tor-webwml.git

@@ -59,18 +60,6 @@

     servers</a>.

     </li>

-    <li><strong>Manual Configuration</strong>:

-    <ul>

-    <li>Edit the bottom part of <a href="<page docs/faq>#torrc">your

-    torrc file</a>. If you want to be a public relay (recommended),

-    make sure to define ORPort and <a href="<page

-    docs/faq>#ExitPolicies">look at ExitPolicy</a>; otherwise

-    if you want to be a <a href="<page docs/faq>#RelayOrBridge">bridge</a>

-    for users in countries that censor their Internet,

-    just use <a href="<page docs/bridges>#RunningABridge">these lines</a>.

-    </li>

-    </ul></li>

-

     <li><strong>Configuring Tor with the Vidalia Graphical Interface</strong>:

     <ol>

@@ -176,49 +165,30 @@ that censor their Internet.</dt>

     We recommend the following steps as well:

     </p>

-    <p>

-    6. Read

+    <ol>

+    <li>Read

     <a href="<wiki>doc/OperationalSecurity">about operational security</a>

     to get ideas how you can increase the security of your relay.

-    </p>

+    </li>

-    <p>

-    7. If you want to run more than one relay that's great, but please set <a

+    <li>

+    If you want to run more than one relay that's great, but please set <a

     href="<page docs/faq>#MultipleRelays">the

     MyFamily option</a> in all your relays' configuration files.

-    </p>

-

-    <p>

-    8. Decide about rate limiting. Cable modem, DSL, and other users

-    who have asymmetric bandwidth (e.g. more down than up) should

-    rate limit to their slower bandwidth, to avoid congestion. See the <a

-    href="<wikifaq>#LimitBandwidth">rate

-    limiting FAQ entry</a> for details.

-    </p>

-

-    <p>

-    9. Back up your Tor relay's private key (stored in "keys/secret_id_key"

-    in your DataDirectory). This is your relay's "identity," and

-    you need to keep it safe so nobody can read the traffic that goes

-    through your relay. This is the critical file to keep if you need to <a

-    href="<wikifaq>#UpgradeRelay">move

-    or restore your Tor relay</a> if something goes wrong.

-    </p>

-

-    <p>

+    </li>

-    10. If you control the name servers for your domain, consider setting your

+    <li>

+    If you control the name servers for your domain, consider setting your

     reverse DNS hostname to 'anonymous-relay', 'proxy' or 'tor-proxy', so when

     other people see the address in their web logs, they will more quickly

     understand what's going on. Adding the <a

     href="<gitblob>contrib/tor-exit-notice.html">Tor

     exit notice</a> on a vhost for this name can go a long way to deterring abuse

     complaints to you and your ISP if you are running an exit node.

+    </li>

-    </p>

-

-    <p>

-    11. If your computer isn't running a webserver, please consider

+    <li>

+    If your computer isn't running a webserver, please consider

     changing your ORPort to 443 and your DirPort to 80. Many Tor

     users are stuck behind firewalls that only let them browse the

     web, and this change will let them reach your Tor relay. Win32

@@ -230,52 +200,13 @@ that censor their Internet.</dt>

     port forwarding</a> so connections can reach their Tor relay. If you are

     using ports 80 and 443 already but still want to help out, other useful

     ports are 22, 110, and 143.

-    </p>

-

-    <p>

-    12. If your Tor relay provides other services on the same IP address

-    — such as a public webserver — make sure that connections to the

-    webserver are allowed from the local host too. You need to allow these

-    connections because Tor clients will detect that your Tor relay is the <a

-    href="<wikifaq>#ExitEavesdroppers">safest

-    way to reach that webserver</a>, and always build a circuit that ends

-    at your relay. If you don't want to allow the connections, you must

-    explicitly reject them in your exit policy.

-    </p>

-

-    <p>

-    13. (Unix only). Make a separate user to run the relay. If you

-    installed the OS X package or the deb or the rpm, this is already

-    done. Otherwise, you can do it by hand. (The Tor relay doesn't need to

-    be run as root, so it's good practice to not run it as root. Running

-    as a 'tor' user avoids issues with identd and other services that

-    detect user name. If you're the paranoid sort, feel free to <a

-    href="<wiki>doc/TorInChroot">put Tor

-    into a chroot jail</a>.)

-    </p>

-

-    <p>

-    14. (Unix only.) Your operating system probably limits the number

-    of open file descriptors per process to 1024 (or even less). If you

-    plan to be running a fast exit node, this is probably not enough. On

-    Linux, you should add a line like "toruser hard nofile 8192" to your

-    /etc/security/limits.conf file (where toruser is the user that runs the

-    Tor process), and then restart Tor if it's installed as a package (or log

-    out and log back in if you run it yourself). The Debian/Ubuntu package

-    does this step for you.

-    </p>

-

-    <p>

-    15. If you installed Tor via some package or installer, it probably starts

-    Tor for you automatically on boot. But if you installed from source,

-    you may find the initscripts in contrib/tor.sh or contrib/torctl useful.

-    </p>

+    </li>

+    </ol>

     <p>

     When you change your Tor configuration, remember to verify that your

-    relay still works correctly after the change. Be sure to set your

-    "ContactInfo" line in the torrc so we can contact you if you need to

-    upgrade or something goes wrong. If you have problems or questions, see

+    relay still works correctly after the change.

+    If you have problems or questions, see

     the <a href="<page docs/documentation>#Support">Support</a> section or

     <a href="<page about/contact>">contact us</a> on the tor-ops list. Thanks

     for helping to make the Tor network grow!