diff options
author | Peter Palfrader <peter@palfrader.org> | 2004-04-06 01:00:26 +0000 |
---|---|---|
committer | Peter Palfrader <peter@palfrader.org> | 2004-04-06 01:00:26 +0000 |
commit | 1dca309769f94777d210ba3dddf4ba8781191456 (patch) | |
tree | e349af4185e655711e571ceecfdeac40c08b851d | |
parent | ffe64074cd5e52e82f535c9c5c1b416323276972 (diff) | |
download | tor-1dca309769f94777d210ba3dddf4ba8781191456.tar tor-1dca309769f94777d210ba3dddf4ba8781191456.tar.gz |
Document :n-m exit policy
svn:r1501
-rw-r--r-- | doc/tor.1.in | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/doc/tor.1.in b/doc/tor.1.in index b6aafb85c..24a59cf73 100644 --- a/doc/tor.1.in +++ b/doc/tor.1.in @@ -95,9 +95,16 @@ The fqdn of this server (e.g. moria.mit.edu). Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor) .TP \fBexitpolicy \fR\fIpolicy,policy,...\fP -Set an exit policy for this server. Each policy is of the form "reject ADDR/MASK:PORT". For example, -"reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept *:*" would reject any traffic destined for -localhost and any 192.168.1.* address, but accept anything else. +Set an exit policy for this server. Each policy is of the form +"\fBreject\fP \fIADDR\fP\fB/\fP\fIMASK\fP\fB:\fP\fIPORT\fP". +If \fB/\fP\fIMASK\fP is ommitted then this policy just applies to the host +given. Instead of giving a host or network you can also use "\fB*\fP" to +denote the universe (0.0.0.0/0). \fIPORT\fP can either be a single port number +or an interval of ports: "\fIFROM_PORT\fP\fB-\fP\fITO_PORT\fP". + +For example, "reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept *:*" would +reject any traffic destined for localhost and any 192.168.1.* address, but +accept anything else. .TP \fBmaxonionspending \fR\fINUM\fP If you have more than this number of onionskins queued for decrypt, reject new ones. (Default: 100) |