[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] Document :n-m exit policy



Update of /home/or/cvsroot/doc
In directory moria.mit.edu:/tmp/cvs-serv2191

Modified Files:
	tor.1.in 
Log Message:
Document :n-m exit policy

Index: tor.1.in
===================================================================
RCS file: /home/or/cvsroot/doc/tor.1.in,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- tor.1.in	1 Apr 2004 00:36:46 -0000	1.8
+++ tor.1.in	6 Apr 2004 01:00:26 -0000	1.9
@@ -95,9 +95,16 @@
 Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
 .TP
 \fBexitpolicy \fR\fIpolicy,policy,...\fP
-Set an exit policy for this server. Each policy is of the form "reject ADDR/MASK:PORT".  For example,
-"reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept *:*" would reject any traffic destined for
-localhost and any 192.168.1.* address, but accept anything else.
+Set an exit policy for this server. Each policy is of the form
+"\fBreject\fP \fIADDR\fP\fB/\fP\fIMASK\fP\fB:\fP\fIPORT\fP".
+If \fB/\fP\fIMASK\fP is ommitted then this policy just applies to the host
+given.  Instead of giving a host or network you can also use "\fB*\fP" to
+denote the universe (0.0.0.0/0).  \fIPORT\fP can either be a single port number
+or an interval of ports: "\fIFROM_PORT\fP\fB-\fP\fITO_PORT\fP".
+
+For example, "reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept *:*" would
+reject any traffic destined for localhost and any 192.168.1.* address, but
+accept anything else.
 .TP
 \fBmaxonionspending \fR\fINUM\fP
 If you have more than this number of onionskins queued for decrypt, reject new ones. (Default: 100)