FAQ (relay section): move two questions out of the relay section
nusenu commited on 2018-04-02 19:01:41
Zeige 1 geänderte Dateien mit 78 Einfügungen und 78 Löschungen.
the following two questions have been moved from the relay to the "Advanced Tor usage" section as they are more client related: I want to run my Tor client on a different computer than my applications. Can I install Tor on a central server, and have my clients connect to it?
- docs/en/faq.wml fa763adbf..a5c3038d7
| ... | ... |
@@ -132,6 +132,10 @@ country) |
| 132 | 132 |
worry?</a></li> |
| 133 | 133 |
<li><a href="#SocksAndDNS">How do I check if my application that uses |
| 134 | 134 |
SOCKS is leaking DNS requests?</a></li> |
| 135 |
+ <li><a href="#TorClientOnADifferentComputerThanMyApplications">I want to run my Tor client on a |
|
| 136 |
+ different computer than my applications.</a></li> |
|
| 137 |
+ <li><a href="#ServerClient">Can I install Tor on a central server, and |
|
| 138 |
+ have my clients connect to it?</a></li> |
|
| 135 | 139 |
</ul> |
| 136 | 140 |
|
| 137 | 141 |
<a id="relay"></a> |
| ... | ... |
@@ -167,10 +171,6 @@ be?</a></li> |
| 167 | 171 |
Why did that happen?</a></li> |
| 168 | 172 |
<li><a href="#MyRelayRecentlyGotTheGuardFlagAndTrafficDroppedByHalf">My |
| 169 | 173 |
relay recently got the Guard flag and traffic dropped by half.</a></li> |
| 170 |
- <li><a href="#TorClientOnADifferentComputerThanMyApplications">I want to run my Tor client on a |
|
| 171 |
- different computer than my applications.</a></li> |
|
| 172 |
- <li><a href="#ServerClient">Can I install Tor on a central server, and |
|
| 173 |
- have my clients connect to it?</a></li> |
|
| 174 | 174 |
<li><a href="#JoinTheNetwork">So I can just configure a nickname and |
| 175 | 175 |
ORPort and join the network?</a></li> |
| 176 | 176 |
<li><a href="#RelayOrBridge">Should I be a normal relay or bridge |
| ... | ... |
@@ -2027,6 +2027,80 @@ from the source code release tor-0.2.4.16-rc is: |
| 2027 | 2027 |
|
| 2028 | 2028 |
<hr> |
| 2029 | 2029 |
|
| 2030 |
+ <a id="TorClientOnADifferentComputerThanMyApplications"></a> |
|
| 2031 |
+ <h3><a class="anchor" href="#TorClientOnADifferentComputerThanMyApplications">I |
|
| 2032 |
+ want to run my Tor client on a different computer than my applications. |
|
| 2033 |
+ </a></h3> |
|
| 2034 |
+ <p> |
|
| 2035 |
+ By default, your Tor client only listens for applications that |
|
| 2036 |
+ connect from localhost. Connections from other computers are |
|
| 2037 |
+ refused. If you want to torify applications on different computers |
|
| 2038 |
+ than the Tor client, you should edit your torrc to define |
|
| 2039 |
+ SocksListenAddress 0.0.0.0 and then restart (or hup) Tor. If you |
|
| 2040 |
+ want to get more advanced, you can configure your Tor client on a |
|
| 2041 |
+ firewall to bind to your internal IP but not your external IP. |
|
| 2042 |
+ </p> |
|
| 2043 |
+ |
|
| 2044 |
+ <hr> |
|
| 2045 |
+ |
|
| 2046 |
+ <a id="ServerClient"></a> |
|
| 2047 |
+ <h3><a class="anchor" href="#ServerClient">Can I install Tor on a |
|
| 2048 |
+ central server, and have my clients connect to it?</a></h3> |
|
| 2049 |
+ <p> |
|
| 2050 |
+ Yes. Tor can be configured as a client or a relay on another |
|
| 2051 |
+ machine, and allow other machines to be able to connect to it |
|
| 2052 |
+ for anonymity. This is most useful in an environment where many |
|
| 2053 |
+ computers want a gateway of anonymity to the rest of the world. |
|
| 2054 |
+ However, be forwarned that with this configuration, anyone within |
|
| 2055 |
+ your private network (existing between you and the Tor |
|
| 2056 |
+ client/relay) can see what traffic you are sending in clear text. |
|
| 2057 |
+ The anonymity doesn't start until you get to the Tor relay. |
|
| 2058 |
+ Because of this, if you are the controller of your domain and you |
|
| 2059 |
+ know everything's locked down, you will be OK, but this configuration |
|
| 2060 |
+ may not be suitable for large private networks where security is |
|
| 2061 |
+ key all around. |
|
| 2062 |
+ </p> |
|
| 2063 |
+ <p> |
|
| 2064 |
+Configuration is simple, editing your torrc file's SocksListenAddress |
|
| 2065 |
+according to the following examples: |
|
| 2066 |
+ </p> |
|
| 2067 |
+ <pre> |
|
| 2068 |
+ |
|
| 2069 |
+ #This provides local interface access only, |
|
| 2070 |
+ #needs SocksPort to be greater than 0 |
|
| 2071 |
+ SocksListenAddress 127.0.0.1 |
|
| 2072 |
+ |
|
| 2073 |
+ #This provides access to Tor on a specified interface |
|
| 2074 |
+ SocksListenAddress 192.168.x.x:9100 |
|
| 2075 |
+ |
|
| 2076 |
+ #Accept from all interfaces |
|
| 2077 |
+ SocksListenAddress 0.0.0.0:9100 |
|
| 2078 |
+ </pre> |
|
| 2079 |
+ <p> |
|
| 2080 |
+You can state multiple listen addresses, in the case that you are |
|
| 2081 |
+part of several networks or subnets. |
|
| 2082 |
+ </p> |
|
| 2083 |
+ <pre> |
|
| 2084 |
+ SocksListenAddress 192.168.x.x:9100 #eth0 |
|
| 2085 |
+ SocksListenAddress 10.x.x.x:9100 #eth1 |
|
| 2086 |
+ </pre> |
|
| 2087 |
+ <p> |
|
| 2088 |
+After this, your clients on their respective networks/subnets would specify |
|
| 2089 |
+a socks proxy with the address and port you specified SocksListenAddress |
|
| 2090 |
+to be. |
|
| 2091 |
+ </p> |
|
| 2092 |
+ <p> |
|
| 2093 |
+Please note that the SocksPort configuration option gives the port ONLY for |
|
| 2094 |
+localhost (127.0.0.1). When setting up your SocksListenAddress(es), you need |
|
| 2095 |
+to give the port with the address, as shown above. |
|
| 2096 |
+ <p> |
|
| 2097 |
+If you are interested in forcing all outgoing data through the central Tor |
|
| 2098 |
+client/relay, instead of the server only being an optional proxy, you may find |
|
| 2099 |
+the program iptables (for *nix) useful. |
|
| 2100 |
+ </p> |
|
| 2101 |
+ |
|
| 2102 |
+ <hr> |
|
| 2103 |
+ |
|
| 2030 | 2104 |
<a id="RunningATorRelay"></a> |
| 2031 | 2105 |
<h2><a class="anchor" href="#RunningATorRelay">Running a Tor relay:</a></h2> |
| 2032 | 2106 |
|
| ... | ... |
@@ -2476,80 +2550,6 @@ users |
| 2476 | 2550 |
|
| 2477 | 2551 |
<hr> |
| 2478 | 2552 |
|
| 2479 |
- <a id="TorClientOnADifferentComputerThanMyApplications"></a> |
|
| 2480 |
- <h3><a class="anchor" href="#TorClientOnADifferentComputerThanMyApplications">I |
|
| 2481 |
- want to run my Tor client on a different computer than my applications. |
|
| 2482 |
- </a></h3> |
|
| 2483 |
- <p> |
|
| 2484 |
- By default, your Tor client only listens for applications that |
|
| 2485 |
- connect from localhost. Connections from other computers are |
|
| 2486 |
- refused. If you want to torify applications on different computers |
|
| 2487 |
- than the Tor client, you should edit your torrc to define |
|
| 2488 |
- SocksListenAddress 0.0.0.0 and then restart (or hup) Tor. If you |
|
| 2489 |
- want to get more advanced, you can configure your Tor client on a |
|
| 2490 |
- firewall to bind to your internal IP but not your external IP. |
|
| 2491 |
- </p> |
|
| 2492 |
- |
|
| 2493 |
- <hr> |
|
| 2494 |
- |
|
| 2495 |
- <a id="ServerClient"></a> |
|
| 2496 |
- <h3><a class="anchor" href="#ServerClient">Can I install Tor on a |
|
| 2497 |
- central server, and have my clients connect to it?</a></h3> |
|
| 2498 |
- <p> |
|
| 2499 |
- Yes. Tor can be configured as a client or a relay on another |
|
| 2500 |
- machine, and allow other machines to be able to connect to it |
|
| 2501 |
- for anonymity. This is most useful in an environment where many |
|
| 2502 |
- computers want a gateway of anonymity to the rest of the world. |
|
| 2503 |
- However, be forwarned that with this configuration, anyone within |
|
| 2504 |
- your private network (existing between you and the Tor |
|
| 2505 |
- client/relay) can see what traffic you are sending in clear text. |
|
| 2506 |
- The anonymity doesn't start until you get to the Tor relay. |
|
| 2507 |
- Because of this, if you are the controller of your domain and you |
|
| 2508 |
- know everything's locked down, you will be OK, but this configuration |
|
| 2509 |
- may not be suitable for large private networks where security is |
|
| 2510 |
- key all around. |
|
| 2511 |
- </p> |
|
| 2512 |
- <p> |
|
| 2513 |
-Configuration is simple, editing your torrc file's SocksListenAddress |
|
| 2514 |
-according to the following examples: |
|
| 2515 |
- </p> |
|
| 2516 |
- <pre> |
|
| 2517 |
- |
|
| 2518 |
- #This provides local interface access only, |
|
| 2519 |
- #needs SocksPort to be greater than 0 |
|
| 2520 |
- SocksListenAddress 127.0.0.1 |
|
| 2521 |
- |
|
| 2522 |
- #This provides access to Tor on a specified interface |
|
| 2523 |
- SocksListenAddress 192.168.x.x:9100 |
|
| 2524 |
- |
|
| 2525 |
- #Accept from all interfaces |
|
| 2526 |
- SocksListenAddress 0.0.0.0:9100 |
|
| 2527 |
- </pre> |
|
| 2528 |
- <p> |
|
| 2529 |
-You can state multiple listen addresses, in the case that you are |
|
| 2530 |
-part of several networks or subnets. |
|
| 2531 |
- </p> |
|
| 2532 |
- <pre> |
|
| 2533 |
- SocksListenAddress 192.168.x.x:9100 #eth0 |
|
| 2534 |
- SocksListenAddress 10.x.x.x:9100 #eth1 |
|
| 2535 |
- </pre> |
|
| 2536 |
- <p> |
|
| 2537 |
-After this, your clients on their respective networks/subnets would specify |
|
| 2538 |
-a socks proxy with the address and port you specified SocksListenAddress |
|
| 2539 |
-to be. |
|
| 2540 |
- </p> |
|
| 2541 |
- <p> |
|
| 2542 |
-Please note that the SocksPort configuration option gives the port ONLY for |
|
| 2543 |
-localhost (127.0.0.1). When setting up your SocksListenAddress(es), you need |
|
| 2544 |
-to give the port with the address, as shown above. |
|
| 2545 |
- <p> |
|
| 2546 |
-If you are interested in forcing all outgoing data through the central Tor |
|
| 2547 |
-client/relay, instead of the server only being an optional proxy, you may find |
|
| 2548 |
-the program iptables (for *nix) useful. |
|
| 2549 |
- </p> |
|
| 2550 |
- |
|
| 2551 |
- <hr> |
|
| 2552 |
- |
|
| 2553 | 2553 |
<a id="RelayOrBridge"></a> |
| 2554 | 2554 |
<h3><a class="anchor" href="#RelayOrBridge">Should I be a normal |
| 2555 | 2555 |
relay or bridge relay?</a></h3> |
| 2556 | 2556 |