Ticket #3216: torrc.txt

File torrc.txt, 8.1 KB (added by BarkerJr, 8 years ago)
Line 
1## Configuration file for a typical Tor user
2## Last updated 16 July 2009 for Tor 0.2.2.1-alpha.
3## (May or may not work for much older or much newer versions of Tor.)
4##
5## Lines that begin with "## " try to explain what's going on. Lines
6## that begin with just "#" are disabled commands: you can enable them
7## by removing the "#" symbol.
8##
9## See 'man tor', or https://www.torproject.org/tor-manual.html,
10## for more options you can use in this file.
11##
12## Tor will look for this file in various places based on your platform:
13## https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#torrc
14
15
16## Replace this with "SocksPort 0" if you plan to run Tor only as a
17## relay, and not make any local application connections yourself.
18SocksPort 0 # what port to open for local application connections
19#SocksListenAddress 127.0.0.1 # accept connections only from localhost
20#SocksListenAddress 192.168.0.1:9100 # listen on this IP:port also
21
22## Entry policies to allow/deny SOCKS requests based on IP address.
23## First entry that matches wins. If no SocksPolicy is set, we accept
24## all (and only) requests from SocksListenAddress.
25#SocksPolicy accept 192.168.0.0/16
26#SocksPolicy reject *
27
28## Logs go to stdout at level "notice" unless redirected by something
29## else, like one of the below lines. You can have as many Log lines as
30## you want.
31##
32## We advise using "notice" in most cases, since anything more verbose
33## may provide sensitive information to an attacker who obtains the logs.
34##
35## Send all messages of level 'notice' or higher to /usr/local/var/log/tor/notices.log
36Log [acct]info notice file /var/log/tor/notices.log
37## Send every possible message to /usr/local/var/log/tor/debug.log
38#Log debug file /usr/local/var/log/tor/debug.log
39## Use the system log instead of Tor's logfiles
40#Log notice syslog
41## To send all messages to stderr:
42#Log debug stderr
43
44## Uncomment this to start the process in the background... or use
45## --runasdaemon 1 on the command line. This is ignored on Windows;
46## see the FAQ entry if you want Tor to run as an NT service.
47RunAsDaemon 1
48
49## The directory for keeping all the keys/etc. By default, we store
50## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
51DataDirectory /usr/local/var/lib/tor
52
53## The port on which Tor will listen for local connections from Tor
54## controller applications, as documented in control-spec.txt.
55#ControlPort 9051
56## If you enable the controlport, be sure to enable one of these
57## authentication methods, to prevent attackers from accessing it.
58#HashedControlPassword 16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C
59#CookieAuthentication 1
60
61############### This section is just for location-hidden services ###
62
63## Once you have configured a hidden service, you can look at the
64## contents of the file ".../hidden_service/hostname" for the address
65## to tell people.
66##
67## HiddenServicePort x y:z says to redirect requests on port x to the
68## address y:z.
69
70#HiddenServiceDir /usr/local/var/lib/tor/hidden_service/
71#HiddenServicePort 80 127.0.0.1:80
72
73#HiddenServiceDir /usr/local/var/lib/tor/other_hidden_service/
74#HiddenServicePort 80 127.0.0.1:80
75#HiddenServicePort 22 127.0.0.1:22
76
77################ This section is just for relays #####################
78#
79## See https://www.torproject.org/docs/tor-doc-relay for details.
80
81## Required: what port to advertise for incoming Tor connections.
82ORPort auto
83## If you want to listen on a port other than the one advertised
84## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the
85## line below too. You'll need to do ipchains or other port forwarding
86## yourself to make this work.
87#ORListenAddress 74.207.254.76
88
89## A handle for your relay, so people don't have to refer to it by key.
90Nickname BarkerJrAtom1
91
92## The IP address or full DNS name for your relay. Leave commented out
93## and Tor will guess.
94#Address noname.example.com
95
96## Define these to limit how much relayed traffic you will allow. Your
97## own traffic is still unthrottled. Note that RelayBandwidthRate must
98## be at least 20 KBytes.
99#RelayBandwidthRate 25 KBytes  # Throttle traffic to 100KB/s (800Kbps)
100#RelayBandwidthBurst 3136 KBytes # But allow bursts up to 200KB/s (1600Kbps)
101
102AccountingMax 150GB
103
104## Use these to restrict the maximum traffic per day, week, or month.
105## Note that this threshold applies to sent _and_ to received bytes,
106## not to their sum: Setting "4 GBytes" may allow up to 8 GBytes
107## total before hibernating.
108##
109## Set a maximum of 4 gigabytes each way per period.
110#AccountingMax 4 GBytes
111## Each period starts daily at midnight (AccountingMax is per day)
112#AccountingStart day 00:00
113## Each period starts on the 3rd of the month at 15:00 (AccountingMax
114## is per month)
115#AccountingStart month 3 15:00
116
117## Contact info to be published in the directory, so we can contact you
118## if your relay is misconfigured or something else goes wrong. Google
119## indexes this, so spammers might also collect it.
120ContactInfo BarkerJr <http://barkerjr.tel>
121## You might also include your PGP or GPG fingerprint if you have one:
122#ContactInfo 1234D/FFFFFFFF Random Person <nobody AT example dot com>
123
124## Uncomment this to mirror directory information for others. Please do
125## if you have enough bandwidth.
126#DirPort 9030 # what port to advertise for directory connections
127## If you want to listen on a port other than the one advertised
128## in DirPort (e.g. to advertise 80 but bind to 9091), uncomment the line
129## below too. You'll need to do ipchains or other port forwarding yourself
130## to make this work.
131#DirListenAddress 0.0.0.0:9091
132## Uncomment to return an arbitrary blob of html on your DirPort. Now you
133## can explain what Tor is if anybody wonders why your IP address is
134## contacting them. See contrib/tor-exit-notice.html for a sample.
135#DirPortFrontPage /etc/tor/exit-notice.html
136
137## Uncomment this if you run more than one Tor relay, and add the identity
138## key fingerprint of each Tor relay you control, even if they're on
139## different networks. You declare it here so Tor clients can avoid
140## using more than one of your relays in a single circuit. See
141## https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#MultipleServers
142#MyFamily $keyid,$keyid,...
143MyFamily \
144        $8E6ABC243B0C0A348D0E16D3274D367C4E10E48E,      #BarkerJrNet            \
145        $B1BFFE96D67CC1BD7EF6A9D4AC618AF681012A3E,      #BarkerJrParis1a        \
146        $DD411701048BBA3D2DC3DDB92C70ED2D27E12058,      #BarkerJrParis1b        \
147        $079CF1AE3AEC9E230D0EB794E3AD49E644D53957,      #BarkerJrOrange1        \
148        $099DC0934A63BE6CBBC684760D99902B7CB9CAB2,      #BarkerJrAtom1          \
149        $94E35409D98D1E43663999B9BF30A4982CD3A40E,      #BarkerJrAtom2          \
150        $1FE3D5979AC24A431C957463FE0ED42C295135BB       #BarkerJrPhoenix
151
152## A comma-separated list of exit policies. They're considered first
153## to last, and the first match wins. If you want to _replace_
154## the default exit policy, end this with either a reject *:* or an
155## accept *:*. Otherwise, you're _augmenting_ (prepending to) the
156## default exit policy. Leave commented to just use the default, which is
157## described in the man page or at
158## https://www.torproject.org/documentation.html
159##
160## Look at https://www.torproject.org/faq-abuse.html#TypicalAbuses
161## for issues you might encounter if you use the default exit policy.
162##
163## If certain IPs and ports are blocked externally, e.g. by your firewall,
164## you should update your exit policy to reflect this -- otherwise Tor
165## users will be told that those destinations are down.
166##
167#ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
168#ExitPolicy accept *:119 # accept nntp as well as default exit policy
169#ExitPolicy reject *:* # no exits allowed
170ExitPolicy accept 178.33.255.46:*,accept 46.59.1.2:*
171ExitPolicy reject *:*
172
173#
174## Bridge relays (or "bridges") are Tor relays that aren't listed in the
175## main directory. Since there is no complete public list of them, even if an
176## ISP is filtering connections to all the known Tor relays, they probably
177## won't be able to block all the bridges. Also, websites won't treat you
178## differently because they won't know you're running Tor. If you can
179## be a real relay, please do; but if not, be a bridge!
180#BridgeRelay 1
181#ExitPolicy reject *:*
182
183User tor
184NumCPUs 3
185#ExitPolicyRejectPrivate 0