tor-webwml.git

@@ -1,235 +0,0 @@

-## translation metadata

-# Revision: $Revision$

-

-#include "head.wmi" TITLE="Tor Mac OS X Install Instructions"

-

-<div class="center">

-

-<div class="main-column">

-

-<h1>Running the <a href="<page index>">Tor</a> client on Mac OS X</h1>

-<br />

-

-<p>

-<b>Note that these are the installation instructions for running a Tor client on

-  Mac OS X. If you want to relay traffic for others to help the network

-  grow (please do), read the <a

-  href="<page tor-doc-server>">Configuring a server</a> guide.</b>

-</p>

-

-<hr />

-<a id="installing"></a>

-<h2><a class="anchor" href="#installing">Step One: Download and Install Tor</a></h2>

-<br />

-

-<p>

-The latest stable and experimental releases of Tor for Macintosh

-OS X bundle <a href="<page index>">Tor</a> and <a

-href="http://www.privoxy.org">Privoxy</a> (a filtering web proxy)

-into one package, with Privoxy pre-configured to proxy through Tor.

-<a href="<page download>">Download one from the download

-page</a>.

-</p>

-

-<p>Our Tor installer should make everything pretty simple. Below is a

-screenshot of the setup page:

-</p>

-

-<img alt="tor installer splash page"

-src="http://tor.eff.org/img/screenshot-osx-installer-splash.png"

-border="1">

-

-<p>

-By default, Tor is configured to run at startup.  If you do not want Tor to

-run on startup, you can disable this by selecting "Customize" in the

-Installer, and then un-checking the "Tor Startup Script" box. Be sure to

-leave the other boxes checked.

-</p>

-

-<p>Once the installer is finished and your computer restarts, Tor will

-start automatically.  Tor comes configured as a client by default. It

-uses a built-in default configuration file in <tt>/Library/Tor/torrc</tt>,

-but most people won't need to change any of the settings. Tor is now

-installed.</p>

-

-<p>Privoxy is installed as part of the Tor bundle package

-installer. Privoxy is a filtering web proxy that integrates well with

-Tor. Once it's installed, it will start automatically when your computer

-is restarted.

-</p>

-

-<p>You do not need to configure Privoxy to use Tor. A custom Privoxy

-configuration for Tor has been installed as part of the installer package.

-</p>

-

-<hr />

-<a id="using"></a>

-<h2><a class="anchor" href="#using">Step Two: Configure your applications to use Tor</a></h2>

-<br />

-

-<p>After installing Tor and Privoxy, you need to configure your

-applications to use them. The first step is to set up web browsing.</p>

-

-<p>If you're using Firefox (we recommend it), check out our <a

-href="<page tor-switchproxy>">Tor SwitchProxy howto</a> to set up

-a plugin that makes it easy to switch between using Tor and using a

-direct connection.</p>

-

-<p>Otherwise, you need to manually configure your browser to HTTP proxy

-at localhost port 8118.

-(That's where Privoxy listens.)

-In Mozilla, this is in Mozilla|Preferences|Advanced|Proxies.

-You should set both your Web Proxy (HTTP) and your Secure Web Proxy

-(HTTPS or SSL) to localhost port 8118, to hide your SSL traffic too.

-You should consider configuring your "FTP Proxy" too; see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

-note</a> about Tor and ftp proxies.

-</p>

-

-<p>If you want to use Tor with Safari, you need to change your

-Network Settings. Select your Network Preferences from the Apple |

-Location menu:</p>

-

-<img alt="Network settings"

-src="http://tor.eff.org/img/screenshot-osx-choose-network.png"

-border="1">

-

-<p>Select the Network Interface on which you want to enable Tor. If you use

-more than one Interface you must change the proxy settings for each

-individually.</p>

-

-<img alt="Network preferences"

-src="http://tor.eff.org/img/screenshot-osx-choose-interface.png"

-border="1">

-<p>

-

-<p>Select and enter 127.0.0.1 and port 8118 for both

-Web Proxy (HTTP) and your Secure Web Proxy (HTTPS).

-You should also do this for "FTP Proxy" and "Gopher Proxy"; see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

-note</a> about Tor and ftp proxies. Leave your Use Passive FTP Mode

-(PASV) setting as is.</p>

-

-<img alt="Proxy settings"

-src="http://tor.eff.org/img/screenshot-osx-proxy-settings.png"

-border="1">

-

-<p>Using privoxy is <strong>necessary</strong> because <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">browsers

-leak your

-DNS requests when they use a SOCKS proxy directly</a>, which is bad for

-your anonymity. Privoxy also removes certain dangerous headers from your

-web requests, and blocks obnoxious ad sites like Doubleclick.</p>

-

-<p>To Torify other applications that support HTTP proxies, just

-point them at Privoxy (that is, localhost port 8118). To use SOCKS

-directly (for instant messaging, Jabber, IRC, etc), you can point

-your application directly at Tor (localhost port 9050), but see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">this

-FAQ entry</a> for why this may be dangerous. For applications

-that support neither SOCKS nor HTTP, take a look at <a

-href="http://www.taiyo.co.jp/~gotoh/ssh/connect.html">connect</a> or

-<a href="http://www.dest-unreach.org/socat/">socat</a>.</p>

-

-<p>For information on how to Torify other applications, check out the

-<a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">Torify

-HOWTO</a>.

-</p>

-

-<hr />

-<a id="verify"></a>

-<h2><a class="anchor" href="#verify">Step Three: Make sure it's working</a></h2>

-<br />

-

-<p>

-Next, you should try using your browser with Tor and make

-sure that your IP address is being anonymized. Click on the <a

-href="http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1">Tor

-detector</a> and see whether it thinks you're using Tor or not.

-(If that site is down, see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate">this

-FAQ entry</a> for more suggestions on how to test your Tor.)

-</p>

-

-<p>If you have a personal firewall that limits your computer's

-ability to connect to itself, be sure to allow connections from

-your local applications to local port 8118 and port 9050. If

-your firewall blocks outgoing connections, punch a hole so

-it can connect to at least TCP ports 80 and 443, and then see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FirewalledClient">this

-FAQ entry</a>.

-</p>

-

-<p>If it's still not working, look at <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork">this

-FAQ entry</a> for hints.</p>

-

-<hr />

-<a id="server"></a>

-<h2><a class="anchor" href="#server">Step Four: Configure it as a server</a></h2>

-<br />

-

-<p>The Tor network relies on volunteers to donate bandwidth. The more

-people who run servers, the faster the Tor network will be. If you have

-at least 20 kilobytes/s each way, please help out Tor by configuring your

-Tor to be a server too. We have many features that make Tor servers easy

-and convenient, including rate limiting for bandwidth, exit policies so

-you can limit your exposure to abuse complaints, and support for dynamic

-IP addresses.</p>

-

-<p>Having servers in many different places on the Internet is what

-makes Tor users secure. <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

-may also get stronger anonymity yourself</a>,

-since remote sites can't know whether connections originated at your

-computer or were relayed from others.</p>

-

-<p>Read more at our <a href="<page tor-doc-server>">Configuring a server</a>

-guide.</p>

-

-<hr />

-<a id="uninstall"></a>

-<h2><a class="anchor" href="#uninstall">How To Uninstall Tor and Privoxy</a></h2>

-<br />

-

-<p>The Tor 0.1.0.x series does not come with an uninstaller; this feature

-  will be added in the 0.1.1.x series.  If you want to remove Tor on OSX,

-  here's how:</p>

-

-<p>Change your application proxy settings back to their original values.

-   If you just want to stop using Tor, you can end at this point.</p>

-

-<p>To stop Tor and Privoxy from running on startup</b>, remove the

-   /Library/StartupItems/Tor and /Library/StartupItems/Privoxy directories

-   respectively. If you just want to stop Tor from running, you can end at this

-   point.</p>

-

-<p>To erase all remaining Tor and Privoxy files from your computer, delete

-  the following:

-   <ul>

-   <li>/Library/Tor</li>

-   <li>/Library/Privoxy</li>

-   <li>/usr/bin/tor</li>

-   <li>/usr/bin/tor_resolve</li>

-   <li>/var/log/tor</li>

-   <li>/usr/share/man/man1/tor.1</li>

-   <li>/usr/share/man/man1/tor-resolve.1</li>

-   <li>/usr/share/man/man1/torify.1</li>

-   <li>/Library/Receipts/Privoxy.pkg/</li>

-   <li>/Library/Receipts/privoxyconf.pkg/</li>

-   <li>/Library/Receipts/Tor.pkg/</li>

-   <li>/Library/Receipts/torstartup.pkg/</li>

-  </ul>

-</p>

-

-<hr />

-

-<p>If you have suggestions for improving this document, please post

-them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

-website category. Thanks!</p>

-

-  </div><!-- #main -->

-</div>

-

-#include <foot.wmi>

-

@@ -1,314 +0,0 @@

-## translation metadata

-# Revision: $Revision$

-

-#include "head.wmi" TITLE="Tor Server Configuration Instructions"

-

-<div class="center">

-

-<div class="main-column">

-

-<h1>Configuring a <a href="<page index>">Tor</a> server</h1>

-<br />

-

-<p>

-The Tor network relies on volunteers to donate bandwidth. The more

-people who run servers, the faster the Tor network will be. If you have

-at least 20 kilobytes/s each way, please help out Tor by configuring your

-Tor to be a server too. We have many features that make Tor servers easy

-and convenient, including rate limiting for bandwidth, exit policies so

-you can limit your exposure to abuse complaints, and support for dynamic

-IP addresses.</p>

-

-<p>Having servers in many different places on the Internet is what

-makes Tor users secure. <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

-may also get stronger anonymity yourself</a>,

-since remote sites can't know whether connections originated at your

-computer or were relayed from others.</p>

-

-<p>Setting up a Tor server is easy and convenient:

-<ul>

-<li>Tor has built-in support for <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#LimitBandwidth">rate

-limiting</a>. Further, if you have a fast link

-but want to limit the number of bytes per day

-(or week or month) that you donate, check out the <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#Hibernation">hibernation

-feature</a>.

-</li>

-<li>Each Tor server has an <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#RunAServerBut">exit

-policy</a> that specifies what sort of outbound connections are allowed

-or refused from that server. If you are uncomfortable allowing people

-to exit from your server, you can set it up to only allow connections

-to other Tor servers.

-</li>

-<li>It's fine if the server goes offline sometimes. The directories

-notice this quickly and stop advertising the server. Just try to make

-sure it's not too often, since connections using the server when it

-disconnects will break.

-</li>

-<li>We can handle servers with dynamic IPs just fine, as long as the

-server itself knows its IP. Have a look at this

-<a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#DynamicIP">

-entry in the FAQ</a>.

-</li>

-<li>If your server is behind a NAT and it doesn't know its public

-IP (e.g. it has an IP of 192.168.x.y), you'll need to set up port

-forwarding. Forwarding TCP connections is system dependent but <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerForFirewalledCli

-ents">this FAQ entry</a> offers some examples on how to do this.

-</li>

-<li>Your server will passively estimate and advertise its recent

-bandwidth capacity, so high-bandwidth servers will attract more users than

-low-bandwidth ones. Therefore having low-bandwidth servers is useful too.

-</li>

-</ul>

-

-<p>You can run a Tor server on

-pretty much any operating system, but see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerOS">this

-FAQ entry</a> for advice about which ones work best and other problems

-you might encounter.</p>

-

-<hr />

-<a id="zero"></a>

-<h2><a class="anchor" href="#zero">Step Zero: Download and Install Tor</a></h2>

-<br />

-

-<p>Before you start, you need to make sure that Tor is up and running.

-</p>

-

-<p>For Windows users, this means at least <a

-href="<page tor-doc-win32>#installing">step one</a>

-of the Windows Tor installation howto. Mac OS X users need to do at least

-<a href="<page tor-doc-osx>#installing">step one</a>

-of OS X Tor installation howto.  Linux/BSD/Unix users should do at least

-<a href="<page tor-doc-unix>#installing">step one</a>

-of the Unix Tor installation howto.

-</p>

-

-<p>If it's convenient, you might also want to use it as a client for a

-while to make sure it's actually working.</p>

-

-<hr />

-<a id="one"></a>

-<h2><a class="anchor" href="#one">Step One: Set it up as a server</a></h2>

-<br />

-

-<p>

-1. Verify that your clock is set correctly. If possible, synchronize

-your clock with public time servers. 

-</p>

-

-<p>

-2. Make sure name resolution works (that is, your computer can resolve addresses correctly).

-</p>

-

-<p>

-3. Edit the bottom part of your torrc. (See <a

-href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#torrc">this

-FAQ entry</a> for help.)

-Make sure to define at least Nickname and ORPort. Create the DataDirectory

-if necessary, and make sure it's owned by the user that will be running

-tor. <em>If you want to run more than one server that's great, but

-please set <a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#MultipleServers">the

-MyFamily option</a> in all your servers' configuration files.</em>

-</p>

-

-<p>

-4. If you are using a firewall, open a hole in your firewall so

-incoming connections can reach the ports you configured (ORPort, plus

-DirPort if you enabled it). Make sure you allow all outgoing connections,

-so your server can reach the other Tor servers.

-</p>

-

-<p>

-5. Start your server: if you installed from source you can just

-run <tt>tor</tt>, whereas packages typically launch Tor from their

-initscripts or startup scripts. If it logs any warnings, address them. (By

-default Tor logs to stdout, but some packages log to <tt>/var/log/tor/</tt>

-instead. You can edit your torrc to configure log locations.)

-</p>

-

-<p>

-6. Subscribe to the <a

-href="http://archives.seul.org/or/announce/">or-announce</a>

-mailing list. It is very low volume, and it will keep you informed

-of new stable releases. You might also consider subscribing to <a

-href="http://archives.seul.org/or/talk/">or-talk</a> (higher volume),

-where new development releases are announced.

-</p>

-

-<p>

-7. Have a look at the manual.

-The <a href="<page tor-manual>">manual</a> for the

-latest stable version provides detailed instructions for how to install

-and use Tor, including configuration of client and server options.

-If you are running the CVS version the manual is available

-<a href="<page tor-manual-cvs>">here</a>.

-</p>

-

-<p>

-8. Read

-<a href="http://wiki.noreply.org/noreply/TheOnionRouter/OperationalSecurity">this document</a>

-to get ideas how you can increase the security of your server.

-<hr />

-<a id="two"></a>

-<h2><a class="anchor" href="#two">Step Two: Make sure it's working</a></h2>

-<br />

-

-<p>As soon as your server manages to connect to the network, it will

-try to determine whether the ports you configured are reachable from

-the outside. This may take up to 20 minutes. Look for a log entry like

-<tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt>

-If you don't see this message, it means that your server is not reachable

-from the outside — you should re-check your firewalls, check that it's

-testing the IP and port you think it should be testing, etc.

-</p>

-

-<p>When it decides that it's reachable, it will upload a "server

-descriptor" to the directories. This will let clients know

-what address, ports, keys, etc your server is using. You can <a

-href="http://belegost.seul.org/">load the directory manually</a> and

-look through it to find the nickname you configured, to make sure it's

-there. You may need to wait a few seconds to give enough time for it to

-make a fresh directory.</p>

-

-<hr />

-<a id="three"></a>

-<h2><a class="anchor" href="#three">Step Three: Register your nickname</a></h2>

-<br />

-

-<p>

-Once you are convinced it's working (after a day or two maybe), you should

-register your server.

-This reserves your nickname so nobody else can take it, and lets us

-contact you if you need to upgrade or something goes wrong.

-</p>

-

-<p>

-Send mail to <a

-href="mailto:tor-ops@freehaven.net">tor-ops@freehaven.net</a> with a

-subject of '[New Server] <your server's nickname>' and

-include the following information in the message:

-</p>

-<ul>

-<li>Your server's nickname</li>

-<li>The fingerprint for your server's key (the contents of the

-"fingerprint" file in your DataDirectory — on Windows, look in

-\<i>username</i>\Application&nbsp;Data\tor\ or \Application&nbsp;Data\tor\;

-on OS X, look in /Library/Tor/var/lib/tor/; and on Linux/BSD/Unix,

-look in /var/lib/tor or ~/.tor)

-</li>

-<li>Who you are, so we know whom to contact if a problem arises</li>

-<li>What kind of connectivity the new server will have</li>

-</ul>

-

-<hr />

-<a id="four"></a>

-<h2><a class="anchor" href="#four">Step Four: Once it's working</a></h2>

-<br />

-

-<p>

-We recommend the following steps as well:

-</p>

-

-<p>

-6. Decide what exit policy you want. By default your server allows

-access to many popular services, but we restrict some (such as port 25)

-due to abuse potential. You might want an exit policy that is

-less restrictive or more restrictive; edit your torrc appropriately.

-Read the FAQ entry on <a

-href="<page faq-abuse>#TypicalAbuses">issues you might

-encounter if you use the default exit policy</a>.

-If you choose a particularly open exit policy, you should make

-sure your ISP is ok with that choice.

-</p>

-

-<p>

-7. Decide about rate limiting. Cable modem, DSL, and other users

-who have asymmetric bandwidth (e.g. more down than up) should

-rate limit to their slower bandwidth, to avoid congestion. See the <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#LimitBandwidth">rate

-limiting FAQ entry</a> for details.

-</p>

-

-<p>

-8. If you control the name servers for your domain, consider setting

-your hostname to 'anonymous' or 'proxy' or 'tor-proxy', so when other

-people see the address in their web logs, they will more quickly

-understand what's going on.

-</p>

-

-<p>

-9. If your computer isn't running a webserver, please consider

-changing your ORPort to 443 and your DirPort to 80. Many Tor

-users are stuck behind firewalls that only let them browse the

-web, and this change will let them reach your Tor server. Win32

-servers can simply change their ORPort and DirPort directly

-in their torrc and restart Tor. OS X or Unix servers can't bind

-directly to these ports (since they don't run as root), so they will

-need to set up some sort of <a

-href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#ServerForFirewalledClients">

-port forwarding</a> so connections can reach their Tor server. If you are

-using ports 80 and 443 already but still want to help out, other useful

-ports are 22, 110, and 143.

-</p>

-

-<p>

-10. If your Tor server provides other services on the same IP address

-— such as a public webserver — make sure that connections to the

-webserver are allowed from the local host too. You need to allow these

-connections because Tor clients will detect that your Tor server is the <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">safest

-way to reach that webserver</a>, and always build a circuit that ends

-at your server. If you don't want to allow the connections, you must

-explicitly reject them in your exit policy.

-</p>

-

-<p>

-11. (Unix only). Make a separate user to run the server. If you

-installed the OS X package or the deb or the rpm, this is already

-done. Otherwise, you can do it by hand. (The Tor server doesn't need to

-be run as root, so it's good practice to not run it as root. Running

-as a 'tor' user avoids issues with identd and other services that

-detect user name. If you're the paranoid sort, feel free to <a

-href="http://wiki.noreply.org/wiki/TheOnionRouter/TorInChroot">put Tor

-into a chroot jail</a>.)

-</p>

-

-<p>

-12. (Unix only.) Your operating system probably limits the number

-of open file descriptors per process to 1024 (or even less). If you

-plan to be running a fast exit node, this is probably not enough. On

-Linux, you should add a line like "toruser hard nofile 8192" to your

-/etc/security/limits.conf file (where toruser is the user that runs the

-Tor process), and then restart Tor if it's installed as a package (or log

-out and log back in if you run it yourself). If that doesn't work, see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FileDescriptors">this

-FAQ entry</a> for other suggested ways to run "ulimit -n 8192" before

-you launch Tor.

-</p>

-

-<p>

-13. If you installed Tor via some package or installer, it probably starts

-Tor for you automatically on boot. But if you installed from source,

-you may find the initscripts in contrib/tor.sh or contrib/torctl useful.

-</p>

-

-When you change your Tor configuration, be sure to restart Tor, and

-remember to verify that your server still works correctly after the

-change.

-

-<hr />

-

-<p>If you have suggestions for improving this document, please post

-them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

-website category. Thanks!</p>

-

-  </div><!-- #main -->

-</div>

-

-#include <foot.wmi>

-

@@ -1,191 +0,0 @@

-## translation metadata

-# Revision: $Revision$

-

-#include "head.wmi" TITLE="Tor Linux/BSD/Unix Install Instructions"

-

-<div class="center">

-

-<div class="main-column">

-

-<h1>Running the <a href="<page index>">Tor</a> client on Linux/BSD/Unix</h1>

-<br />

-

-<p>

-<b>Note that these are the installation instructions for running a Tor

-client. If you want to relay traffic for others to help the network grow

-(please do), read the <a

-href="<page tor-doc-server>">Configuring a server</a> guide.</b>

-</p>

-

-<hr />

-<a id="installing"></a>

-<h2><a class="anchor" href="#installing">Step One: Download and Install Tor</a></h2>

-<br />

-

-<p>

-The latest release of Tor can be found on the <a

-href="<page download>">download</a> page. We have packages for Debian,

-Red Hat, Gentoo, *BSD, etc there too.

-</p>

-

-<p>If you're building from source, first install <a

-href="http://www.monkey.org/~provos/libevent/">libevent</a>, and

-make sure you have openssl and zlib (including the -devel packages if

-applicable). Then Run <tt>tar xzf tor-0.1.0.15.tar.gz;

-cd tor-0.1.0.15</tt>. Then <tt>./configure &amp;&amp; make</tt>. Now you

-can run tor as <tt>src/or/tor</tt>, or you can run <tt>make install</tt>

-(as root if necessary) to install it into /usr/local/, and then you can

-start it just by running <tt>tor</tt>.

-</p>

-

-<p>Tor comes configured as a client by default. It uses a built-in

-default configuration file, and most people won't need to change any of

-the settings. Tor is now installed.

-</p>

-

-<hr />

-<a id="privoxy"></a>

-<h2><a class="anchor" href="#privoxy">Step Two: Install Privoxy for Web Browsing</a></h2>

-<br />

-

-<p>After installing Tor, you need to configure your applications to use it.

-</p>

-

-<p>

-The first step is to set up web browsing. Start by installing <a

-href="http://www.privoxy.org/">Privoxy</a>: click on 'recent releases'

-and pick your favorite package or install from source. Privoxy is a

-filtering web proxy that integrates well with Tor.

-</p>

-

-<p>You need to configure Privoxy to use Tor.

-Open Privoxy's "config" file (look in /etc/privoxy/ or /usr/local/etc/)

-and add the line <br>

-<tt>forward-socks4a / localhost:9050 .</tt><br>

-to the top of the config file. Don't forget to add the dot at the end.

-</p>

-

-<p>Privoxy keeps a log file of everything passed through it.  In

-order to stop this you will need to comment out two lines by inserting a

-# before the line. The two lines are:<br>

-<tt>logfile logfile</tt><br>

-and the line <br>

-<tt>jarfile jarfile</tt><br>

-</p>

-

-<p>You'll need to restart Privoxy for the changes to take effect.</p>

-

-<hr />

-<a id="using"></a>

-<h2><a class="anchor" href="#using">Step Three: Configure your applications to use Tor</a></h2>

-<br />

-

-<p>After installing Tor and Privoxy, you need to configure your

-applications to use them. The first step is to set up web browsing.</p>

-

-<p>If you're using Firefox (we recommend it), check out our <a

-href="<page tor-switchproxy>">Tor SwitchProxy howto</a> to set up

-a plugin that makes it easy to switch between using Tor and using a

-direct connection.</p>

-

-<p>Otherwise, you need to manually configure your browser to HTTP proxy

-at localhost port 8118.

-(That's where Privoxy listens.)

-In Mozilla, this is in Edit|Preferences|Advanced|Proxies.

-In Opera 7.5x it's Tools|Preferences|Network|Proxy servers.

-You should click the "use the same proxy server for all protocols"

-button; but see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

-note</a> about Tor and ftp proxies.

-

-<p>Using privoxy is <strong>necessary</strong> because <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">browsers

-leak your DNS requests when they use a SOCKS proxy directly</a>, which

-is bad for your anonymity. Privoxy also removes certain dangerous

-headers from your web requests, and blocks obnoxious ad sites like

-Doubleclick.</p>

-

-<p>To Torify other applications that support HTTP proxies, just

-point them at Privoxy (that is, localhost port 8118). To use SOCKS

-directly (for instant messaging, Jabber, IRC, etc), you can point

-your application directly at Tor (localhost port 9050), but see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">this

-FAQ entry</a> for why this may be dangerous. For applications

-that support neither SOCKS nor HTTP, take a look at <a

-href="http://tsocks.sourceforge.net/">tsocks</a> or <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO#socat">socat</a>.

-</p>

-

-<p>For information on how to Torify other applications, check out the

-<a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">Torify

-HOWTO</a>.

-</p>

-

-<hr />

-<a id="verify"></a>

-<h2><a class="anchor" href="#verify">Step Four: Make sure it's working</a></h2>

-<br />

-

-<p>

-Next, you should try using your browser with Tor and make

-sure that your IP address is being anonymized. Click on the <a

-href="http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1">Tor

-detector</a> and see whether it thinks you're using Tor or not.

-(If that site is down, see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate">this

-FAQ entry</a> for more suggestions on how to test your Tor.)

-</p>

-

-<p>If you have a personal firewall that limits your computer's

-ability to connect to itself (this includes something like SELinux on

-Fedora Core 4), be sure to allow connections from

-your local applications to Privoxy (local port 8118) and Tor (local port

-9050). If

-your firewall blocks outgoing connections, punch a hole so

-it can connect to at least TCP ports 80 and 443, and then see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FirewalledClient">this

-FAQ entry</a>.  If your SELinux config is not allowing tor or privoxy to

-run correctly, create a file named booleans.local in the directory

-/etc/selinux/targeted.  Edit this file in your favorite text editor and

-insert "allow_ypbind=1".  Restart your machine for this change to take

-effect.

-</p>

-

-<p>If it's still not working, look at <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork">this

-FAQ entry</a> for hints.</p>

-

-<hr />

-<a id="server"></a>

-<h2><a class="anchor" href="#server">Step Five: Configure it as a server</a></h2>

-<br />

-

-<p>The Tor network relies on volunteers to donate bandwidth. The more

-people who run servers, the faster the Tor network will be. If you have

-at least 20 kilobytes/s each way, please help out Tor by configuring your

-Tor to be a server too. We have many features that make Tor servers easy

-and convenient, including rate limiting for bandwidth, exit policies so

-you can limit your exposure to abuse complaints, and support for dynamic

-IP addresses.</p>

-

-<p>Having servers in many different places on the Internet is what

-makes Tor users secure. <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

-may also get stronger anonymity yourself</a>,

-since remote sites can't know whether connections originated at your

-computer or were relayed from others.</p>

-

-<p>Read more at our <a href="<page tor-doc-server>">Configuring a server</a>

-guide.</p>

-

-<hr />

-

-<p>If you have suggestions for improving this document, please post

-them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

-website category. Thanks!</p>

-

-  </div><!-- #main -->

-</div>

-

-#include <foot.wmi>

-

@@ -1,191 +0,0 @@

-## translation metadata

-# Revision: $Revision$

-

-#include "head.wmi" TITLE="Tor MS Windows Install Instructions"

-

-<div class="center">

-

-<div class="main-column">

-

-<h1>Running the <a href="<page index>">Tor</a> client on MS Windows</h1>

-<br />

-

-<p>

-<b>Note that these are the installation instructions for running a Tor

-client on MS Windows (98, 98SE, NT4, 2000, XP, Server).

-If you want to relay traffic for others to help the network grow (please

-do), read the <a href="<page tor-doc-server>">Configuring a server</a>

-guide.</b>

-</p>

-

-<hr />

-<a id="installing"></a>

-<h2><a class="anchor" href="#installing">Step One: Download and Install Tor</a></h2>

-<br />

-

-<p>

-The install for MS Windows bundles <a href="<page index>">Tor</a>,

-<a href="http://www.freehaven.net/~edmanm/torcp/">TorCP</a>

-(a Tor controller that lets you monitor and control Tor), and <a

-href="http://www.privoxy.org">Privoxy</a> (a filtering web proxy) into

-one package, with the three applications pre-configured to work together.

-<a href="<page download>">Download either the stable or

-the experimental version from the download page</a>.

-</p>

-

-<p>

-<b>If you want to configure yourself to be a Tor server via TorCP,

-you will need the experimental version of the bundle.</b>

-</p>

-

-<p>If the bundles don't work for you, you can download Tor by itself

-from the <a href="<page download>">download page</a>, and then <a

-href="<page tor-doc-unix>#privoxy">install

-and configure Privoxy on your own</a>.

-</p>

-

-<img alt="tor installer splash page"

-src="http://tor.eff.org/img/screenshot-win32-installer-splash.png" />

-

-<p>If you have previously installed Tor, TorCP, or Privoxy

-you can deselect whichever components you do not need to install

-in the dialog shown below.

-</p>

-

-<img alt="select components to install"

-src="http://tor.eff.org/img/screenshot-win32-installer-components.png" />

-

-<p>After you have completed the installer, the components

-you selected will automatically be started for you.

-</p>

-

-<!--

-<p>Tor comes configured as a client by default. It uses a built-in

-default configuration file, and most people won't need to change any of

-the settings. Tor is now installed.

-</p>

--->

-

-<hr />

-<a id="using"></a>

-<h2><a class="anchor" href="#using">Step Two: Configure your applications to use Tor</a></h2>

-<br />

-

-<p>After installing Tor and Privoxy, you need to configure your

-applications to use them. The first step is to set up web browsing.</p>

-

-<p>If you're using Firefox (we recommend it), check out our <a

-href="<page tor-switchproxy>">Tor SwitchProxy howto</a> to set up

-a plugin that makes it easy to switch between using Tor and using a

-direct connection.</p>

-

-<p>Otherwise, you need to manually configure your browser to HTTP proxy

-at localhost port 8118.

-(That's where Privoxy listens.)

-In Mozilla, this is in Edit|Preferences|Advanced|Proxies.

-In Opera 7.5x it's Tools|Preferences|Network|Proxy servers.

-In IE, it's Tools|Internet Options|Connections|LAN Settings|Advanced.

-You should click the "use the same proxy server for all protocols"

-button; but see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

-note</a> about Tor and ftp proxies.

-In IE, this looks something like:</p>

-

-<img alt="Proxy settings in IE"

-src="http://tor.eff.org/img/screenshot-win32-ie-proxies.jpg" />

-

-<p>Using Privoxy is <strong>necessary</strong> because <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">browsers

-leak your DNS requests when they use a SOCKS proxy directly</a>, which

-is bad for your anonymity. Privoxy also removes certain dangerous

-headers from your web requests, and blocks obnoxious ad sites like

-Doubleclick.</p>

-

-<p>To Torify other applications that support HTTP proxies, just

-point them at Privoxy (that is, localhost port 8118). To use SOCKS

-directly (for instant messaging, Jabber, IRC, etc), you can point

-your application directly at Tor (localhost port 9050), but see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">this

-FAQ entry</a> for why this may be dangerous. For applications

-that support neither SOCKS nor HTTP, take a look at <a

-href="http://www.socks.permeo.com/Download/SocksCapDownload/index.asp">SocksCap</a> or

-<a href="http://www.freecap.ru/eng/">FreeCap</a>.

-(FreeCap is free software; SocksCap is proprietary.)</p>

-

-<p>For information on how to Torify other applications, check out the

-<a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">Torify

-HOWTO</a>.

-</p>

-

-<hr />

-<a id="verify"></a>

-<h2><a class="anchor" href="#verify">Step Three: Make sure it's working</a></h2>

-<br />

-

-<p>

-Check to see that Privoxy and TorCP are running and that TorCP has

-successfully started Tor. Privoxy's icon is a green or blue circle with a "P"

-in it, and TorCP uses a fat grey onion with a green checkmark in your

-system notification area, as shown below:

-</p>

-

-<img alt="TorCP Tray Icon"

-src="http://tor.eff.org/img/screenshot-win32-torcp.png">

-

-<p>

-Next, you should try using your browser with Tor and make

-sure that your IP address is being anonymized. Click on the <a

-href="http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1">Tor

-detector</a> and see whether it thinks you're using Tor or not.

-(If that site is down, see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate">this

-FAQ entry</a> for more suggestions on how to test your Tor.)

-</p>

-

-<p>If you have a personal firewall that limits your computer's

-ability to connect to itself, be sure to allow connections from

-your local applications to local port 8118 and port 9050. If

-your firewall blocks outgoing connections, punch a hole so

-it can connect to at least TCP ports 80 and 443, and then see <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FirewalledClient">this

-FAQ entry</a>.

-</p>

-

-<p>If it's still not working, look at <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork">this

-FAQ entry</a> for hints.</p>

-

-<hr />

-<a id="server"></a>

-<h2><a class="anchor" href="#server">Step Four: Configure it as a server</a></h2>

-<br />

-

-<p>The Tor network relies on volunteers to donate bandwidth. The more

-people who run servers, the faster the Tor network will be. If you have

-at least 20 kilobytes/s each way, please help out Tor by configuring your

-Tor to be a server too. We have many features that make Tor servers easy

-and convenient, including rate limiting for bandwidth, exit policies so

-you can limit your exposure to abuse complaints, and support for dynamic

-IP addresses.</p>

-

-<p>Having servers in many different places on the Internet is what

-makes Tor users secure. <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

-may also get stronger anonymity yourself</a>,

-since remote sites can't know whether connections originated at your

-computer or were relayed from others.</p>

-

-<p>Read more at our <a href="<page tor-doc-server>">Configuring a server</a>

-guide.</p>

-

-<hr />

-

-<p>If you have suggestions for improving this document, please post

-them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

-website category. Thanks!</p>

-

-  </div><!-- #main -->

-</div>

-

-#include <foot.wmi>

-

@@ -1,158 +0,0 @@

-## translation metadata

-# Revision: $Revision$

-

-#include "head.wmi" TITLE="Tor SwitchProxy Install Instructions"

-

-<div class="center">

-

-<div class="main-column">

-

-<h1>Installing SwitchProxy for <a href="<page index>">Tor</a></h1>

-<hr />

-

-<p>

-SwitchProxy is a Firefox plugin that makes it easy for you to switch

-between using a proxy and connecting to websites directly.</p>

-

-<p>In this howto, you'll set up SwitchProxy to let you change

-between using Tor and a direct connection. We assume you already

-have Firefox installed and working.</p>

-

-<p>The screenshots here are oriented towards Windows users, but

-SwitchProxy works anywhere Firefox works. Hopefully everybody else can

-follow along just fine.</p>

-

-<hr />

-<a id="zero"></a>

-<h2><a class="anchor" href="#zero">Step Zero: Download and Install Tor and Privoxy</a></h2>

-<br />

-

-<p>Before you start, you need to make sure 1) Tor is up and running,

-2) Privoxy is up and running, and 3) Privoxy is configured to point

-to Tor.</p>

-

-<p>Windows users need to do <a

-href="<page tor-doc-win32>#installing">step one</a>

-of the Windows Tor installation howto, and Mac OS X users need to do <a

-href="<page tor-doc-osx>#installing">step one</a>

-of OS X Tor installation howto, since our Win32 and OS X packages include

-Privoxy and configure it already. Linux/BSD/Unix users should do <a

-href="<page tor-doc-unix>#installing">step one</a>

-and <a href="<page tor-doc-unix>#privoxy">step

-two</a> of the Unix Tor installation howto.

-</p>

-

-<hr />

-<a id="one"></a>

-<h2><a class="anchor" href="#one">Step One: Download and Install SwitchProxy</a></h2>

-<br />

-

-<p>SwitchProxy is a Firefox plugin, so you need to go through

-the process of installing a new plugin. First, go to the <a

-href="https://addons.mozilla.org/extensions/moreinfo.php?application=firefox&id=125">

-SwitchProxy</a> web page. If you're using Firefox 1.5, you might need to 

-download SwitchProxy <a href="http://www.roundtwo.com/product/switchproxy">from

-here</a> instead.

-Turn on JavaScript for now and click "Install Now":</p>

-

-<img alt="switchproxy web page"

-src="http://tor.eff.org/img/screenshot-switchproxy-webpage.jpg" />

-

-<p>It will pop up a window asking for permission to install the plugin.

-Click on the "Install Now" button:

-</p>

-

-<img alt="firefox plugin warning"

-src="http://tor.eff.org/img/screenshot-switchproxy-plugin-starting.jpg" />

-

-<p>Once the installer is finished, you should close all of your Firefox

-windows and restart Firefox.</p>

-

-<img alt="firefox plugin finished"

-src="http://tor.eff.org/img/screenshot-switchproxy-plugin-finished.jpg" />

-

-<hr />

-<a id="two"></a>

-<h2><a class="anchor" href="#two">Step Two: Configure SwitchProxy</a></h2>

-<br />

-

-<p>When you restart Firefox, you'll notice there's a new toolbar

-that lets you control your proxies. Now we're going to set up a proxy

-configuration for Tor. Click on "Add" in the new Proxy toolbar:</p>

-

-<img alt="new toolbar"

-src="http://tor.eff.org/img/screenshot-switchproxy-toolbar.jpg" />

-

-<p>It will ask you to select a proxy type. Choose

-"Standard." (There's also an "anonymous" proxy type that

-uses an ad hoc set of anonymous proxies out there. You

-don't want this, because those other "anonymous" proxies <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ComparisonProxyAggregators">give

-you much weaker security than Tor</a>.)

-</p>

-

-<img alt="standard proxy"

-src="http://tor.eff.org/img/screenshot-switchproxy-proxytype.jpg" />

-

-<p>Now it will show you the standard proxy config window for Firefox.

-Give this configuration a proxy label of "tor". Then fill in "localhost"

-and "8118" for all four entries, as shown here. (Even

-though Privoxy doesn't support FTP and Gopher, <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">you

-should set them up anyway</a>.) Then click "OK":</p>

-

-<img alt="proxy config"

-src="http://tor.eff.org/img/screenshot-switchproxy-proxyconfig.jpg" />

-

-<p>Now you've created the "tor" proxy label, but you're not using it yet.

-Click on the pull-down list and select tor, as shown here:</p>

-

-<img alt="switch to tor"

-src="http://tor.eff.org/img/screenshot-switchproxy-switch.jpg" />

-

-<p>Almost done. Click "Apply" to make your change take effect:</p>

-

-<img alt="apply"

-src="http://tor.eff.org/img/screenshot-switchproxy-apply.jpg" />

-

-<p>Done! Firefox will reload your current page. In

-this example screenshot, it reloaded the page and <a

-href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#GoogleLanguage">happened

-to get a German exit node</a>:</p>

-

-<img alt="german google"

-src="http://tor.eff.org/img/screenshot-switchproxy-german.jpg" />

-

-<hr />

-<a id="three"></a>

-<h2><a class="anchor" href="#three">Step Step Three: Check if it works</a></h2>

-<br />

-

-<p>Now Firefox is using Privoxy as an HTTP proxy, Privoxy is using Tor as

-a socks4a proxy, and Tor is making your connections to the Internet.</p>

-

-<p>In the above example, it was clear that it worked because the web

-page showed up in a different language. In other cases, though,

-you'll want to verify that your setup is working. Do

-<a href="<page tor-doc-win32>#verify">step three</a>

-of the Windows Tor installation howto, or

-<a href="<page tor-doc-osx>#verify">step three</a>

-of the OS X Tor installation howto.</p>

-

-<p>You should be aware of one anonymity gotcha: when you switch from

-using Tor to a direct connection (or vice versa), by default the page

-that's currently active will be reloaded through the new proxy setting.

-So make sure you're on a page that isn't sensitive, before switching.

-(You can also change this behavior in SwitchProxy's "Options |

-Preferences" menu.)</p>

-

-<hr />

-

-<p>If you have suggestions for improving this document, please <a

-href="/contact">send them to us</a>. Thanks!</p>

-

-  </div><!-- #main -->

-</div>

-

-#include <foot.wmi>

-