torrc 1.57 KB
Newer Older
1
2
## Default SocksPort
SocksPort 127.0.0.1:9050 IsolateDestAddr IsolateDestPort
3
## SocksPort for other Tails-specific applications
4
SocksPort 127.0.0.1:9062 IsolateDestAddr IsolateDestPort
5
6
7
8
9
10
11
## SocksPort used by the Upgrader to download IUKs with
## tails-iuk-get-target-file
# We disable isolation flags so there's at least a chance that the
# circuit used to connect to Mirrorbits is reused for the actual
# download, thus benefiting from the fact Mirrorbits uses GeoIP to
# select the mirror.
SocksPort 127.0.0.1:9063 NoIsolateDestAddr NoIsolateDestPort NoIsolateClientProtocol
12
13
## SocksPort for the default web browser (address is defined in tails-create-netns)
SocksPort 10.200.1.1:9050 IsolateSOCKSAuth KeepAliveIsolateSOCKSAuth
amnesia's avatar
amnesia committed
14

15
16
## The port on which Tor will listen for local connections from Tor
## controller applications, as documented in control-spec.txt.
17
ControlPort 127.0.0.1:9052
18

amnesia's avatar
amnesia committed
19
## Torified DNS
20
DNSPort 5353
amnesia's avatar
amnesia committed
21
22
23
24
AutomapHostsOnResolve 1
AutomapHostsSuffixes .exit,.onion

## Transparent proxy
25
TransPort 127.0.0.1:9040
amnesia's avatar
amnesia committed
26

27
## Enable the Seccomp sandbox. It will disabled later (by the
28
## tor-pt-configuration-helper) if we configure any pluggable transport
29
## in TCA; note that old-school "simple" bridges will still
30
## have the sandbox enabled.
31
Sandbox 1
32

amnesia's avatar
amnesia committed
33
34
## Misc
AvoidDiskWrites 1
35

36
37
38
## Disable default warnings on StartTLS for email. Let's not train our
## users to click through security warnings.
WarnPlaintextPorts 23,109
39

intrigeri's avatar
intrigeri committed
40
41
## Log to the systemd Journal
Log notice syslog
42
43
44
45

## Tor Launcher will enable the network access for Tor once the user
## has provided the configuration they desire.
DisableNetwork 1