]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/tor.cgi
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
suricata: Change midstream policy to "pass-flow"
[ipfire-2.x.git] / html / cgi-bin / tor.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013-2019 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23
24 # enable only the following on debugging purpose
25 #use warnings;
26 #use CGI::Carp 'fatalsToBrowser';
27
28 require '/var/ipfire/general-functions.pl';
29 require "${General::swroot}/location-functions.pl";
30 require "${General::swroot}/lang.pl";
31 require "${General::swroot}/header.pl";
32
33 # Init libloc database connection.
34 my $db_handle = &Location::Functions::init();
35
36 #workaround to suppress a warning when a variable is used only once
37 my @dummy = ( ${Header::colouryellow} );
38 undef (@dummy);
39
40 my @bandwidth_limits = (
41 1000 * 1024, # 1 GBit/s
42 500 * 1024,
43 200 * 1024,
44 100 * 1024, # 100 MBit/s
45 64 * 1024,
46 50 * 1024,
47 25 * 1024,
48 20 * 1024,
49 16 * 1024,
50 10 * 1024,
51 8 * 1024,
52 4 * 1024,
53 2 * 1024,
54 1024 # 1 MBit/s
55 );
56 my @accounting_periods = ('daily', 'weekly', 'monthly');
57
58 my $TOR_CONTROL_PORT = 9051;
59
60 my $string=();
61 my $memory=();
62 my @memory=();
63 my @pid=();
64 my @tor=();
65 sub daemonstats
66 {
67 $memory = 0;
68 # for pid and memory
69 open(FILE, '/usr/local/bin/addonctrl tor status | ');
70 @tor = <FILE>;
71 close(FILE);
72 $string = join("", @tor);
73 $string =~ s/[a-z_]//gi;
74 $string =~ s/\[[0-1]\;[0-9]+//gi;
75 $string =~ s/[\(\)\.]//gi;
76 $string =~ s/ //gi;
77 $string =~ s/\e//gi;
78 @pid = split(/\s/,$string);
79 if (open(FILE, "/proc/$pid[0]/statm")){
80 my $temp = <FILE>;
81 @memory = split(/ /,$temp);
82 close(FILE);
83 }
84 $memory+=$memory[0];
85 }
86 daemonstats();
87
88 our %netsettings = ();
89 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
90
91 our %color = ();
92 our %mainsettings = ();
93 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
94 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
95
96 our %settings = ();
97
98 $settings{'TOR_ENABLED'} = 'off';
99 $settings{'TOR_SOCKS_PORT'} = 9050;
100 $settings{'TOR_EXIT_COUNTRY'} = '';
101 $settings{'TOR_USE_EXIT_NODES'} = '';
102 $settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}";
103 if (&Header::blue_used()) {
104 $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}";
105 }
106
107 $settings{'TOR_RELAY_ENABLED'} = 'off';
108 $settings{'TOR_RELAY_MODE'} = 'relay';
109 $settings{'TOR_RELAY_ADDRESS'} = '';
110 $settings{'TOR_RELAY_PORT'} = 9001;
111 $settings{'TOR_RELAY_DIRPORT'} = 0;
112 $settings{'TOR_RELAY_NICKNAME'} = '';
113 $settings{'TOR_RELAY_CONTACT_INFO'} = '';
114 $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0;
115 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
116 $settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0;
117 $settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily';
118
119 $settings{'ACTION'} = '';
120
121 my $errormessage = '';
122 my $warnmessage = '';
123
124 &Header::showhttpheaders();
125
126 # Get GUI values.
127 &Header::getcgihash(\%settings);
128
129 # Create tor command connection.
130 our $torctrl = &TorConnect();
131
132 # Toggle enable/disable field.
133 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
134 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
135 if ($settings{'TOR_RELAY_NICKNAME'} !~ /^[a-zA-Z0-9]+$/) {
136 $errormessage = "$Lang::tr{'tor errmsg invalid relay name'}: $settings{'TOR_RELAY_NICKNAME'}";
137 }
138 }
139
140 if (!&General::validport($settings{'TOR_SOCKS_PORT'})) {
141 $errormessage = "$Lang::tr{'tor errmsg invalid socks port'}: $settings{'TOR_SOCKS_PORT'}";
142 }
143
144 if (!&General::validport($settings{'TOR_RELAY_PORT'})) {
145 $errormessage = "$Lang::tr{'tor errmsg invalid relay port'}: $settings{'TOR_RELAY_PORT'}";
146 }
147 if ($settings{'TOR_RELAY_DIRPORT'} ne '0') {
148 if (!&General::validport($settings{'TOR_RELAY_DIRPORT'})) {
149 $errormessage = "$Lang::tr{'tor errmsg invalid directory port'}: $settings{'TOR_RELAY_DIRPORT'}";
150 }
151 }
152
153 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
154 if ((!&General::validfqdn($settings{'TOR_RELAY_ADDRESS'})) && (!&General::validip($settings{'TOR_RELAY_ADDRESS'}))) {
155 $errormessage = "$Lang::tr{'tor errmsg invalid relay address'}: $settings{'TOR_RELAY_ADDRESS'}";
156 }
157 }
158
159 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} !~ /^\d+$/) {
160 $errormessage = "$Lang::tr{'tor errmsg invalid accounting limit'}: $settings{'TOR_RELAY_ACCOUNTING_LIMIT'}";
161 }
162
163 my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'});
164 $settings{'TOR_ALLOWED_SUBNETS'} = "";
165 foreach (@temp) {
166 s/^\s+//g; s/\s+$//g;
167 if ($_) {
168 unless (&General::validipandmask($_)) {
169 $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_";
170 }
171 $settings{'TOR_ALLOWED_SUBNETS'} .= $_.",";
172 }
173 }
174
175 @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'});
176 $settings{'TOR_USE_EXIT_NODES'} = "";
177 foreach (@temp) {
178 s/^\s+//g; s/\s+$//g;
179 if ($_) {
180 $settings{'TOR_USE_EXIT_NODES'} .= $_.",";
181 }
182 }
183
184 # Burst bandwidth must be less or equal to bandwidth rate.
185 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} == 0) {
186 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
187
188 } elsif ($settings{'TOR_RELAY_BANDWIDTH_BURST'} < $settings{'TOR_RELAY_BANDWIDTH_RATE'}) {
189 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = $settings{'TOR_RELAY_BANDWIDTH_RATE'};
190 }
191
192 if ($errormessage eq '') {
193 # Write configuration settings to file.
194 &General::writehash("${General::swroot}/tor/settings", \%settings);
195
196 # Update configuration files.
197 &BuildConfiguration();
198 }
199 } else {
200 # Load settings from file.
201 &General::readhash("${General::swroot}/tor/settings", \%settings);
202 }
203
204 &showMainBox();
205
206 # Close Tor control connection.
207 &TorClose($torctrl);
208
209 # Functions
210
211 sub showMainBox() {
212 my %checked = ();
213 my %selected = ();
214
215 $checked{'TOR_ENABLED'}{'on'} = '';
216 $checked{'TOR_ENABLED'}{'off'} = '';
217 $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked';
218
219 $checked{'TOR_RELAY_ENABLED'}{'on'} = '';
220 $checked{'TOR_RELAY_ENABLED'}{'off'} = '';
221 $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked';
222
223 &Header::openpage($Lang::tr{'tor configuration'}, 1, '');
224 &Header::openbigbox('100%', 'left', '', $errormessage);
225
226 if ($errormessage) {
227 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
228 print "<font class='base'>$errormessage&nbsp;</font>\n";
229 &Header::closebox();
230 }
231
232 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
233
234 &Header::openbox('100%', 'center', $Lang::tr{'tor'});
235
236
237 if ( ($memory != 0) && (@pid[0] ne "///") ){
238 print "<table width='95%' cellspacing='0' class='tbl'>";
239 print "<tr><th bgcolor='$color{'color20'}' colspan='3' align='left'><strong>$Lang::tr{'tor service'}</strong></th></tr>";
240 print "<tr><td class='base'>$Lang::tr{'tor daemon'}</td>";
241 print "<td align='center' colspan='2' width='75%' bgcolor='${Header::colourgreen}'><font color='white'><strong>$Lang::tr{'running'}</strong></font></td></tr>";
242 print "<tr><td class='base'></td>";
243 print "<td bgcolor='$color{'color20'}' align='center'><strong>PID</strong></td>";
244 print "<td bgcolor='$color{'color20'}' align='center'><strong>$Lang::tr{'memory'}</strong></td></tr>";
245 print "<tr><td class='base'></td>";
246 print "<td bgcolor='$color{'color22'}' align='center'>@pid[0]</td>";
247 print "<td bgcolor='$color{'color22'}' align='center'>$memory KB</td></tr>";
248 print "</table>";
249 } else {
250 print "<table width='95%' cellspacing='0' class='tbl'>";
251 print "<tr><th bgcolor='$color{'color20'}' colspan='3' align='left'><strong>$Lang::tr{'tor service'}</strong></th></tr>";
252 print "<tr><td class='base'>$Lang::tr{'tor daemon'}</td>";
253 print "<td align='center' width='75%' bgcolor='${Header::colourred}'><font color='white'><strong>$Lang::tr{'stopped'}</strong></font></td></tr>";
254 print "</table>";
255 }
256
257 &Header::closebox();
258
259 &Header::openbox('100%', 'center', $Lang::tr{'tor configuration'});
260
261 print <<END;
262 <table width='95%'>
263 <tr>
264 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor common settings'}</b></td>
265 </tr>
266 <tr>
267 <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td>
268 <td width='30%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td>
269 <td width='25%' class='base'>$Lang::tr{'tor socks port'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
270 <td width='20%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td>
271 </tr>
272 <tr>
273 <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td>
274 <td width='30%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td>
275 <td width='25%' class='base'></td>
276 <td width='20%'></td>
277 </tr>
278 </table>
279 END
280
281 my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
282 $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp);
283
284 @temp = split(",", $settings{'TOR_USE_EXIT_NODES'});
285 $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp);
286
287 print <<END;
288 <br>
289 <br>
290
291 <table width='95%'>
292 <tr>
293 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor acls'}</b></td>
294 </tr>
295 <tr>
296 <td colspan='2' class='base' width='55%'>
297 $Lang::tr{'tor allowed subnets'}:
298 </td>
299 <td colspan='2' width='45%'></td>
300 </tr>
301 <tr>
302 <td colspan='2' class='base' width='55%'>
303 <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea>
304 </td>
305 <td colspan='2' width='45%'></td>
306 </tr>
307 </table>
308
309 <br>
310 <br>
311
312 <table width='95%'>
313 <tr>
314 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor exit nodes'}</b></td>
315 </tr>
316 <tr>
317 <td colspan='2' class='base' width='55%'></td>
318 <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td>
319 </tr>
320 <tr>
321 <td width='50%' colspan='2'>
322 <select name='TOR_EXIT_COUNTRY'>
323 <option value=''>- $Lang::tr{'tor exit country any'} -</option>
324 END
325 my @country_codes = &Location::database_countries($db_handle);
326 foreach my $country_code (@country_codes) {
327 # Convert country code into upper case format.
328 $country_code = uc($country_code);
329
330 # Get country name.
331 my $country_name = &Location::Functions::get_full_country_name($country_code);
332
333 print "<option value='$country_code'";
334
335 if ($settings{'TOR_EXIT_COUNTRY'} eq $country_code) {
336 print " selected";
337 }
338
339 print ">$country_name ($country_code)</option>\n";
340 }
341
342 print <<END;
343 </select>
344 </td>
345 <td width='50%' colspan='2'>
346 <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea>
347 </td>
348 </tr>
349 </table>
350 END
351
352 &Header::closebox();
353
354 # Tor relay box
355 $selected{'TOR_RELAY_MODE'}{'bridge'} = '';
356 $selected{'TOR_RELAY_MODE'}{'exit'} = '';
357 $selected{'TOR_RELAY_MODE'}{'private-bridge'} = '';
358 $selected{'TOR_RELAY_MODE'}{'relay'} = '';
359 $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected';
360
361 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = '';
362 foreach (@bandwidth_limits) {
363 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = '';
364 }
365 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected';
366
367 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = '';
368 foreach (@bandwidth_limits) {
369 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = '';
370 }
371 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected';
372
373 foreach (@accounting_periods) {
374 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = '';
375 }
376 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected';
377
378 &Header::openbox('100%', 'center', $Lang::tr{'tor relay configuration'});
379
380 print <<END;
381 <table width='95%'>
382 <tr>
383 <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td>
384 <td width='30%'>
385 <select name='TOR_RELAY_MODE'>
386 <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option>
387 <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option>
388 <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option>
389 <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option>
390 </select>
391 </td>
392 <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}:</td>
393 <td width='20%'>
394 <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' maxlength='19' />
395 </td>
396 </tr>
397 <tr>
398 <td width='25%' class='base'>$Lang::tr{'tor relay address'}:</td>
399 <td width='30%'>
400 <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' />
401 </td>
402 <td width='25%' class='base'>$Lang::tr{'tor relay port'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
403 <td width='20%'>
404 <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' />
405 </td>
406 </tr>
407 <tr>
408 <td width='25%'>&nbsp;</td>
409 <td width='30%'>&nbsp;</td>
410 <td width='25%' class='base'>$Lang::tr{'tor directory port'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
411 <td width='20%'>
412 <input type='text' name='TOR_RELAY_DIRPORT' value='$settings{'TOR_RELAY_DIRPORT'}' size='5' />&nbsp;$Lang::tr{'tor 0 = disabled'}
413 </td>
414 </tr>
415 <tr>
416 <td width='25%' class='base'>$Lang::tr{'tor contact info'}:</td>
417 <td width='75%' colspan='3'>
418 <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' style='width: 98%;' />
419 </td>
420 </tr>
421 </table>
422
423 <br>
424
425 <table width='95%'>
426 <tr>
427 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor bandwidth settings'}</b></td>
428 </tr>
429 <tr>
430 <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td>
431 <td width='30%' class='base'>
432 <select name='TOR_RELAY_BANDWIDTH_RATE'>
433 END
434
435 foreach (@bandwidth_limits) {
436 if ($_ >= 1024) {
437 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." Mbit/s</option>\n";
438 } else {
439 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kbit/s</option>\n";
440 }
441 }
442
443 print <<END;
444 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
445 </select>
446 </td>
447 <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
448 <td width='20%'>
449 <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' />
450 </td>
451 </tr>
452 <tr>
453 <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td>
454 <td width='20%' class='base'>
455 <select name='TOR_RELAY_BANDWIDTH_BURST'>
456 END
457
458 foreach (@bandwidth_limits) {
459 if ($_ >= 1024) {
460 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." Mbit/s</option>\n";
461 } else {
462 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kbit/s</option>\n";
463 }
464 }
465 print <<END;
466 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
467 </select>
468 </td>
469 <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td>
470 <td width='20%'>
471 <select name='TOR_RELAY_ACCOUNTING_PERIOD'>
472 END
473
474 foreach (@accounting_periods) {
475 print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>";
476 }
477
478 print <<END;
479 </select>
480 </td>
481 </tr>
482 </table>
483 END
484
485 &Header::closebox();
486
487 print <<END;
488 <table width='95%'>
489 <tr>
490 <td><img src='/blob.gif' align='top' alt='*' />&nbsp;<font class='base'>$Lang::tr{'required field'}</font></td>
491 <td align='right'>&nbsp;</td>
492 </tr>
493 </table>
494
495 <hr>
496
497 <table width='95%'>
498 <tr>
499 <td>&nbsp;</td>
500 <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
501 <td>&nbsp;</td>
502 </tr>
503 </table>
504 END
505
506 # If we have a control connection, show the stats.
507 if ($torctrl) {
508 &Header::openbox('100%', 'center', $Lang::tr{'tor stats'});
509
510 my @traffic = &TorTrafficStats($torctrl);
511
512 if (@traffic) {
513 print <<END;
514 <table width='95%'>
515 END
516
517 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
518 my $fingerprint = &TorRelayFingerprint($torctrl);
519 if ($fingerprint) {
520 print <<END;
521 <tr>
522 <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td>
523 <td width='60%'>
524 <a href='https://metrics.torproject.org/rs.html#details/$fingerprint' target='_blank'>$fingerprint</a>
525 </td>
526 </tr>
527 END
528 }
529 }
530
531 my $address = TorGetInfo($torctrl, "address");
532 if ($address) {
533 print <<END;
534 <tr>
535 <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td>
536 <td width='60%'>$address</td>
537 </tr>
538 END
539 }
540
541 print <<END;
542 <tr>
543 <td width='40%'>$Lang::tr{'tor traffic read written'}:</td>
544 END
545 print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>";
546 print <<END;
547 </tr>
548 </table>
549 END
550 }
551
552 my $accounting = &TorAccountingStats($torctrl);
553 if ($accounting) {
554 print <<END;
555 <table width='95%'>
556 <tr>
557 <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td>
558 </tr>
559 END
560
561 if ($accounting->{'hibernating'} eq "hard") {
562 print <<END;
563 <tr>
564 <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'>
565 <font color='white'>$Lang::tr{'tor traffic limit hard'}</font>
566 </td>
567 </tr>
568 END
569 } elsif ($accounting->{'hibernating'} eq "soft") {
570 print <<END;
571 <tr>
572 <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'>
573 <font color='white'>$Lang::tr{'tor traffic limit soft'}</font>
574 </td>
575 </tr>
576 END
577 }
578
579 print <<END;
580 <tr>
581 <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td>
582 <td width='60%'>
583 $accounting->{'interval-start'} - $accounting->{'interval-end'}
584 </td>
585 </tr>
586 <tr>
587 <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td>
588 <td width='60%'>
589 END
590
591 print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'});
592 print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'});
593 print " $Lang::tr{'tor accounting bytes left'})";
594
595 print <<END;
596 </td>
597 </tr>
598 </table>
599 END
600 }
601
602 my @nodes = &TorORConnStatus($torctrl);
603 if (@nodes) {
604 my $nodes_length = scalar @nodes;
605 print <<END;
606 <table width='95%'>
607 <tr>
608 <td width='40%' class='base'><b>$Lang::tr{'tor connected relays'}</b></td>
609 <td width='60%' colspan='2'>($nodes_length)</td>
610 </tr>
611 END
612
613 foreach my $node (@nodes) {
614 print <<END;
615 <tr>
616 <td width='40%'>
617 <a href='https://metrics.torproject.org/rs.html#details/$node->{'fingerprint'}' target='_blank'>
618 $node->{'name'}
619 </a>
620 </td>
621 <td width='30%'>
622 END
623
624 if (exists($node->{'country_code'})) {
625 # Get the flag icon of the country.
626 my $flag_icon = &Location::Functions::get_flag_icon($node->{'country_code'});
627
628 # Check if a flag for the given country is available.
629 if ($flag_icon) {
630 print "<a href='country.cgi#$node->{'country_code'}'><img src='$flag_icon' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>";
631 } else {
632 print "<img src='/images/flags/blank.png' border='0' align='absmiddle'/>";
633 }
634 }
635
636 print <<END;
637 <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'}
638 </td>
639 <td width='30%' align='right'>
640 ~$node->{'bandwidth_string'}
641 </td>
642 </tr>
643 END
644 }
645 print "</table>";
646 }
647
648 &Header::closebox();
649 }
650
651 print "</form>\n";
652
653 &Header::closebigbox();
654 &Header::closepage();
655 }
656
657 sub BuildConfiguration() {
658 my %settings = ();
659 &General::readhash("${General::swroot}/tor/settings", \%settings);
660
661 my $torrc = "${General::swroot}/tor/torrc";
662
663 open(FILE, ">$torrc");
664
665 # Global settings.
666 print FILE "ControlPort $TOR_CONTROL_PORT\n";
667
668 if ($settings{'TOR_ENABLED'} eq 'on') {
669 my $strict_nodes = 0;
670
671 print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n";
672
673 my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
674 foreach (@subnets) {
675 print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_));
676 }
677 print FILE "SocksPolicy reject *\n" if (@subnets);
678
679 if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
680 $strict_nodes = 1;
681
682 print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n";
683 }
684
685 if ($settings{'TOR_USE_EXIT_NODES'} ne '') {
686 $strict_nodes = 1;
687
688 my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'});
689 foreach (@nodes) {
690 print FILE "ExitNode $_\n";
691 }
692 }
693
694 if ($strict_nodes > 0) {
695 print FILE "StrictNodes 1\n";
696 }
697 }
698
699 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
700 # Reject access to private networks.
701 print FILE "ExitPolicyRejectPrivate 1\n";
702
703 print FILE "ORPort $settings{'TOR_RELAY_PORT'}\n";
704
705 if ($settings{'TOR_RELAY_DIRPORT'} ne '0') {
706 print FILE "DirPort $settings{'TOR_RELAY_DIRPORT'}\n";
707 }
708
709 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
710 print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n";
711 }
712
713 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
714 print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n";
715 }
716
717 if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') {
718 print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n";
719 }
720
721 # Limit to bridge mode.
722 my $is_bridge = 0;
723
724 if ($settings{'TOR_RELAY_MODE'} eq 'bridge') {
725 $is_bridge++;
726
727 # Private bridge.
728 } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') {
729 $is_bridge++;
730
731 print FILE "PublishServerDescriptor 0\n";
732
733 # Exit node.
734 } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') {
735 print FILE "ExitPolicy accept *:*\n";
736
737 # Relay only.
738 } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') {
739 print FILE "ExitPolicy reject *:*\n";
740 }
741
742 if ($is_bridge > 0) {
743 print FILE "BridgeRelay 1\n";
744 print FILE "Exitpolicy reject *:*\n";
745 }
746
747 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) {
748 print FILE "RelayBandwidthRate ";
749 print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8;
750 print FILE " KB\n";
751
752 if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) {
753 print FILE "RelayBandwidthBurst ";
754 print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8;
755 print FILE " KB\n";
756 }
757 }
758
759 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) {
760 print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n";
761
762 if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') {
763 print FILE "AccountingStart day 00:00\n";
764 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') {
765 print FILE "AccountingStart week 1 00:00\n";
766 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') {
767 print FILE "AccountingStart month 1 00:00\n";
768 }
769 }
770 }
771
772 close(FILE);
773
774 # Restart the service.
775 if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) {
776 system("/usr/local/bin/torctrl restart &>/dev/null");
777 } else {
778 system("/usr/local/bin/torctrl stop &>/dev/null");
779 }
780 # Update pid and memory
781 daemonstats();
782 }
783
784 sub TorConnect() {
785 my $socket = new IO::Socket::INET(
786 Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT,
787 ) or return;
788
789 $socket->autoflush(1);
790
791 # Authenticate.
792 &TorSendCommand($socket, "AUTHENTICATE");
793
794 return $socket;
795 }
796
797 sub TorSendCommand() {
798 my ($socket, $cmd) = @_;
799
800 # Replace line ending with \r\n.
801 chomp $cmd;
802 $cmd .= "\r\n";
803
804 $socket->send($cmd);
805
806 my @output = ();
807 while (my $line = <$socket>) {
808 # Skip empty lines.
809 if ($line =~ /^.\r\n$/) {
810 next;
811 }
812
813 # Command has been successfully executed.
814 if ($line =~ /250 OK/) {
815 last;
816
817 # Error.
818 } elsif ($line =~ /^5\d+/) {
819 last;
820
821 } else {
822 # Remove line endings.
823 $line =~ s/\r\n$//;
824
825 push(@output, $line);
826 }
827 }
828
829 return @output;
830 }
831
832 sub TorSendCommandOneLine() {
833 my ($tor, $cmd) = @_;
834
835 my @output = &TorSendCommand($tor, $cmd);
836 return $output[0];
837 }
838
839 sub TorGetInfo() {
840 my ($tor, $cmd) = @_;
841
842 my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd);
843
844 my ($key, $value) = split("=", $output);
845 return $value;
846 }
847
848 sub TorClose() {
849 my $socket = shift;
850
851 if ($socket) {
852 $socket->shutdown(2);
853 }
854 }
855
856 sub TorTrafficStats() {
857 my $tor = shift;
858
859 my $output_read = &TorGetInfo($tor, "traffic/read");
860 my $output_written = &TorGetInfo($tor, "traffic/written");
861
862 return ($output_read, $output_written);
863 }
864
865 sub TorRelayFingerprint() {
866 my $tor = shift;
867
868 return &TorGetInfo($tor, "fingerprint");
869 }
870
871 sub TorORConnStatus() {
872 my $tor = shift;
873 my @nodes = ();
874
875 my @output = &TorSendCommand($tor, "GETINFO orconn-status");
876 foreach (@output) {
877 $_ =~ s/^250[\+-]orconn-status=//;
878 next if ($_ eq "");
879 last if ($_ eq ".");
880 next unless ($_ =~ /^\$/);
881
882 my @line = split(" ", $_);
883 my @node = split(/[=~]/, $line[0]);
884
885 my $node = &TorNodeDescription($tor, $node[0]);
886 if ($node) {
887 push(@nodes, $node);
888 }
889 }
890
891 # Sort by names.
892 @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes;
893
894 return @nodes;
895 }
896
897 sub TorNodeDescription() {
898 my ($tor, $fingerprint) = @_;
899 $fingerprint =~ s/\$//;
900
901 my $node = {
902 fingerprint => $fingerprint,
903 exit_node => 0,
904 };
905
906 my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}");
907
908 foreach (@output) {
909 # Router
910 if ($_ =~ /^r (\w+) (.*) (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (\d+)/) {
911 $node->{'name'} = $1;
912 $node->{'address'} = $3;
913 $node->{'port'} = $4;
914
915 my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}");
916 $node->{'country_code'} = $country_code;
917
918 # Flags
919 } elsif ($_ =~ /^s (.*)$/) {
920 $node->{'flags'} = split(" ", $1);
921
922 foreach my $flag ($node->{'flags'}) {
923 if ($flag eq "Exit") {
924 $node->{'exit_node'}++;
925 }
926 }
927
928 # Bandwidth
929 } elsif ($_ =~ /^w Bandwidth=(\d+)/) {
930 $node->{'bandwidth'} = $1 * 8;
931 $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'});
932 }
933 }
934
935 if (exists($node->{'name'})) {
936 return $node;
937 }
938 }
939
940 sub TorAccountingStats() {
941 my $tor = shift;
942 my $ret = {};
943
944 my $enabled = &TorGetInfo($tor, "accounting/enabled");
945 if ($enabled ne '1') {
946 return;
947 }
948
949 my @cmds = ("hibernating", "interval-start", "interval-end");
950 foreach (@cmds) {
951 $ret->{$_} = &TorGetInfo($tor, "accounting/$_");
952 }
953
954 my @cmds = ("bytes", "bytes-left");
955 foreach (@cmds) {
956 my $output = &TorGetInfo($tor, "accounting/$_");
957 my @bytes = split(" ", $output);
958
959 $ret->{$_."_read"} = $bytes[0];
960 $ret->{$_."_written"} = $bytes[1];
961 }
962
963 return $ret;
964 }
965
966 sub FormatBytes() {
967 my $bytes = shift;
968
969 my @units = ("B", "KB", "MB", "GB", "TB");
970 my $units_index = 0;
971
972 while (($units_index <= $#units) && ($bytes >= 1024)) {
973 $units_index++;
974 $bytes /= 1024;
975 }
976
977 return sprintf("%.2f %s", $bytes, $units[$units_index]);
978 }
979
980 sub FormatBitsPerSecond() {
981 my $bits = shift;
982
983 my @units = ("bit/s", "kbit/s", "Mbit/s", "Gbit/s", "Tbit/s");
984 my $units_index = 0;
985
986 while (($units_index <= $#units) && ($bits >= 1024)) {
987 $units_index++;
988 $bits /= 1024;
989 }
990
991 return sprintf("%.2f %s", $bits, $units[$units_index]);
992 }
IPFire 2.x development tree