tor-webwml.git

tor-manual.html   1) Content-type: text/html
tor-manual.html   2) 

tor.manual.html   3) <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

tor-manual.html   4) <HTML><HEAD><TITLE>Man page of TOR</TITLE>

tor.manual.html   5) </HEAD><BODY>
tor.manual.html   6) <H1>TOR</H1>

tor-manual.html   7) Section: User Commands  (1)<BR>Updated: May 2005<BR><A HREF="#index">Index</A>

tor-manual.html   8) <A HREF="../">Return to Main Contents</A><HR>

tor.manual.html   9) 
tor.manual.html  10) <A NAME="lbAB">&nbsp;</A>
tor.manual.html  11) <H2>NAME</H2>
tor.manual.html  12) 
tor.manual.html  13) tor - The second-generation onion router
tor.manual.html  14) <A NAME="lbAC">&nbsp;</A>
tor.manual.html  15) <H2>SYNOPSIS</H2>
tor.manual.html  16) 
tor.manual.html  17) <B>tor</B>
tor.manual.html  18) 
tor.manual.html  19) [<I>OPTION value</I>]...
tor.manual.html  20) <A NAME="lbAD">&nbsp;</A>
tor.manual.html  21) <H2>DESCRIPTION</H2>
tor.manual.html  22) 
tor.manual.html  23) <I>tor</I>
tor.manual.html  24) 
tor.manual.html  25) is a connection-oriented anonymizing communication
tor.manual.html  26) service. Users choose a source-routed path through a set of nodes, and
tor.manual.html  27) negotiate a &quot;virtual circuit&quot; through the network, in which each node
tor.manual.html  28) knows its predecessor and successor, but no others. Traffic flowing down
tor.manual.html  29) the circuit is unwrapped by a symmetric key at each node, which reveals
tor.manual.html  30) the downstream node.
tor.manual.html  31) <P>
tor.manual.html  32) 
tor.manual.html  33) Basically <I>tor</I> provides a distributed network of servers (&quot;onion
tor.manual.html  34) routers&quot;). Users bounce their TCP streams -- web traffic, ftp, ssh, etc --
tor.manual.html  35) around the routers, and recipients, observers, and even the routers
tor.manual.html  36) themselves have difficulty tracking the source of the stream.
tor.manual.html  37) <A NAME="lbAE">&nbsp;</A>
tor.manual.html  38) <H2>OPTIONS</H2>
tor.manual.html  39) 
tor.manual.html  40) <B>-h, -help</B>
tor.manual.html  41) Display a short help message and exit.
tor.manual.html  42) <DL COMPACT>
tor.manual.html  43) <DT><B>-f </B><I>FILE</I><DD>

tor-manual.html  44) FILE contains further "option value" pairs. (Default: @CONFDIR@/torrc)

tor-manual.html  45) <DT>Other options can be specified either on the command-line (<I>--option<DD>

tor.manual.html  46) value</I>), or in the configuration file (<I>option value</I>).
tor.manual.html  47) Options are case-insensitive.
tor.manual.html  48) <DT><B>BandwidthRate </B><I>N</I> <B>bytes</B>|<B>KB</B>|<B>MB</B>|<B>GB</B>|<B>TB</B><DD>
tor.manual.html  49) A token bucket limits the average incoming bandwidth on this node to

tor-manual.html  50) the specified number of bytes per second. (Default: 2 MB)

tor.manual.html  51) <DT><B>BandwidthBurst </B><I>N</I> <B>bytes</B>|<B>KB</B>|<B>MB</B>|<B>GB</B>|<B>TB</B><DD>

tor-manual.html  52) Limit the maximum token bucket size (also known as the burst) to the given number of bytes. (Default: 5 MB)
tor-manual.html  53) <DT><B>MaxAdvertisedBandwidth </B><I>N</I> <B>bytes</B>|<B>KB</B>|<B>MB</B>|<B>GB</B>|<B>TB</B><DD>
tor-manual.html  54) If set, we will not advertise more than this amount of bandwidth for our
tor-manual.html  55) BandwidthRate. Server operators who want to reduce the number of clients
tor-manual.html  56) who ask to build circuits through them (since this is proportional to
tor-manual.html  57) advertised bandwidth rate) can thus reduce the CPU demands on their
tor-manual.html  58) server without impacting network performance.
tor-manual.html  59) <DT><B>ControlPort </B><I>Port</I><DD>
tor-manual.html  60) If set, Tor will accept connections from the same machine (localhost only) on
tor-manual.html  61) this port, and allow those connections to control the Tor process using the
tor-manual.html  62) Tor Control Protocol (described in control-spec.txt).  Note: unless you also
tor-manual.html  63) specify one of <B>HashedControlPassword</B> or <B>CookieAuthentication</B>,
tor-manual.html  64) setting this option will cause Tor to allow any process on the local host to
tor-manual.html  65) control it.
tor-manual.html  66) <DT><B>HashedControlPassword </B><I>hashed_password</I><DD>
tor-manual.html  67) Don't allow any connections on the control port except when the other process
tor-manual.html  68) knows the password whose one-way hash is <I>hashed_password</I>.  You can
tor-manual.html  69) compute the hash of a password by running &quot;tor --hash-password
tor-manual.html  70) <I>password</I>&quot;.
tor-manual.html  71) <DT><B>CookieAuthentication </B><B>0</B>|<B>1</B><DD>
tor-manual.html  72) If this option is set to 1, don't allow any connections on the control port
tor-manual.html  73) except when the connecting process knows the contents of a file named
tor-manual.html  74) &quot;control_auth_cookie&quot;, which Tor will create in its data directory.  This
tor-manual.html  75) authentication methods should only be used on systems with good filesystem
tor-manual.html  76) security. (Default: 0)

tor.manual.html  77) <DT><B>DataDirectory </B><I>DIR</I><DD>

tor-manual.html  78) Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)

tor-manual.html  79) <DT><B>DirFetchPeriod </B><I>N</I> <B>seconds</B>|<B>minutes</B>|<B>hours</B>|<B>days</B>|<B>weeks</B><DD>
tor-manual.html  80) Every time the specified period elapses, Tor downloads a directory.
tor-manual.html  81) A directory contains a signed list of all known servers as well as
tor-manual.html  82) their current liveness status. A value of &quot;0 seconds&quot; tells Tor to choose an
tor-manual.html  83) appropriate default. (Default: 1 hour for clients, 20 minutes for servers)

tor.manual.html  84) <DT><B>DirServer </B><I>address:port fingerprint</I><DD>
tor.manual.html  85) Use a nonstandard authoritative directory server at the provided
tor.manual.html  86) address and port, with the specified key fingerprint.  This option can
tor.manual.html  87) be repeated many times, for multiple authoritative directory
tor.manual.html  88) servers. If no <B>dirserver</B> line is given, Tor will use the default
tor.manual.html  89) directory servers: moria1, moria2, and tor26.
tor.manual.html  90) <DT><B>Group </B><I>GID</I><DD>
tor.manual.html  91) On startup, setgid to this user.
tor.manual.html  92) <DT><B>HttpProxy</B> <I>host</I>[:<I>port</I>]<DD>

tor-manual.html  93) Tor will make all its directory requests through this host:port
tor-manual.html  94) (or host:80 if port is not specified),

tor.manual.html  95) rather than connecting directly to any directory servers.

tor-manual.html  96) <DT><B>HttpProxyAuthenticator</B> <I>username:password</I><DD>
tor-manual.html  97) If defined, Tor will use this username:password for Basic Http proxy
tor-manual.html  98) authentication, as in RFC 2617. This is currently the only form of
tor-manual.html  99) Http proxy authentication that Tor supports; feel free to submit a
tor-manual.html 100) patch if you want it to support others.
tor-manual.html 101) <DT><B>HttpsProxy</B> <I>host</I>[:<I>port</I>]<DD>
tor-manual.html 102) Tor will make all its OR (SSL) connections through this host:port
tor-manual.html 103) (or host:443 if port is not specified), via HTTP CONNECT rather than
tor-manual.html 104) connecting directly to servers.  You may want to set <B>FascistFirewall</B>
tor-manual.html 105) to restrict the set of ports you might try to connect to, if your Https
tor-manual.html 106) proxy only allows connecting to certain ports.
tor-manual.html 107) <DT><B>HttpsProxyAuthenticator</B> <I>username:password</I><DD>
tor-manual.html 108) If defined, Tor will use this username:password for Basic Https proxy
tor-manual.html 109) authentication, as in RFC 2617. This is currently the only form of
tor-manual.html 110) Https proxy authentication that Tor supports; feel free to submit a
tor-manual.html 111) patch if you want it to support others.

tor.manual.html 112) <DT><B>KeepalivePeriod </B><I>NUM</I><DD>
tor.manual.html 113) To keep firewalls from expiring connections, send a padding keepalive

tor-manual.html 114) cell every NUM seconds on open connections that are in use. If the
tor-manual.html 115) connection has no open circuits, it will instead be closed after NUM
tor-manual.html 116) seconds of idleness. (Default: 5 minutes)
tor-manual.html 117) <DT><B>Log </B><I>minSeverity</I>[-<I>maxSeverity</I>] <B>stderr</B>|<B>stdout</B>|<B>syslog</B><DD>
tor-manual.html 118) Send all messages between <I>minSeverity</I> and <I>maxSeverity</I> to
tor-manual.html 119) the standard output stream, the standard error stream, or to the system
tor-manual.html 120) log. (The &quot;syslog&quot; value is only supported on Unix.)  Recognized
tor-manual.html 121) severity levels are debug, info, notice, warn, and err.  If only one
tor-manual.html 122) severity level is given, all messages of that level or higher will be
tor-manual.html 123) sent to the listed destination.
tor-manual.html 124) <DT><B>Log </B><I>minSeverity</I>[-<I>maxSeverity</I>] <B>file</B> <I>FILENAME</I><DD>
tor-manual.html 125) As above, but send log messages to the listed filename.  The &quot;Log&quot;
tor-manual.html 126) option may appear more than once in a configuration file.  Messages
tor-manual.html 127) are sent to all the logs that match their severity level.
tor-manual.html 128) <DT><B>MaxConn </B><I>NUM</I><DD>
tor-manual.html 129) Maximum number of simultaneous sockets allowed.  You probably don't need
tor-manual.html 130) to adjust this. (Default: 1024)

tor.manual.html 131) <DT><B>OutboundBindAddress </B><I>IP</I><DD>
tor.manual.html 132) Make all outbound connections originate from the IP address specified.  This
tor.manual.html 133) is only useful when you have multiple network interfaces, and you want all
tor.manual.html 134) of Tor's outgoing connections to use a single one.
tor.manual.html 135) <DT><B>PIDFile </B><I>FILE</I><DD>
tor.manual.html 136) On startup, write our PID to FILE. On clean shutdown, remove FILE.
tor.manual.html 137) <DT><B>RunAsDaemon </B><B>0</B>|<B>1</B><DD>
tor.manual.html 138) If 1, Tor forks and daemonizes to the background. (Default: 0)

tor-manual.html 139) <DT><B>SafeLogging </B><B>0</B>|<B>1</B><DD>
tor-manual.html 140) If 1, Tor replaces potentially sensitive strings in the logs
tor-manual.html 141) (e.g. addresses) with the string [scrubbed]. This way logs can still be
tor-manual.html 142) useful, but they don't leave behind personally identifying information
tor-manual.html 143) about what sites a user might have visited. (Default: 1)

tor.manual.html 144) <DT><B>StatusFetchPeriod </B><I>N</I> <B>seconds</B>|<B>minutes</B>|<B>hours</B>|<B>days</B>|<B>weeks</B><DD>
tor.manual.html 145) Every time the specified period elapses, Tor downloads signed status

tor-manual.html 146) information about the current state of known servers.  A value of
tor-manual.html 147) "0 seconds" tells Tor to choose an appropriate default. (Default: 30
tor-manual.html 148) minutes for clients, 15 minutes for servers)
tor-manual.html 149) <DT><B>User </B><I>UID</I><DD>
tor-manual.html 150) On startup, setuid to this user.

tor.manual.html 151) <P>
tor.manual.html 152) </DL>
tor.manual.html 153) <A NAME="lbAF">&nbsp;</A>
tor.manual.html 154) <H2>CLIENT OPTIONS</H2>
tor.manual.html 155) 
tor.manual.html 156) <P>
tor.manual.html 157) 
tor.manual.html 158) The following options are useful only for clients (that is, if <B>SOCKSPort</B> is non-zero):
tor.manual.html 159) <DL COMPACT>
tor.manual.html 160) <DT><B>AllowUnverifiedNodes</B> <B>entry</B>|<B>exit</B>|<B>middle</B>|<B>introduction</B>|<B>rendezvous</B>|...<DD>
tor.manual.html 161) Where on our circuits should we allow Tor servers that the directory

tor-manual.html 162) servers haven't authenticated as "verified"?  (Default: middle,rendezvous)

tor.manual.html 163) <DT><B>ClientOnly </B><B>0</B>|<B>1</B><DD>

tor-manual.html 164) If set to 1, Tor will under no circumstances run as a server. The default
tor-manual.html 165) is to run as a client unless ORPort is configured.  (Usually,

tor.manual.html 166) you don't need to set this; Tor is pretty smart at figuring out whether

tor-manual.html 167) you are reliable and high-bandwidth enough to be a useful server.)
tor-manual.html 168) <P>
tor-manual.html 169) This option will likely be deprecated in the future; see the NoPublish
tor-manual.html 170) option below. (Default: 0)

tor.manual.html 171) <DT><B>EntryNodes </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 172) A list of preferred nodes to use for the first hop in the circuit, if possible.
tor.manual.html 173) <DT><B>ExitNodes </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 174) A list of preferred nodes to use for the last hop in the circuit, if possible.
tor.manual.html 175) <DT><B>ExcludeNodes </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 176) A list of nodes to never use when building a circuit.
tor.manual.html 177) <DT><B>StrictExitNodes </B><B>0</B>|<B>1</B><DD>
tor.manual.html 178) If 1, Tor will never use any nodes besides those listed in &quot;exitnodes&quot; for
tor.manual.html 179) the last hop of a circuit.
tor.manual.html 180) <DT><B>StrictEntryNodes </B><B>0</B>|<B>1</B><DD>
tor.manual.html 181) If 1, Tor will never use any nodes besides those listed in &quot;entrynodes&quot; for
tor.manual.html 182) the first hop of a circuit.
tor.manual.html 183) <DT><B>FascistFirewall </B><B>0</B>|<B>1</B><DD>
tor.manual.html 184) If 1, Tor will only create outgoing connections to ORs running on ports that
tor.manual.html 185) your firewall allows (defaults to 80 and 443; see <B>FirewallPorts</B>).  This will
tor.manual.html 186) allow you to run Tor as a client behind a firewall with restrictive policies,
tor.manual.html 187) but will not allow you to run as a server behind such a firewall.
tor.manual.html 188) <DT><B>FirewallPorts </B><I>PORTS</I><DD>
tor.manual.html 189) A list of ports that your firewall allows you to connect to.  Only used when

tor-manual.html 190) <B>FascistFirewall</B> is set. (Default: 80, 443)
tor-manual.html 191) <DT><B>LongLivedPorts </B><I>PORTS</I><DD>
tor-manual.html 192) A list of ports for services that tend to have long-running connections
tor-manual.html 193) (e.g. chat and interactive shells). Circuits for streams that use these
tor-manual.html 194) ports will contain only high-uptime nodes, to reduce the chance that a
tor-manual.html 195) node will go down before the stream is finished. (Default: 21, 22, 706, 1863, 5050, 
tor-manual.html 196) 5190, 5222, 5223, 6667, 8300, 8888)
tor-manual.html 197) <DT><B>MapAddress</B> <I>address</I> <I>newaddress</I><DD>
tor-manual.html 198) When a request for address arrives to Tor, it will rewrite it to newaddress before 
tor-manual.html 199) processing it. For example, if you always want connections to <A HREF="http://www.indymedia.org">www.indymedia.org</A> to 
tor-manual.html 200) exit via <I>torserver</I> (where <I>torserver</I> is the nickname of the server), 
tor-manual.html 201) use &quot;MapAddress <A HREF="http://www.indymedia.org">www.indymedia.org</A> <A HREF="http://www.indymedia.org.torserver.exit">www.indymedia.org.torserver.exit</A>&quot;.
tor-manual.html 202) <DT><B>NewCircuitPeriod </B><I>NUM</I><DD>
tor-manual.html 203) Every NUM seconds consider whether to build a new circuit. (Default: 30 seconds)
tor-manual.html 204) <DT><B>MaxCircuitDirtiness </B><I>NUM</I><DD>
tor-manual.html 205) Feel free to reuse a circuit that was first used at most NUM seconds
tor-manual.html 206) ago, but never attach a new stream to a circuit that is too old. (Default: 10 minutes)

tor.manual.html 207) <DT><B>NodeFamily </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 208) The named Tor servers constitute a &quot;family&quot; of similar or co-administered
tor.manual.html 209) servers, so never use any two of them in the same circuit. Defining a
tor.manual.html 210) NodeFamily is only needed when a server doesn't list the family itself
tor.manual.html 211) (with MyFamily). This option can be used multiple times.
tor.manual.html 212) <DT>
tor.manual.html 213) <DD>
tor.manual.html 214) 
tor.manual.html 215) 

tor-manual.html 216) 

tor.manual.html 217) <B>RendNodes </B><I>nickname</I>,<I>nickname</I>,<I>...</I>
tor.manual.html 218) A list of preferred nodes to use for the rendezvous point, if possible.
tor.manual.html 219) <DT><B>RendExcludeNodes </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 220) A list of nodes to never use when choosing a rendezvous point.
tor.manual.html 221) <DT><B>SOCKSPort </B><I>PORT</I><DD>

tor-manual.html 222) Advertise this port to listen for connections from SOCKS-speaking
tor-manual.html 223) applications.  Set this to 0 if you don't want to allow application
tor-manual.html 224) connections. (Default: 9050)
tor-manual.html 225) <DT><B>SOCKSBindAddress </B><I>IP</I>[:<I>PORT</I>]<DD>
tor-manual.html 226) Bind to this address to listen for connections from SOCKS-speaking
tor-manual.html 227) applications. (Default: 127.0.0.1) You can also specify a port
tor-manual.html 228) (e.g. 192.168.0.1:9100). This directive can be specified multiple times
tor-manual.html 229) to bind to multiple addresses/ports.

tor.manual.html 230) <DT><B>SOCKSPolicy </B><I>policy</I>,<I>policy</I>,<I>...</I><DD>

tor-manual.html 231) Set an entrance policy for this server, to limit who can connect to the SOCKS ports. 
tor-manual.html 232) The policies have the same form as exit policies below.
tor-manual.html 233) <DT><B>TrackHostExits </B><I>host</I>,<I>.domain</I>,<I>...</I><DD>
tor-manual.html 234) For each value in the comma separated list, Tor will track recent connections
tor-manual.html 235) to hosts that match this value and attempt to
tor-manual.html 236) reuse the same exit node for each. If the value is prepended with a '.', it is
tor-manual.html 237) treated as matching an entire domain. If one of the values is just a '.', it
tor-manual.html 238) means match everything. This option is useful if you frequently connect to
tor-manual.html 239) sites that will expire all your authentication cookies (ie log you out) if
tor-manual.html 240) your IP address changes. Note that this option does have the disadvantage of
tor-manual.html 241) making it more clear that a given history is
tor-manual.html 242) associated with a single user. However, most people who would wish to observe
tor-manual.html 243) this will observe it through cookies or other protocol-specific means anyhow.
tor-manual.html 244) <DT><B>TrackHostExitsExpire </B><I>NUM</I><DD>
tor-manual.html 245) Since exit servers go up and down, it is desirable to expire the association
tor-manual.html 246) between host and exit server after NUM seconds of inactivity. The default
tor-manual.html 247) is 1800 seconds (30 minutes).

tor.manual.html 248) <P>
tor.manual.html 249) </DL>
tor.manual.html 250) <A NAME="lbAG">&nbsp;</A>
tor.manual.html 251) <H2>SERVER OPTIONS</H2>
tor.manual.html 252) 
tor.manual.html 253) <P>
tor.manual.html 254) 
tor.manual.html 255) The following options are useful only for servers (that is, if <B>ORPort</B> is non-zero):
tor.manual.html 256) <DL COMPACT>
tor.manual.html 257) <DT><B>Address </B><I>address</I><DD>
tor.manual.html 258) The IP or fqdn of this server (e.g. moria.mit.edu). You can leave this
tor.manual.html 259) unset, and Tor will guess your IP.
tor.manual.html 260) <DT><B>ContactInfo </B><I>email_address</I><DD>
tor.manual.html 261) Administrative contact information for server.
tor.manual.html 262) <DT><B>ExitPolicy </B><I>policy</I>,<I>policy</I>,<I>...</I><DD>
tor.manual.html 263) Set an exit policy for this server. Each policy is of the form

tor-manual.html 264) &quot;<B>accept</B>|<B>reject</B> <I>ADDR</I>[<B>/</B><I>MASK</I>]<B>[:</B><I>PORT</I>]&quot;.

tor.manual.html 265) If <B>/</B><I>MASK</I> is omitted then this policy just applies to the host
tor.manual.html 266) given.  Instead of giving a host or network you can also use &quot;<B>*</B>&quot; to
tor.manual.html 267) denote the universe (0.0.0.0/0).  <I>PORT</I> can be a single port number,
tor.manual.html 268) an interval of ports &quot;<I>FROM_PORT</I><B>-</B><I>TO_PORT</I>&quot;, or &quot;<B>*</B>&quot;.

tor-manual.html 269) If PORT is omitted, that means &quot;<B>*</B>&quot;.

tor.manual.html 270) <P>
tor.manual.html 271) For example, &quot;reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept *:*&quot; would
tor.manual.html 272) reject any traffic destined for localhost and any 192.168.1.* address, but
tor.manual.html 273) accept anything else.
tor.manual.html 274) <P>
tor.manual.html 275) This directive can be specified multiple times so you don't have to put
tor.manual.html 276) it all on one line.
tor.manual.html 277) <P>
tor.manual.html 278) See RFC 3330 for more details about internal and reserved IP address
tor.manual.html 279) space. Policies are considered first to last, and the first match wins. If
tor.manual.html 280) you want to _replace_ the default exit policy, end your exit policy with
tor.manual.html 281) either a reject *:* or an accept *:*. Otherwise, you're _augmenting_
tor.manual.html 282) (prepending to) the default exit policy. The default exit policy is:
tor.manual.html 283) 
tor.manual.html 284) <DL COMPACT><DT><DD>
tor.manual.html 285) <DL COMPACT>
tor.manual.html 286) <DT>reject 0.0.0.0/8<DD>
tor.manual.html 287) <DT>reject 169.254.0.0/16<DD>
tor.manual.html 288) <DT>reject 127.0.0.0/8<DD>
tor.manual.html 289) <DT>reject 192.168.0.0/16<DD>
tor.manual.html 290) <DT>reject 10.0.0.0/8<DD>
tor.manual.html 291) <DT>reject 172.16.0.0/12<DD>

tor-manual.html 292) <DT>reject *:25<DD>
tor-manual.html 293) <DT>reject *:119<DD>
tor-manual.html 294) <DT>reject *:135-139<DD>
tor-manual.html 295) <DT>reject *:445<DD>

tor.manual.html 296) <DT>reject *:1214<DD>

tor-manual.html 297) <DT>reject *:4661-4666<DD>
tor-manual.html 298) <DT>reject *:6346-6429<DD>

tor-manual.html 299) <DT>reject *:6699<DD>

tor-manual.html 300) <DT>reject *:6881-6999<DD>

tor-manual.html 301) <DT>accept *:*<DD>

tor.manual.html 302) </DL>
tor.manual.html 303) </DL>
tor.manual.html 304) 
tor.manual.html 305) 
tor.manual.html 306) <DT><B>MaxOnionsPending </B><I>NUM</I><DD>
tor.manual.html 307) If you have more than this number of onionskins queued for decrypt, reject new ones. (Default: 100)
tor.manual.html 308) <DT><B>MyFamily </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 309) Declare that this Tor server is controlled or administered by a group
tor.manual.html 310) or organization identical or similar to that of the other named servers.
tor.manual.html 311) When two servers both declare that they are in the same 'family', Tor clients

tor-manual.html 312) will not use them in the same circuit.  (Each server only needs to list the
tor-manual.html 313) other servers in its family; it doesn't need to list itself, but it won't hurt.)

tor.manual.html 314) <DT><B>Nickname </B><I>name</I><DD>
tor.manual.html 315) Set the server's nickname to 'name'.

tor-manual.html 316) <DT><B>NoPublish </B><B>0</B>|<B>1</B><DD>
tor-manual.html 317) If you set NoPublish 1, Tor will act as a server if you have an ORPort
tor-manual.html 318) defined, but it will not publish its descriptor to the dirservers. This
tor-manual.html 319) option is useful if you're testing out your server, or if you're using
tor-manual.html 320) alternate dirservers (e.g. for other Tor networks such as Blossom).
tor-manual.html 321) (Default: 0)

tor.manual.html 322) <DT><B>NumCPUs </B><I>num</I><DD>
tor.manual.html 323) How many processes to use at once for decrypting onionskins. (Default: 1)
tor.manual.html 324) <DT><B>ORPort </B><I>PORT</I><DD>

tor-manual.html 325) Advertise this port to listen for connections from Tor clients and servers.
tor-manual.html 326) <DT><B>ORBindAddress </B><I>IP</I>[:<I>PORT</I>]<DD>
tor-manual.html 327) Bind to this IP address to listen for connections from Tor clients and
tor-manual.html 328) servers. If you specify a port, bind to this port rather than the one
tor-manual.html 329) specified in ORPort. (Default: 0.0.0.0)

tor.manual.html 330) <DT><B>RedirectExit </B><I>pattern target</I><DD>
tor.manual.html 331) Whenever an outgoing connection tries to connect to one of a given set
tor.manual.html 332) of addresses, connect to <I>target</I> (an <I>address:port</I> pair) instead.
tor.manual.html 333) The address
tor.manual.html 334) pattern is given in the same format as for an exit policy.  The
tor.manual.html 335) address translation applies after exit policies are applied.  Multiple
tor.manual.html 336) <B>RedirectExit</B> options can be used: once any one has matched
tor.manual.html 337) successfully, no subsequent rules are considered.  You can specify that no
tor.manual.html 338) redirection is to be performed on a given set of addresses by using the
tor.manual.html 339) special target string &quot;pass&quot;, which prevents subsequent rules from being
tor.manual.html 340) considered.

tor-manual.html 341) <DT><B>ShutdownWaitLength</B><I>NUM</I><DD>
tor-manual.html 342) When we get a SIGINT and we're a server, we begin shutting down: we close
tor-manual.html 343) listeners and start refusing new circuits. After <B>NUM</B> seconds,
tor-manual.html 344) we exit. If we get a second SIGINT, we exit immediately.  (Default:
tor-manual.html 345) 30 seconds)

tor.manual.html 346) <DT><B>DirPostPeriod </B><I>N</I> <B>seconds</B>|<B>minutes</B>|<B>hours</B>|<B>days</B>|<B>weeks</B><DD>
tor.manual.html 347) Every time the specified period elapses, Tor uploads its server
tor.manual.html 348) descriptors to the directory servers.  This information is also

tor-manual.html 349) uploaded whenever it changes.  (Default: 20 minutes)

tor.manual.html 350) <DT><B>AccountingMax </B><I>N</I> <B>bytes</B>|<B>KB</B>|<B>MB</B>|<B>GB</B>|<B>TB</B><DD>
tor.manual.html 351) Never send more than the specified number of bytes in a given
tor.manual.html 352) accounting period, or receive more than that number in the period.

tor-manual.html 353) For example, with AccountingMax set to 1 GB, a server could send 900 MB
tor-manual.html 354) and receive 800 MB and continue running. It will only hibernate once one
tor-manual.html 355) of the two reaches 1 GB.

tor.manual.html 356) When the number of bytes is exhausted, Tor will hibernate until some
tor.manual.html 357) time in the next accounting period.  To prevent all servers from
tor.manual.html 358) waking at the same time, Tor will also wait until a random point in
tor.manual.html 359) each period before waking up.  If you have bandwidth cost issues,

tor-manual.html 360) enabling hibernation is preferable to setting a low bandwidth, since it

tor.manual.html 361) provides users with a collection of fast servers that are up some of
tor.manual.html 362) the time, which is more useful than a set of slow servers that are
tor.manual.html 363) always "available".
tor.manual.html 364) <DT><B>AccountingStart </B><B>day</B>|<B>week</B>|<B>month</B> [<I>day</I>] <I>HH:MM</I><DD>
tor.manual.html 365) Specify how long accounting periods last.  If <B>month</B> is given,
tor.manual.html 366) each accounting period runs from the time <I>HH:MM</I> on the
tor.manual.html 367) <I>day</I>th day of one month to the same day and time of the next.
tor.manual.html 368) (The day must be between 1 and 28.)  If <B>week</B> is given, each
tor.manual.html 369) accounting period runs from the time <I>HH:MM</I> of the <I>day</I>th
tor.manual.html 370) day of one week to the same day and time of the next week, with Monday
tor.manual.html 371) as day 1 and Sunday as day 7.  If <B>day</B> is given, each accounting
tor.manual.html 372) period runs from the time <I>HH:MM</I> each day to the same time on the
tor.manual.html 373) next day.  All times are local, and given in 24-hour time.  (Defaults to
tor.manual.html 374) &quot;month 1 0:00&quot;.)
tor.manual.html 375) <P>
tor.manual.html 376) </DL>
tor.manual.html 377) <A NAME="lbAH">&nbsp;</A>
tor.manual.html 378) <H2>DIRECTORY SERVER OPTIONS</H2>
tor.manual.html 379) 
tor.manual.html 380) <P>
tor.manual.html 381) 
tor.manual.html 382) The following options are useful only for directory servers (that is, if <B>DirPort</B> is non-zero):
tor.manual.html 383) <DL COMPACT>
tor.manual.html 384) <DT><B>AuthoritativeDirectory </B><B>0</B>|<B>1</B><DD>
tor.manual.html 385) When this option is set to 1, Tor operates as an authoritative
tor.manual.html 386) directory server.  Instead of caching the directory, it generates its
tor.manual.html 387) own list of good servers, signs it, and sends that to the clients.
tor.manual.html 388) Unless the clients already have you listed as a trusted directory, you
tor.manual.html 389) probably do not want to set this option.  Please coordinate with the other
tor.manual.html 390) admins at <A HREF="mailto:tor-ops@freehaven.net">tor-ops@freehaven.net</A> if you think you should be a directory.
tor.manual.html 391) <DT><B>DirPort </B><I>PORT</I><DD>

tor-manual.html 392) Advertise the directory service on this port.
tor-manual.html 393) <DT><B>DirBindAddress </B><I>IP</I>[:<I>PORT</I>]<DD>
tor-manual.html 394) Bind the directory service to this address. If you specify a port, bind
tor-manual.html 395) to this port rather than the one specified in DirPort. (Default: 0.0.0.0)

tor.manual.html 396) <DT><B>DirPolicy </B><I>policy</I>,<I>policy</I>,<I>...</I><DD>

tor-manual.html 397) Set an entrance policy for this server, to limit who can connect to the directory ports. 
tor-manual.html 398) The policies have the same form as exit policies above.

tor.manual.html 399) <DT><B>RecommendedVersions </B><I>STRING</I><DD>
tor.manual.html 400) STRING is a command-separated list of Tor versions currently believed
tor.manual.html 401) to be safe. The list is included in each directory, and nodes which
tor.manual.html 402) pull down the directory learn whether they need to upgrade.  This
tor.manual.html 403) option can appear multiple times: the values from multiple lines are
tor.manual.html 404) spliced together.

tor-manual.html 405) <DT><B>DirAllowPrivateAddresses </B><B>0</B>|<B>1</B><DD>
tor-manual.html 406) If set to 1, Tor will accept router descriptors with arbitrary &quot;Address&quot;
tor-manual.html 407) elements. Otherwise, if the address is not an IP or is a private IP,
tor-manual.html 408) it will reject the router descriptor. Defaults to 0.

tor.manual.html 409) <DT><B>RunTesting </B><B>0</B>|<B>1</B><DD>
tor.manual.html 410) If set to 1, Tor tries to build circuits through all of the servers it
tor.manual.html 411) knows about, so it can tell which are up and which are down.  This
tor.manual.html 412) option is only useful for authoritative directories, so you probably
tor.manual.html 413) don't want to use it.
tor.manual.html 414) <P>
tor.manual.html 415) </DL>
tor.manual.html 416) <A NAME="lbAI">&nbsp;</A>
tor.manual.html 417) <H2>HIDDEN SERVICE OPTIONS</H2>
tor.manual.html 418) 
tor.manual.html 419) <P>
tor.manual.html 420) 
tor.manual.html 421) The following options are used to configure a hidden service.
tor.manual.html 422) <DL COMPACT>
tor.manual.html 423) <DT><B>HiddenServiceDir </B><I>DIRECTORY</I><DD>
tor.manual.html 424) Store data files for a hidden service in DIRECTORY.  Every hidden
tor.manual.html 425) service must have a separate directory.  You may use this option multiple
tor.manual.html 426) times to specify multiple services.
tor.manual.html 427) <DT><B>HiddenServicePort </B><I>VIRTPORT </I>[<I>TARGET</I>]<DD>
tor.manual.html 428) Configure a virtual port VIRTPORT for a hidden service.  You may use this
tor.manual.html 429) option multiple times; each time applies to the service using the most recent
tor.manual.html 430) hiddenservicedir.  By default, this option maps the virtual port to the
tor.manual.html 431) same port on 127.0.0.1.  You may override the target port, address, or both
tor.manual.html 432) by specifying a target of addr, port, or addr:port.
tor.manual.html 433) <DT><B>HiddenServiceNodes </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 434) If possible, use the specified nodes as introduction points for the hidden

tor-manual.html 435) service. If this is left unset, Tor will be smart and pick some reasonable
tor-manual.html 436) ones; most people can leave this unset.

tor.manual.html 437) <DT><B>HiddenServiceExcludeNodes </B><I>nickname</I>,<I>nickname</I>,<I>...</I><DD>
tor.manual.html 438) Do not use the specified nodes as introduction points for the hidden

tor-manual.html 439) service. In normal use there is no reason to set this.
tor-manual.html 440) <DT><B>RendPostPeriod </B><I>N</I> <B>seconds</B>|<B>minutes</B>|<B>hours</B>|<B>days</B>|<B>weeks</B><DD>
tor-manual.html 441) Every time the specified period elapses, Tor uploads any rendezvous
tor-manual.html 442) service descriptors to the directory servers.  This information is also
tor-manual.html 443) uploaded whenever it changes.  (Default: 20 minutes)

tor.manual.html 444) <P>
tor.manual.html 445) 
tor.manual.html 446) 
tor.manual.html 447) <P>
tor.manual.html 448) </DL>
tor.manual.html 449) <A NAME="lbAJ">&nbsp;</A>
tor.manual.html 450) <H2>SIGNALS</H2>
tor.manual.html 451) 
tor.manual.html 452) Tor catches the following signals:
tor.manual.html 453) <DL COMPACT>
tor.manual.html 454) <DT><B>SIGTERM</B><DD>
tor.manual.html 455) Tor will catch this, clean up and sync to disk if necessary, and exit.
tor.manual.html 456) <DT><B>SIGINT</B><DD>
tor.manual.html 457) Tor clients behave as with SIGTERM; but Tor servers will do a controlled
tor.manual.html 458) slow shutdown, closing listeners and waiting 30 seconds before exiting.

tor-manual.html 459) (The delay can be configured with the ShutdownWaitLength config option.)

tor.manual.html 460) <DT><B>SIGHUP</B><DD>

tor-manual.html 461) The signal instructs Tor to reload its configuration (including closing
tor-manual.html 462) and reopening logs), fetch a new directory, and kill and restart its
tor-manual.html 463) helper processes if applicable.

tor.manual.html 464) <DT><B>SIGUSR1</B><DD>
tor.manual.html 465) Log statistics about current connections, past connections, and
tor.manual.html 466) throughput.
tor.manual.html 467) <DT><B>SIGUSR2</B><DD>
tor.manual.html 468) Switch all logs to loglevel debug. You can go back to the old loglevels
tor.manual.html 469) by sending a SIGHUP.
tor.manual.html 470) <DT><B>SIGCHLD</B><DD>
tor.manual.html 471) Tor receives this signal when one of its helper processes has exited,
tor.manual.html 472) so it can clean up.
tor.manual.html 473) <DT><B>SIGPIPE</B><DD>
tor.manual.html 474) Tor catches this signal and ignores it.
tor.manual.html 475) <DT><B>SIGXFSZ</B><DD>
tor.manual.html 476) If this signal exists on your platform, Tor catches and ignores it.
tor.manual.html 477) <P>
tor.manual.html 478) </DL>
tor.manual.html 479) <A NAME="lbAK">&nbsp;</A>
tor.manual.html 480) <H2>FILES</H2>
tor.manual.html 481) 
tor.manual.html 482) <DL COMPACT>

tor-manual.html 483) <DT><I>@CONFDIR@/torrc</I>

tor.manual.html 484) 
tor.manual.html 485) <DD>
tor.manual.html 486) The configuration file, which contains &quot;option value&quot; pairs.

tor-manual.html 487) <DT><I>@LOCALSTATEDIR@/lib/tor/</I>

tor.manual.html 488) 
tor.manual.html 489) <DD>
tor.manual.html 490) The tor process stores keys and other data here.
tor.manual.html 491) <P>
tor.manual.html 492) </DL>
tor.manual.html 493) <A NAME="lbAL">&nbsp;</A>
tor.manual.html 494) <H2>SEE ALSO</H2>
tor.manual.html 495) 

tor-manual.html 496) <B><A HREF="../?1+privoxy">privoxy</A></B>(1),

tor.manual.html 497) 

tor-manual.html 498) <B><A HREF="../?1+tsocks">tsocks</A></B>(1),

tor.manual.html 499) 

tor-manual.html 500) <B><A HREF="../?1+torify">torify</A></B>(1)

tor.manual.html 501) 
tor.manual.html 502) <P>

tor-manual.html 503) <B><A HREF="http://tor.eff.org/">http://tor.eff.org/</A></B>

tor.manual.html 504) 
tor.manual.html 505) <P>
tor.manual.html 506) <A NAME="lbAM">&nbsp;</A>
tor.manual.html 507) <H2>BUGS</H2>
tor.manual.html 508) 

tor-manual.html 509) Plenty, probably. Tor is still in development. Please report them.

tor.manual.html 510) <A NAME="lbAN">&nbsp;</A>
tor.manual.html 511) <H2>AUTHORS</H2>
tor.manual.html 512) 
tor.manual.html 513) Roger Dingledine &lt;<A HREF="mailto:arma@mit.edu">arma@mit.edu</A>&gt;, Nick Mathewson &lt;<A HREF="mailto:nickm@alum.mit.edu">nickm@alum.mit.edu</A>&gt;.
tor.manual.html 514) <P>
tor.manual.html 515) 
tor.manual.html 516) <HR>
tor.manual.html 517) <A NAME="index">&nbsp;</A><H2>Index</H2>
tor.manual.html 518) <DL>
tor.manual.html 519) <DT><A HREF="#lbAB">NAME</A><DD>
tor.manual.html 520) <DT><A HREF="#lbAC">SYNOPSIS</A><DD>
tor.manual.html 521) <DT><A HREF="#lbAD">DESCRIPTION</A><DD>
tor.manual.html 522) <DT><A HREF="#lbAE">OPTIONS</A><DD>
tor.manual.html 523) <DT><A HREF="#lbAF">CLIENT OPTIONS</A><DD>
tor.manual.html 524) <DT><A HREF="#lbAG">SERVER OPTIONS</A><DD>
tor.manual.html 525) <DT><A HREF="#lbAH">DIRECTORY SERVER OPTIONS</A><DD>
tor.manual.html 526) <DT><A HREF="#lbAI">HIDDEN SERVICE OPTIONS</A><DD>
tor.manual.html 527) <DT><A HREF="#lbAJ">SIGNALS</A><DD>
tor.manual.html 528) <DT><A HREF="#lbAK">FILES</A><DD>
tor.manual.html 529) <DT><A HREF="#lbAL">SEE ALSO</A><DD>
tor.manual.html 530) <DT><A HREF="#lbAM">BUGS</A><DD>
tor.manual.html 531) <DT><A HREF="#lbAN">AUTHORS</A><DD>
tor.manual.html 532) </DL>
tor.manual.html 533) <HR>
tor.manual.html 534) This document was created by

tor-manual.html 535) <A HREF="../">man2html</A>,

tor.manual.html 536) using the manual pages.<BR>

tor-manual.html 537) Time: 23:00:41 GMT, June 29, 2005