[tor-commits] [tor/master] Modify man page to describe ReducedExitPolicy option
nickm at torproject.org
nickm at torproject.org
Tue Oct 31 17:51:29 UTC 2017
commit e8c6d431fad4c3699532e6f74b8e117a010bfbfa
Author: Neel Chauhan <neel at neelc.org>
Date: Tue Oct 10 12:40:42 2017 -0400
Modify man page to describe ReducedExitPolicy option
---
doc/tor.1.txt | 101 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 100 insertions(+), 1 deletion(-)
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 0ee9982e0..329da5fca 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1770,7 +1770,13 @@ is non-zero):
reject *:6346-6429
reject *:6699
reject *:6881-6999
- accept *:*
+ accept *:* +
+ +
+ If you want to use a reduced exit policy rather than the default exit
+ policy, set "ReducedExitPolicy 1". If you want to _replace_ the default
+ exit policy with your custom exit policy, end your exit policy with either
+ a reject *:* or an accept *:*. Otherwise, you’re _augmenting_ (prepending
+ to) the default or reduced exit policy.
[[ExitPolicyDefault]]::
Since the default exit policy uses accept/reject *, it applies to both
@@ -1794,6 +1800,99 @@ is non-zero):
to disclose.
(Default: 0)
+[[ReducedExitPolicy] **ReducedExitPolicy** **0**|**1**::
+ If set, use a reduced exit policy rather than the default one. +
+ +
+ The reduced exit policy is an alternative to the default exit policy. It
+ allows as many Internet services as possible while still blocking the
+ majority of TCP ports. Currently, the policy allows approximately 65 ports.
+ This reduces the odds that your node will be used for peer-to-peer
+ applications. +
+ +
+ The reduced exit policy is:
+
+ accept *:20-21
+ accept *:22
+ accept *:23
+ accept *:43
+ accept *:53
+ accept *:79
+ accept *:80-81
+ accept *:88
+ accept *:110
+ accept *:143
+ accept *:194
+ accept *:220
+ accept *:389
+ accept *:443
+ accept *:464
+ accept *:465
+ accept *:531
+ accept *:543-544
+ accept *:554
+ accept *:563
+ accept *:587
+ accept *:636
+ accept *:706
+ accept *:749
+ accept *:873
+ accept *:902-904
+ accept *:981
+ accept *:989-990
+ accept *:991
+ accept *:992
+ accept *:993
+ accept *:994
+ accept *:995
+ accept *:1194
+ accept *:1220
+ accept *:1293
+ accept *:1500
+ accept *:1533
+ accept *:1677
+ accept *:1723
+ accept *:1755
+ accept *:1863
+ accept *:2082
+ accept *:2083
+ accept *:2086-2087
+ accept *:2095-2096
+ accept *:2102-2104
+ accept *:3128
+ accept *:3389
+ accept *:3690
+ accept *:4321
+ accept *:4643
+ accept *:5050
+ accept *:5190
+ accept *:5222-5223
+ accept *:5228
+ accept *:5900
+ accept *:6660-6669
+ accept *:6679
+ accept *:6697
+ accept *:8000
+ accept *:8008
+ accept *:8074
+ accept *:8080
+ accept *:8082
+ accept *:8087-8088
+ accept *:8232-8233
+ accept *:8332-8333
+ accept *:8443
+ accept *:8888
+ accept *:9418
+ accept *:9999
+ accept *:10000
+ accept *:11371
+ accept *:19294
+ accept *:19638
+ accept *:50002
+ accept *:64738
+ reject *:* +
+ +
+ (Default: 0)
+
[[IPv6Exit]] **IPv6Exit** **0**|**1**::
If set, and we are an exit node, allow clients to use us for IPv6
traffic. (Default: 0)
More information about the tor-commits
mailing list