本文档详细分析了Tor(1)的手动页面,涵盖了其作为洋葱路由器的基本功能,以及配置文件的格式和各种选项。包括通用选项如日志、代理和带宽设置,客户端选项涉及节点选择和出口限制,服务器选项涉及GeoIP文件和权威服务器设置,同时讨论了目录权威服务器的选项和测试网络的选项。
TOR(1) Manual Page Analysis
NAME
tor - The second-generation onion router
SYNOPSIS
tor [OPTION value]…
DESCRIPTION
tor is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.Basically tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams — web traffic, ftp, ssh, etc — around the routers, and recipients, observers, and even the routers themselves have difficulty tracking the source of the stream.
THE CONFIGURATION FILE FORMAT
By default, an option on the command line overrides an option found in the configuration file, and an option in a configuration file overrides one in the defaults file.This rule is simple for options that take a single value, but it can become complicated for options that are allowed to occur more than once: if you specify four SOCKSPorts in your configuration file, and one more SOCKSPort on the command line, the option on the command line will replace all of the SOCKSPorts in the configuration file. If this isn’t what you want, prefix the option name with a plus sign, and it will be appended to the previous set of options instead.
Alternatively, you might want to remove every instance of an option in the configuration file, and not replace it at all: you might want to say on the command line that you want no SOCKSPorts at all. To do that, prefix the option name with a forward slash.
GENERAL OPTIONS
Log:
Log minSeverity[-maxSeverity] stderr|stdout|syslogLog minSeverity[-maxSeverity] file FILENAME
Log [domain,…]minSeverity[-maxSeverity] … file FILENAME
Log [domain,…]minSeverity[-maxSeverity] … stderr|stdout|syslog
LogMessageDomains 0|1 (Default: 0)
severity : debug, info, notice, warn, and err.
domain : general, crypto, net, config, fs, protocol, mm, http, app, control, circ, rend, bug, dir, dirserv, or, edge, acct, hist, and handshake.
Tor有选择性地输出相关domain的不同severity的调试信息,并可选的加上对应子系统信息。
ProtocolWarnings 0|1 (Default: 0)
Tor在记录日志之时若设置了该选项,会将Warning报出,否则视为Info。
LogTimeGranularity NUM (Default: 1 second)
Tor用于控制日志文件的记录时间粒度。
SafeLogging 0|1|relay (Default: 1)
Tor用于将日志文件中的敏感信息屏蔽起来。
Proxy:
HTTPProxy host[:port]HTTPProxyAuthenticator username:password
HTTPSProxy host[:port]
HTTPSProxyAuthenticator username:password
Socks4Proxy host[:port]
Socks5Proxy host[:port]
Socks5ProxyUsername username
Socks5ProxyPassword password
Tor目录请求和连接建立的专用代理设置和认证方式,HTTP代理负责目录请求,其他代理负责OR连接建立。
ClientTransportPlugin transport socks4|socks5 IP:PORT
ClientTransportPlugin transport exec path-to-binary [options]
If set, Tor Client使用传输代理来传递Tor Relay的信息。
第一种形式代理处于IP:PORT之上;第二种形式代理由执行path-to-binary启动。
ServerTransportPlugin transport exec path-to-binary [options]
If set, Tor Relay使用传输代理来接收Tor Client的信息。
Bandwidth:
BandwidthRate N bytes|KB|MB|GB (Default: 5 MB)BandwidthBurst N bytes|KB|MB|GB (Default: 10 MB)
Tor使用令牌桶机制来控制流入流出的一般速率和最大速率,token bucket。
MaxAdvertisedBandwidth N bytes|KB|MB|GB
If set, Tor Server对外公布的带宽上限。以此降低Server本身的CPU损耗。
RelayBandwidthRate N bytes|KB|MB|GB (Default: 0)
RelayBandwidthBurst N bytes|KB|MB|GB (Default: 0)
If not 0, Tor Relay使用令牌桶机制来进行流量控制,token bucket。
Control Port:
ControlPort PORT|auto (Default: 0)ControlListenAddress IP[:PORT] (Default: 127.0.0.1)
ControlSocket Path (Unix and Unix-like systems only)
If set, Tor设定程序的控制IP及端口。
ControlSocketsGroupWritable 0|1 (Default: 0)
HashedControlPassword hashed_password
CookieAuthentication 0|1 (Default: 0)
CookieAuthFile Path
CookieAuthFileGroupReadable 0|1|Groupname (Default: 0)
If set, Tor进行控制端口的权限设定,包括组权限,密码验证及Cookie认证。
ControlPortWriteToFile Path
ControlPortFileGroupReadable 0|1 (Default: 0)
If set, Tor用于在自动选择控制端口时将端口写入文件,以便其他程序读取,并进行控制。
Fecth Info:
FetchDirInfoEarly 0|1 (Default: 0)FetchDirInfoExtraEarly 0|1 (Default: 0)
Tor比普通情况更早的获取目录信息。普通用户不必改变该选项。
FetchHidServDescriptors 0|1 (Default: 1)
FetchServerDescriptors 0|1 (Default: 1)
FetchUselessDescriptors 0|1 (Default: 0)
Tor默认情况下获取网络相关描述符的设置。
最低0.47元/天 解锁文章
扫一扫
6093
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
