]>
Commit | Line | Data |
---|---|---|
b312967c MT |
1 | #!/bin/sh |
2 | ######################################################################## | |
3 | # Begin $rc_base/init.d/tor | |
4 | # | |
5 | # Description : Anonymizing overlay network for TCP | |
6 | # | |
7 | ######################################################################## | |
8 | ||
9 | . /etc/sysconfig/rc | |
10 | . ${rc_functions} | |
11 | ||
6adacba0 MT |
12 | FILEDESCRIPTORS="65535" |
13 | ||
dea39917 MT |
14 | eval $(/usr/local/bin/readhash /var/ipfire/tor/settings) |
15 | ||
3765eb61 MT |
16 | function tor_is_enabled() { |
17 | [ "${TOR_ENABLED}" = "on" ] || [ "${TOR_RELAY_ENABLED}" = "on" ] | |
18 | } | |
19 | ||
c60301c0 | 20 | function setup_firewall() { |
c60301c0 MT |
21 | # Flush all rules. |
22 | flush_firewall | |
23 | ||
5fc5f703 PM |
24 | # Allow incoming traffic to Tor relay (and directory) port and |
25 | # all outgoing TCP connections from Tor user. | |
c60301c0 MT |
26 | if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_PORT}" ]; then |
27 | iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_PORT}" -j ACCEPT | |
5fc5f703 | 28 | iptables -A TOR_OUTPUT -p tcp -m owner --uid-owner tor -j ACCEPT |
c60301c0 | 29 | fi |
e122dd63 JPT |
30 | |
31 | if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_DIRPORT}" ] && [ "${TOR_RELAY_DIRPORT}" -ne 0 ]; then | |
32 | iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_DIRPORT}" -j ACCEPT | |
33 | fi | |
c60301c0 MT |
34 | } |
35 | ||
36 | function flush_firewall() { | |
37 | # Flush all rules. | |
38 | iptables -F TOR_INPUT | |
5fc5f703 | 39 | iptables -F TOR_OUTPUT |
c60301c0 MT |
40 | } |
41 | ||
b312967c MT |
42 | case "${1}" in |
43 | start) | |
3765eb61 MT |
44 | tor_is_enabled || exit 0 |
45 | ||
c60301c0 MT |
46 | # Setup firewall. |
47 | setup_firewall | |
48 | ||
6adacba0 MT |
49 | # Increasing open file descriptors. |
50 | if [ -n "${FILEDESCRIPTORS}" ]; then | |
51 | ulimit -n "${FILEDESCRIPTORS}" | |
52 | fi | |
53 | ||
b312967c MT |
54 | boot_mesg "Starting tor..." |
55 | loadproc /usr/bin/tor \ | |
56 | --runasdaemon 1 \ | |
57 | --defaults-torrc /usr/share/tor/defaults-torrc \ | |
58 | -f /etc/tor/torrc \ | |
59 | --quiet | |
60 | ;; | |
61 | ||
62 | stop) | |
c60301c0 MT |
63 | # Flush firewall. |
64 | flush_firewall | |
65 | ||
b312967c MT |
66 | boot_mesg "Stopping tor..." |
67 | killproc /usr/bin/tor | |
68 | ;; | |
69 | ||
70 | reload) | |
c60301c0 MT |
71 | # Setup firewall. |
72 | setup_firewall | |
73 | ||
b312967c MT |
74 | boot_mesg "Reloading tor..." |
75 | reloadproc /usr/bin/tor | |
76 | ;; | |
77 | ||
78 | restart) | |
79 | ${0} stop | |
80 | sleep 1 | |
81 | ${0} start | |
82 | ;; | |
83 | ||
27cb7805 MT |
84 | reload-or-restart) |
85 | # Reload the process if it is already running. Otherwise, restart. | |
86 | if pidofproc -s /usr/bin/tor; then | |
87 | $0 reload | |
88 | else | |
89 | $0 restart | |
90 | fi | |
91 | ;; | |
92 | ||
b312967c MT |
93 | status) |
94 | statusproc /usr/bin/tor | |
95 | ;; | |
96 | ||
97 | *) | |
27cb7805 | 98 | echo "Usage: ${0} {start|stop|reload|restart|reload-or-restart|status}" |
b312967c MT |
99 | exit 1 |
100 | ;; | |
101 | esac | |
102 | ||
103 | # End $rc_base/init.d/tor |