[tor-commits] [tor/master] Clarify default behavior of {SOCKS, Dir}Policy harder

nickm at torproject.org nickm at torproject.org
Thu Mar 6 15:23:49 UTC 2014


commit 967d9c9f1029a5d9b993888bac91d3959bf4c991
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Mar 6 10:21:59 2014 -0500

    Clarify default behavior of {SOCKS,Dir}Policy harder
    
    Improvement on 11108 fix; suggested by cypherpunks.
---
 doc/tor.1.txt |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 31a56e9..4b686ca 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1025,7 +1025,8 @@ The following options are useful only for clients (that is, if
 [[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__::
     Set an entrance policy for this server, to limit who can connect to the
     SocksPort and DNSPort ports. The policies have the same form as exit
-    policies below, except that port specifiers are ignored.
+    policies below, except that port specifiers are ignored. Any address
+    not matched by some entry in the policy is accepted.
 
 [[SocksTimeout]] **SocksTimeout** __NUM__::
     Let a socks connection wait NUM seconds handshaking, and NUM seconds
@@ -1823,7 +1824,8 @@ if DirPort is non-zero):
 [[DirPolicy]] **DirPolicy** __policy__,__policy__,__...__::
     Set an entrance policy for this server, to limit who can connect to the
     directory ports. The policies have the same form as exit policies above,
-    except that port specifiers are ignored.
+    except that port specifiers are ignored. Any address not matched by
+    some entry in the policy is accepted.
 
 [[FetchV2Networkstatus]] **FetchV2Networkstatus** **0**|**1**::
     If set, we try to fetch the (obsolete, unused) version 2 network status





More information about the tor-commits mailing list