| blob | 69012dd940d89bcf3f4c4bcb489317db805ff8ef |
1 ## Configuration file for a typical Tor user
2 ## Last updated 22 December 2007 for Tor 0.2.0.14-alpha.
3 ## (May or may not work for much older or much newer versions of Tor.)
4 ##
5 ## Lines that begin with "## " try to explain what's going on. Lines
6 ## that begin with just "#" are disabled commands: you can enable them
7 ## by removing the "#" symbol.
8 ##
9 ## See the man page, or https://www.torproject.org/tor-manual-dev.html,
10 ## for more options you can use in this file.
11 ##
12 ## Tor will look for this file in various places based on your platform:
13 ## http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#torrc
16 ## Replace this with "SocksPort 0" if you plan to run Tor only as a
17 ## server, and not make any local application connections yourself.
18 SocksPort 9050 # what port to open for local application connections
19 SocksListenAddress 127.0.0.1 # accept connections only from localhost
20 #SocksListenAddress 192.168.0.1:9100 # listen on this IP:port also
22 ## Entry policies to allow/deny SOCKS requests based on IP address.
23 ## First entry that matches wins. If no SocksPolicy is set, we accept
24 ## all (and only) requests from SocksListenAddress.
25 #SocksPolicy accept 192.168.0.0/16
26 #SocksPolicy reject *
28 ## Logs go to stdout at level "notice" unless redirected by something
29 ## else, like one of the below lines. You can have as many Log lines as
30 ## you want.
31 ##
32 ## We advise using "notice" in most cases, since anything more verbose
33 ## may provide sensitive information to an attacker who obtains the logs.
34 ##
35 ## Send all messages of level 'notice' or higher to @LOCALSTATEDIR@/log/tor/notices.log
36 #Log notice file @LOCALSTATEDIR@/log/tor/notices.log
37 ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
38 #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
39 ## Use the system log instead of Tor's logfiles
40 #Log notice syslog
41 ## To send all messages to stderr:
42 #Log debug stderr
44 ## Uncomment this to start the process in the background... or use
45 ## --runasdaemon 1 on the command line. This is ignored on Windows;
46 ## see the FAQ entry if you want Tor to run as an NT service.
47 #RunAsDaemon 1
49 ## The directory for keeping all the keys/etc. By default, we store
50 ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
51 #DataDirectory @LOCALSTATEDIR@/lib/tor
53 ## The port on which Tor will listen for local connections from Tor
54 ## controller applications, as documented in control-spec.txt.
55 #ControlPort 9051
57 ############### This section is just for location-hidden services ###
59 ## Once you have configured a hidden service, you can look at the
60 ## contents of the file ".../hidden_service/hostname" for the address
61 ## to tell people.
62 ##
63 ## HiddenServicePort x y:z says to redirect requests on port x to the
64 ## address y:z.
66 #HiddenServiceDir @LOCALSTATEDIR@/lib/tor/hidden_service/
67 #HiddenServicePort 80 127.0.0.1:80
69 #HiddenServiceDir @LOCALSTATEDIR@/lib/tor/other_hidden_service/
70 #HiddenServicePort 80 127.0.0.1:80
71 #HiddenServicePort 22 127.0.0.1:22
73 ################ This section is just for relays #####################
74 #
75 ## See https://www.torproject.org/docs/tor-doc-relay for details.
77 ## A unique handle for your server.
78 #Nickname ididnteditheconfig
80 ## The IP or FQDN for your server. Leave commented out and Tor will guess.
81 #Address noname.example.com
83 ## Define these to limit the bandwidth usage of relayed (server)
84 ## traffic. Your own traffic is still unthrottled.
85 ## Note that RelayBandwidthRate must be at least 20 KB.
86 #RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps)
87 #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB/s (1600Kbps)
89 ## Contact info to be published in the directory, so we can contact you
90 ## if your server is misconfigured or something else goes wrong.
91 #ContactInfo Random Person <nobody AT example dot com>
92 ## You might also include your PGP or GPG fingerprint if you have one:
93 #ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
95 ## Required: what port to advertise for Tor connections.
96 #ORPort 9001
97 ## If you need to listen on a port other than the one advertised
98 ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the
99 ## line below too. You'll need to do ipchains or other port forwarding
100 ## yourself to make this work.
101 #ORListenAddress 0.0.0.0:9090
103 ## Uncomment this to mirror directory information for others. Please do
104 ## if you have enough bandwidth.
105 #DirPort 9030 # what port to advertise for directory connections
106 ## If you need to listen on a port other than the one advertised
107 ## in DirPort (e.g. to advertise 80 but bind to 9091), uncomment the line
108 ## below too. You'll need to do ipchains or other port forwarding yourself
109 ## to make this work.
110 #DirListenAddress 0.0.0.0:9091
111 ## Uncomment to return an arbitrary blob of html on your DirPort. Now you
112 ## can explain what Tor is if anybody wonders why your IP address is
113 ## contacting them.
114 #DirPortFrontPage /etc/tor/exit-notice.html
116 ## Uncomment this if you run more than one Tor server, and add the
117 ## nickname of each Tor server you control, even if they're on different
118 ## networks. You declare it here so Tor clients can avoid using more than
119 ## one of your servers in a single circuit. See
120 ## http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#MultipleServers
121 #MyFamily nickname1,nickname2,...
123 ## A comma-separated list of exit policies. They're considered first
124 ## to last, and the first match wins. If you want to _replace_
125 ## the default exit policy, end this with either a reject *:* or an
126 ## accept *:*. Otherwise, you're _augmenting_ (prepending to) the
127 ## default exit policy. Leave commented to just use the default, which is
128 ## available in the man page or at https://www.torproject.org/documentation.html
129 ##
130 ## Look at https://www.torproject.org/faq-abuse.html#TypicalAbuses
131 ## for issues you might encounter if you use the default exit policy.
132 ##
133 ## If certain IPs and ports are blocked externally, e.g. by your firewall,
134 ## you should update your exit policy to reflect this -- otherwise Tor
135 ## users will be told that those destinations are down.
136 ##
137 #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
138 #ExitPolicy accept *:119 # accept nntp as well as default exit policy
139 #ExitPolicy reject *:* # no exits allowed
140 #
141 ################ This section is just for bridge relays ##############
142 #
143 ## Bridge relays (or "bridges" ) are Tor relays that aren't listed in the
144 ## main directory. Since there is no complete public list of them, even if an
145 ## ISP is filtering connections to all the known Tor relays, they probably
146 ## won't be able to block all the bridges. Unlike running an exit relay,
147 ## running a bridge relay just passes data to and from the Tor network --
148 ## so it shouldn't expose the operator to abuse complaints.
150 #ORPort 443
151 #BridgeRelay 1
152 #RelayBandwidthRate 50KBytes
153 #ExitPolicy reject *:*