Merge remote-tracking branch 'origin/next' into fifteen

[people/pmueller/ipfire-2.x.git] / src / initscripts / init.d / tor

diff --git a/src/initscripts/init.d/tor b/src/initscripts/init.d/tor
index d3761782410c9aed93cb8d3c0b910723553503cf..551538e2f65318111332a278bf70c0749ad44c87 100644 (file)
--- a/src/initscripts/init.d/tor
+++ b/src/initscripts/init.d/tor
@@ -9,15 +9,25 @@
 . /etc/sysconfig/rc
 . ${rc_functions}
 
-function setup_firewall() {
-       eval $(readhash /var/ipfire/tor/settings)
+FILEDESCRIPTORS="65535"
+
+eval $(/usr/local/bin/readhash /var/ipfire/tor/settings)
 
+function tor_is_enabled() {
+       [ "${TOR_ENABLED}" = "on" ] || [ "${TOR_RELAY_ENABLED}" = "on" ]
+}
+
+function setup_firewall() {
        # Flush all rules.
        flush_firewall
 
        if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_PORT}" ]; then
                iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_PORT}" -j ACCEPT
        fi
+
+       if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_DIRPORT}" ] && [ "${TOR_RELAY_DIRPORT}" -ne 0 ]; then
+               iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_DIRPORT}" -j ACCEPT
+       fi
 }
 
 function flush_firewall() {
@@ -27,9 +37,16 @@ function flush_firewall() {
 
 case "${1}" in
        start)
+               tor_is_enabled || exit 0
+
                # Setup firewall.
                setup_firewall
 
+               # Increasing open file descriptors.
+               if [ -n "${FILEDESCRIPTORS}" ]; then
+                       ulimit -n "${FILEDESCRIPTORS}"
+               fi
+
                boot_mesg "Starting tor..."
                loadproc /usr/bin/tor \
                        --runasdaemon 1 \