Safe Haskell	None
Language	Haskell2010

Tor.Options

Contents

Options for running Tor
Handy utilities

Description

Various options for running a Tor node

Synopsis

Options for running Tor

data TorOptions Source

How the node should be set up during initialization. For each of these items, Nothing means that the node will not operate in that capacity, while Just of the option type will initialize that system with those options.

Note that while we will do our best to make it work, it doesn't make a whole lot of sense to be an Exit node and not be a Relay node.

Constructors

TorOptions
Fields torLog :: String -> IO () torEntranceOptions :: Maybe TorEntranceOptions torRelayOptions :: Maybe TorRelayOptions torExitOptions :: Maybe TorExitOptions

defaultTorOptions :: TorOptions Source

A reasonable default set of options for a Tor node. Sets the node up as an entrance and relay node with their standard options, and logging output printed to stdout.

data TorEntranceOptions Source

Options for allowing circuits that originated at this node.

Constructors

TorEntranceOptions
Fields torInternalCircuitLength :: Int The number of intermediate hops to use between this node and the exit node. To be clear, created circuits will have an entrance node, this number of nodes, and then the exit node. torTargetLinks :: Int The target number of external connections to keep alive for outgoing connections. Note that this is a target, rather than a hard minimum or limit.

defaultTorEntranceOptions :: TorEntranceOptions Source

A reasonable set of entrance options. The internal circuit length is set to 4, and a target number of links of 5.

data TorRelayOptions Source

Options for allowing circuits that pass through this node.

Constructors

TorRelayOptions

Fields

torOnionPort :: Word16: The port to listen on. By default, this is 9374, but there are compelling reasons to have it be some other wel-known port, like 80.
torNickname :: String: The nickname for this node. This is completely optional, but can be helpful in finding yourself in node lists.
torContact :: Maybe String: A contact email address. If not provided, we will either provide no email address or just include a junk address.
torFamilies :: [NodeFamily]: If you're setting up a number of nodes within the same operating environment, you might want to provide a "family" identifier. That way, those building circuits can limit what percentage of their hops might go through this group. A node can be a member of zero, one, or more families, thus the list.
torMaximumLinks :: Int: The maximum number of links from this node. Note that this should be greater than or equal to torTargetLinks if this node is also to be used as an entrance node.

defaultTorRelayOptions :: TorRelayOptions Source

A reasonable set of relay options. The onion port is set to 9374, the nickname is set to "", and no contact information is provided. These options set the maximum number of links to 50.

data TorExitOptions Source

Options for allowing circuits that end at this node.

Constructors

TorExitOptions

Fields

torExitRules :: [ExitRule]: The rules for allowing or rejecting traffic leaving this node.
torIPv6Policy :: Either [PortSpec] [PortSpec]: The ports to disallow (Left) or allow (Right) when forwarding IPv6 traffic.
torAllowSingleHopExits :: Bool: Set this flag if you want to allow single-hop exits. These are usually not advisable, but according to the spec they may be usefule for "specialized controllers desgined to support perspective access and such."

defaultTorExitOptions :: TorExitOptions Source

A reasonable default exit node options. This allows all outgoing traffic to ports 22 (SSH), 80 (HTTP), 443 (HTTPS), 465 (SMTPS), and 993 (IMAPS), and disallows single hop exits.

data ExitRule Source

A rule for accepting or rejecting traffic, usually specified by exit nodes.

Constructors

ExitRuleAccept AddrSpec PortSpec	Accept matching traffic.
ExitRuleReject AddrSpec PortSpec	Reject matching traffic.

Instances

Show ExitRule Source

data AddrSpec Source

An address or subnet specifier.

Constructors

AddrSpecAll	Accept any address
AddrSpecIP4 String	Accept this specific address.
AddrSpecIP4Mask String String	Accept this IP address and subnet mask (255.255.255.0,etc.)
AddrSpecIP4Bits String Int	Accept this IP address and CIDR mask (/24,etc.)
AddrSpecIP6 String	Accept this specific IP6 address.
AddrSpecIP6Bits String Int	Accept this subnet and CIDR mask.

Instances

Eq AddrSpec Source
Show AddrSpec Source

data PortSpec Source

A port specifier

Constructors

PortSpecAll	Accept any port
PortSpecRange Word16 Word16	Accept ports between the two values, inclusive.
PortSpecSingle Word16	Accept only the given port.

Instances

Eq PortSpec Source
Show PortSpec Source

Handy utilities

makeLogger :: (String -> IO ()) -> String -> IO () Source

If you like the output format of the default log function, but want to send it to your own output stream, this is the function for you! This function takes an outgoing logger and a string to log, and adds a nicely- formatted and easily-sortable timestamp to the front of it.

NOTE: The default value for the logger is (makeLogger putStrLn).