaults to "0".)
994
995
996
997
998
999
.LP
.TP
\fBServerDNSDetectHijacking \fR\fB0\fR|\fB1\fR\fP
When this option is set to 1, we will test periodically to determine whether
our local nameservers have been configured to hijack failing DNS requests
(usually to an advertising site).  If they are, we will attempt to correct
1000
this.
For faster browsing, not all history is shown. View entire blame