shell-things/etc/tor/torrc-client

DataDirectory /var/lib/tor-client
Log notice syslog

# This instance will appear in syslog as "Tor-client"
SyslogIdentityTag client

# Use the default SocksPort, but also isolate streams going to different
# destination addresses and in case of DualStack Exits prefer IPv6, because
# they aren't publicly listed and may let through Tor blocks.
# https://trac.torproject.org/projects/tor/ticket/16947
SocksPort 9050 IsolateDestAddr PreferIPv6 IsolateSOCKSAuth
SocksPort 9052 PreferIPv6 IsolateSOCKSAuth
SocksPort 9060 OnionTrafficOnly IsolateSOCKSAuth

# HTTP Proxy port
HTTPTunnelPort 8118 IsolateDestAddr PreferIPv6 IsolateSOCKSAuth

# Uncomment to disable IPv4
#ClientUseIPv4 0

# Allow Tor to connect to relay/bridge over IPv6. As the default is
# IPv4-only, this may cause less anonymity if the guard is bad (and
# especially if you are behind CGN?)
ClientUseIPv6 1

# Always prefer IPv6 over IPv4 (see previous), maybe this would be useful
# in a DS network preventing Tor over IPv4.
#ClientPreferIPv6ORPort 1

# Disable control access
ControlPort 0
ControlSocket 0

# If these have been disabled in the main Tor or OneHopOnion and something
# should work with the Debian defaults (e.g. zeronet)
CookieAuthentication 1
#CookieAuthFileGroupReadable 1
#CookieAuthFile /run/tor/control.authcookie
#ControlPort 9051
#ControlSocket /run/tor/control GroupWritable RelaxDirModeCheck
#ControlSocketsGroupWritable 1
#SocksPort unix:/run/tor/socks WorldWritable IsolateDestAddr PreferIPv6

# https://gitweb.torproject.org/torspec.git/tree/proposals/291-two-guard-nodes.txt
#NumEntryGuards 2
etc/systemd: add tor-client.service & tor: add torrc-client 2019-05-03 11:31:33 +02:00			`DataDirectory /var/lib/tor-client`
			`Log notice syslog`
etc/tor/torrc-client: add comments 2019-05-04 15:55:08 +02:00
			`# This instance will appear in syslog as "Tor-client"`
etc/systemd: add tor-client.service & tor: add torrc-client 2019-05-03 11:31:33 +02:00			`SyslogIdentityTag client`
etc/tor/torrc-client: add comments 2019-05-04 15:55:08 +02:00
			`# Use the default SocksPort, but also isolate streams going to different`
			`# destination addresses and in case of DualStack Exits prefer IPv6, because`
			`# they aren't publicly listed and may let through Tor blocks.`
			`# https://trac.torproject.org/projects/tor/ticket/16947`
torrc-client: ensure IsolateSOCKSAuth & add HTTPTunnelPort 2019-05-22 10:58:05 +02:00			`SocksPort 9050 IsolateDestAddr PreferIPv6 IsolateSOCKSAuth`
			`SocksPort 9052 PreferIPv6 IsolateSOCKSAuth`
			`SocksPort 9060 OnionTrafficOnly IsolateSOCKSAuth`

			`# HTTP Proxy port`
			`HTTPTunnelPort 8118 IsolateDestAddr PreferIPv6 IsolateSOCKSAuth`
etc/systemd: add tor-client.service & tor: add torrc-client 2019-05-03 11:31:33 +02:00
			`# Uncomment to disable IPv4`
			`#ClientUseIPv4 0`
etc/tor/torrc-client: add comments 2019-05-04 15:55:08 +02:00
			`# Allow Tor to connect to relay/bridge over IPv6. As the default is`
			`# IPv4-only, this may cause less anonymity if the guard is bad (and`
			`# especially if you are behind CGN?)`
			`ClientUseIPv6 1`

			`# Always prefer IPv6 over IPv4 (see previous), maybe this would be useful`
			`# in a DS network preventing Tor over IPv4.`
etc/systemd: add tor-client.service & tor: add torrc-client 2019-05-03 11:31:33 +02:00			`#ClientPreferIPv6ORPort 1`

etc/tor: disable control, document enabling for client 2019-05-04 19:17:21 +02:00			`# Disable control access`
			`ControlPort 0`
			`ControlSocket 0`

			`# If these have been disabled in the main Tor or OneHopOnion and something`
			`# should work with the Debian defaults (e.g. zeronet)`
etc/systemd: add tor-client.service & tor: add torrc-client 2019-05-03 11:31:33 +02:00			`CookieAuthentication 1`
etc/tor: disable control, document enabling for client 2019-05-04 19:17:21 +02:00			`#CookieAuthFileGroupReadable 1`
			`#CookieAuthFile /run/tor/control.authcookie`
			`#ControlPort 9051`
			`#ControlSocket /run/tor/control GroupWritable RelaxDirModeCheck`
			`#ControlSocketsGroupWritable 1`
			`#SocksPort unix:/run/tor/socks WorldWritable IsolateDestAddr PreferIPv6`
torrc-client: add SocksPorts and comment on two guards I need unisolated port for dnscrypt-proxy which I fear would otherwise generate too many circuits which wouldn't even be used and I guess there is no harm in sending Yggdrasil to a separate port that only has access to onions which is a port I may sometimes wish I have otherwise too. 2019-05-15 09:31:47 +02:00
			`# https://gitweb.torproject.org/torspec.git/tree/proposals/291-two-guard-nodes.txt`
			`#NumEntryGuards 2`