src/initscripts/packages/tor

   1 #!/bin/sh
   2 ########################################################################
   3 # Begin $rc_base/init.d/tor
   4 #
   5 # Description : Anonymizing overlay network for TCP
   6 #
   7 ########################################################################
   8
   9 . /etc/sysconfig/rc
  10 . ${rc_functions}
  11
  12 FILEDESCRIPTORS="65535"
  13
  14 eval $(/usr/local/bin/readhash /var/ipfire/tor/settings)
  15
  16 function tor_is_enabled() {
  17         [ "${TOR_ENABLED}" = "on" ] || [ "${TOR_RELAY_ENABLED}" = "on" ]
  18 }
  19
  20 function setup_firewall() {
  21         # Flush all rules.
  22         flush_firewall
  23
  24         # Allow incoming traffic to Tor relay (and directory) port and
  25         # all outgoing TCP connections from Tor user.
  26         if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_PORT}" ]; then
  27                 iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_PORT}" -j ACCEPT
  28                 iptables -A TOR_OUTPUT -p tcp -m owner --uid-owner tor -j ACCEPT
  29         fi
  30
  31         if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_DIRPORT}" ] && [ "${TOR_RELAY_DIRPORT}" -ne 0 ]; then
  32                 iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_DIRPORT}" -j ACCEPT
  33         fi
  34 }
  35
  36 function flush_firewall() {
  37         # Flush all rules.
  38         iptables -F TOR_INPUT
  39         iptables -F TOR_OUTPUT
  40 }
  41
  42 case "${1}" in
  43         start)
  44                 tor_is_enabled || exit 0
  45
  46                 # Setup firewall.
  47                 setup_firewall
  48
  49                 # Increasing open file descriptors.
  50                 if [ -n "${FILEDESCRIPTORS}" ]; then
  51                         ulimit -n "${FILEDESCRIPTORS}"
  52                 fi
  53
  54                 boot_mesg "Starting tor..."
  55                 loadproc /usr/bin/tor \
  56                         --runasdaemon 1 \
  57                         --defaults-torrc /usr/share/tor/defaults-torrc \
  58                         -f /etc/tor/torrc \
  59                         --quiet
  60                 ;;
  61
  62         stop)
  63                 # Flush firewall.
  64                 flush_firewall
  65
  66                 boot_mesg "Stopping tor..."
  67                 killproc /usr/bin/tor
  68                 ;;
  69
  70         reload)
  71                 # Setup firewall.
  72                 setup_firewall
  73
  74                 boot_mesg "Reloading tor..."
  75                 reloadproc /usr/bin/tor
  76                 ;;
  77
  78         restart)
  79                 ${0} stop
  80                 sleep 1
  81                 ${0} start
  82                 ;;
  83
  84         reload-or-restart)
  85                 # Reload the process if it is already running. Otherwise, restart.
  86                 if pidofproc -s /usr/bin/tor; then
  87                         $0 reload
  88                 else
  89                         $0 restart
  90                 fi
  91                 ;;
  92
  93         status)
  94                 statusproc /usr/bin/tor
  95                 ;;
  96
  97         *)
  98                 echo "Usage: ${0} {start|stop|reload|restart|reload-or-restart|status}"
  99                 exit 1
 100                 ;;
 101 esac
 102
 103 # End $rc_base/init.d/tor