[tor-commits] [tor/master] Modify man page to describe ReducedExitPolicy option

nickm at torproject.org nickm at torproject.org
Tue Oct 31 17:51:29 UTC 2017


commit e8c6d431fad4c3699532e6f74b8e117a010bfbfa
Author: Neel Chauhan <neel at neelc.org>
Date:   Tue Oct 10 12:40:42 2017 -0400

    Modify man page to describe ReducedExitPolicy option
---
 doc/tor.1.txt | 101 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 100 insertions(+), 1 deletion(-)

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 0ee9982e0..329da5fca 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1770,7 +1770,13 @@ is non-zero):
        reject *:6346-6429
        reject *:6699
        reject *:6881-6999
-       accept *:*
+       accept *:* +
+ +
+    If you want to use a reduced exit policy rather than the default exit
+    policy, set "ReducedExitPolicy 1". If you want to _replace_ the default
+    exit policy with your custom exit policy, end your exit policy with either
+    a reject *:* or an accept *:*. Otherwise, you’re _augmenting_ (prepending
+    to) the default or reduced exit policy.
 
 [[ExitPolicyDefault]]::
     Since the default exit policy uses accept/reject *, it applies to both
@@ -1794,6 +1800,99 @@ is non-zero):
     to disclose.
     (Default: 0)
 
+[[ReducedExitPolicy] **ReducedExitPolicy** **0**|**1**::
+    If set, use a reduced exit policy rather than the default one. +
+ +
+    The reduced exit policy is an alternative to the default exit policy. It
+    allows as many Internet services as possible while still blocking the
+    majority of TCP ports. Currently, the policy allows approximately 65 ports.
+    This reduces the odds that your node will be used for peer-to-peer
+    applications. +
+ +
+    The reduced exit policy is:
+
+        accept *:20-21
+        accept *:22
+        accept *:23
+        accept *:43
+        accept *:53
+        accept *:79
+        accept *:80-81
+        accept *:88
+        accept *:110
+        accept *:143
+        accept *:194
+        accept *:220
+        accept *:389
+        accept *:443
+        accept *:464
+        accept *:465
+        accept *:531
+        accept *:543-544
+        accept *:554
+        accept *:563
+        accept *:587
+        accept *:636
+        accept *:706
+        accept *:749
+        accept *:873
+        accept *:902-904
+        accept *:981
+        accept *:989-990
+        accept *:991
+        accept *:992
+        accept *:993
+        accept *:994
+        accept *:995
+        accept *:1194
+        accept *:1220
+        accept *:1293
+        accept *:1500
+        accept *:1533
+        accept *:1677
+        accept *:1723
+        accept *:1755
+        accept *:1863
+        accept *:2082
+        accept *:2083
+        accept *:2086-2087
+        accept *:2095-2096
+        accept *:2102-2104
+        accept *:3128
+        accept *:3389
+        accept *:3690
+        accept *:4321
+        accept *:4643
+        accept *:5050
+        accept *:5190
+        accept *:5222-5223
+        accept *:5228
+        accept *:5900
+        accept *:6660-6669
+        accept *:6679
+        accept *:6697
+        accept *:8000
+        accept *:8008
+        accept *:8074
+        accept *:8080
+        accept *:8082
+        accept *:8087-8088
+        accept *:8232-8233
+        accept *:8332-8333
+        accept *:8443
+        accept *:8888
+        accept *:9418
+        accept *:9999
+        accept *:10000
+        accept *:11371
+        accept *:19294
+        accept *:19638
+        accept *:50002
+        accept *:64738
+        reject *:* +
+ +
+    (Default: 0)
+
 [[IPv6Exit]] **IPv6Exit** **0**|**1**::
     If set, and we are an exit node, allow clients to use us for IPv6
     traffic. (Default: 0)





More information about the tor-commits mailing list