DataDirectory /var/lib/tor-client Log notice syslog # This instance will appear in syslog as "Tor-client" SyslogIdentityTag client # Use the default SocksPort, but also isolate streams going to different # destination addresses and in case of DualStack Exits prefer IPv6, because # they aren't publicly listed and may let through Tor blocks. # https://trac.torproject.org/projects/tor/ticket/16947 SocksPort 9050 IsolateDestAddr PreferIPv6 IsolateSOCKSAuth SocksPort 9052 PreferIPv6 IsolateSOCKSAuth SocksPort 9060 OnionTrafficOnly IsolateSOCKSAuth # HTTP Proxy port HTTPTunnelPort 8118 IsolateDestAddr PreferIPv6 IsolateSOCKSAuth # Uncomment to disable IPv4 #ClientUseIPv4 0 # Allow Tor to connect to relay/bridge over IPv6. As the default is # IPv4-only, this may cause less anonymity if the guard is bad (and # especially if you are behind CGN?) ClientUseIPv6 1 # Always prefer IPv6 over IPv4 (see previous), maybe this would be useful # in a DS network preventing Tor over IPv4. #ClientPreferIPv6ORPort 1 # Disable control access ControlPort 0 ControlSocket 0 # If these have been disabled in the main Tor or OneHopOnion and something # should work with the Debian defaults (e.g. zeronet) CookieAuthentication 1 #CookieAuthFileGroupReadable 1 #CookieAuthFile /run/tor/control.authcookie #ControlPort 9051 #ControlSocket /run/tor/control GroupWritable RelaxDirModeCheck #ControlSocketsGroupWritable 1 #SocksPort unix:/run/tor/socks WorldWritable IsolateDestAddr PreferIPv6 # https://gitweb.torproject.org/torspec.git/tree/proposals/291-two-guard-nodes.txt #NumEntryGuards 2