]>
Commit | Line | Data |
---|---|---|
13b5ce6e MT |
1 | #!/usr/bin/perl |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2013 IPFire Team <info@ipfire.org> # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | use strict; | |
23 | use Locale::Country; | |
24 | ||
25 | # enable only the following on debugging purpose | |
26 | use warnings; | |
27 | use CGI::Carp 'fatalsToBrowser'; | |
28 | ||
29 | require '/var/ipfire/general-functions.pl'; | |
30 | require "${General::swroot}/lang.pl"; | |
31 | require "${General::swroot}/header.pl"; | |
32 | ||
33 | #workaround to suppress a warning when a variable is used only once | |
34 | my @dummy = ( ${Header::colouryellow} ); | |
35 | undef (@dummy); | |
36 | ||
37 | my @bandwidth_limits = ( | |
38 | 1000 * 1024, # 1G | |
39 | 500 * 1024, | |
40 | 200 * 1024, | |
41 | 100 * 1024, # 100M | |
42 | 64 * 1024, | |
43 | 50 * 1024, | |
44 | 25 * 1024, | |
45 | 20 * 1024, | |
46 | 16 * 1024, | |
47 | 10 * 1024, | |
48 | 8 * 1024, | |
49 | 4 * 1024, | |
50 | 2 * 1024, | |
51 | 1024, # 1M | |
52 | 512, | |
53 | 256, | |
6eb9c49d | 54 | 160 |
13b5ce6e MT |
55 | ); |
56 | my @accounting_periods = ('daily', 'weekly', 'monthly'); | |
57 | ||
58 | my $TOR_CONTROL_PORT = 9051; | |
59 | ||
60 | our %netsettings = (); | |
61 | &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); | |
62 | ||
63 | our %settings = (); | |
64 | ||
65 | $settings{'TOR_ENABLED'} = 'off'; | |
66 | $settings{'TOR_SOCKS_PORT'} = 9050; | |
67 | $settings{'TOR_EXIT_COUNTRY'} = ''; | |
68 | $settings{'TOR_USE_EXIT_NODES'} = ''; | |
69 | $settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}"; | |
70 | if (&Header::blue_used()) { | |
71 | $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}"; | |
72 | } | |
73 | ||
74 | $settings{'TOR_RELAY_ENABLED'} = 'off'; | |
75 | $settings{'TOR_RELAY_MODE'} = 'exit'; | |
bd8b0330 | 76 | $settings{'TOR_RELAY_ADDRESS'} = ''; |
13b5ce6e | 77 | $settings{'TOR_RELAY_PORT'} = 9001; |
b0449403 MT |
78 | $settings{'TOR_RELAY_NICKNAME'} = ''; |
79 | $settings{'TOR_RELAY_CONTACT_INFO'} = ''; | |
13b5ce6e MT |
80 | $settings{'TOR_RELAY_NOADVERTISE'} = 'off'; |
81 | $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0; | |
82 | $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0; | |
83 | $settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0; | |
84 | $settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily'; | |
85 | ||
86 | $settings{'ACTION'} = ''; | |
87 | ||
88 | my $errormessage = ''; | |
89 | my $warnmessage = ''; | |
90 | ||
91 | &Header::showhttpheaders(); | |
92 | ||
13b5ce6e MT |
93 | # Get GUI values. |
94 | &Header::getcgihash(\%settings); | |
95 | ||
96 | # Create tor command connection. | |
97 | our $torctrl = &TorConnect(); | |
98 | ||
99 | # Toggle enable/disable field. | |
100 | if ($settings{'ACTION'} eq $Lang::tr{'save'}) { | |
a03547fe MT |
101 | if ($settings{'TOR_RELAY_NICKNAME'} ne '') { |
102 | if ($settings{'TOR_RELAY_NICKNAME'} !~ /^[a-zA-Z0-9]+$/) { | |
103 | $errormessage = "$Lang::tr{'tor errmsg invalid relay name'}: $settings{'TOR_RELAY_NICKNAME'}"; | |
104 | } | |
b0449403 MT |
105 | } |
106 | ||
818f47d0 MT |
107 | if (!&General::validport($settings{'TOR_SOCKS_PORT'})) { |
108 | $errormessage = "$Lang::tr{'tor errmsg invalid socks port'}: $settings{'TOR_SOCKS_PORT'}"; | |
109 | } | |
110 | ||
111 | if (!&General::validport($settings{'TOR_RELAY_PORT'})) { | |
112 | $errormessage = "$Lang::tr{'tor errmsg invalid relay port'}: $settings{'TOR_RELAY_PORT'}"; | |
113 | } | |
114 | ||
bd8b0330 MT |
115 | if ($settings{'TOR_RELAY_ADDRESS'} ne '') { |
116 | if ((!&General::validfqdn($settings{'TOR_RELAY_ADDRESS'})) && (!&General::validip($settings{'TOR_RELAY_ADDRESS'}))) { | |
117 | $errormessage = "$Lang::tr{'tor errmsg invalid relay address'}: $settings{'TOR_RELAY_ADDRESS'}"; | |
118 | } | |
119 | } | |
120 | ||
56bf9f21 MT |
121 | if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} !~ /^\d+$/) { |
122 | $errormessage = "$Lang::tr{'tor errmsg invalid accounting limit'}: $settings{'TOR_RELAY_ACCOUNTING_LIMIT'}"; | |
123 | } | |
124 | ||
13b5ce6e MT |
125 | my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'}); |
126 | $settings{'TOR_ALLOWED_SUBNETS'} = ""; | |
127 | foreach (@temp) { | |
128 | s/^\s+//g; s/\s+$//g; | |
129 | if ($_) { | |
130 | unless (&General::validipandmask($_)) { | |
131 | $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_"; | |
132 | } | |
133 | $settings{'TOR_ALLOWED_SUBNETS'} .= $_.","; | |
134 | } | |
135 | } | |
136 | ||
137 | @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'}); | |
138 | $settings{'TOR_USE_EXIT_NODES'} = ""; | |
139 | foreach (@temp) { | |
140 | s/^\s+//g; s/\s+$//g; | |
141 | if ($_) { | |
142 | $settings{'TOR_USE_EXIT_NODES'} .= $_.","; | |
143 | } | |
144 | } | |
145 | ||
3308f8d0 MT |
146 | # Burst bandwidth must be less or equal to bandwidth rate. |
147 | if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} == 0) { | |
148 | $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0; | |
149 | ||
150 | } elsif ($settings{'TOR_RELAY_BANDWIDTH_BURST'} < $settings{'TOR_RELAY_BANDWIDTH_RATE'}) { | |
151 | $settings{'TOR_RELAY_BANDWIDTH_BURST'} = $settings{'TOR_RELAY_BANDWIDTH_RATE'}; | |
152 | } | |
153 | ||
13b5ce6e MT |
154 | if ($errormessage eq '') { |
155 | # Write configuration settings to file. | |
156 | &General::writehash("${General::swroot}/tor/settings", \%settings); | |
157 | ||
158 | # Update configuration files. | |
159 | &BuildConfiguration(); | |
160 | } | |
b0449403 MT |
161 | } else { |
162 | # Load settings from file. | |
163 | &General::readhash("${General::swroot}/tor/settings", \%settings); | |
13b5ce6e MT |
164 | } |
165 | ||
166 | &showMainBox(); | |
167 | ||
168 | # Close Tor control connection. | |
169 | &TorClose($torctrl); | |
170 | ||
171 | # Functions | |
172 | ||
173 | sub showMainBox() { | |
174 | my %checked = (); | |
175 | my %selected = (); | |
176 | ||
177 | $checked{'TOR_ENABLED'}{'on'} = ''; | |
178 | $checked{'TOR_ENABLED'}{'off'} = ''; | |
179 | $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked'; | |
180 | ||
181 | $checked{'TOR_RELAY_ENABLED'}{'on'} = ''; | |
182 | $checked{'TOR_RELAY_ENABLED'}{'off'} = ''; | |
183 | $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked'; | |
184 | ||
185 | &Header::openpage($Lang::tr{'tor configuration'}, 1, ''); | |
186 | &Header::openbigbox('100%', 'left', '', $errormessage); | |
187 | ||
188 | if ($errormessage) { | |
189 | &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); | |
190 | print "<font class='base'>$errormessage </font>\n"; | |
191 | &Header::closebox(); | |
192 | } | |
193 | ||
194 | print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n"; | |
195 | ||
196 | &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'}); | |
197 | ||
198 | print <<END; | |
199 | <table width='100%'> | |
200 | <tr> | |
201 | <td colspan='4' class='base'><b>$Lang::tr{'tor common settings'}</b></td> | |
202 | </tr> | |
203 | <tr> | |
204 | <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td> | |
005db206 MT |
205 | <td width='30%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td> |
206 | <td width='25%' class='base'>$Lang::tr{'tor socks port'}:</td> | |
207 | <td width='20%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td> | |
13b5ce6e MT |
208 | </tr> |
209 | <tr> | |
210 | <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td> | |
005db206 | 211 | <td width='30%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td> |
13b5ce6e | 212 | <td width='25%' class='base'></td> |
005db206 | 213 | <td width='20%'></td> |
13b5ce6e MT |
214 | </tr> |
215 | </table> | |
216 | END | |
217 | ||
a03547fe MT |
218 | my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'}); |
219 | $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp); | |
220 | ||
221 | @temp = split(",", $settings{'TOR_USE_EXIT_NODES'}); | |
222 | $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp); | |
223 | ||
224 | print <<END; | |
225 | <br> | |
226 | <hr size='1'> | |
227 | <br> | |
228 | ||
229 | <table width='100%'> | |
230 | <tr> | |
231 | <td colspan='4' class='base'><b>$Lang::tr{'tor acls'}</b></td> | |
232 | </tr> | |
233 | <tr> | |
234 | <td colspan='2' class='base' width='55%'> | |
235 | $Lang::tr{'tor allowed subnets'}: | |
236 | </td> | |
237 | <td colspan='2' width='45%'></td> | |
238 | </tr> | |
239 | <tr> | |
240 | <td colspan='2' class='base' width='55%'> | |
241 | <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea> | |
242 | </td> | |
243 | <td colspan='2' width='45%'></td> | |
244 | </tr> | |
245 | </table> | |
246 | ||
247 | <br> | |
248 | <hr size='1'> | |
249 | <br> | |
250 | ||
251 | <table width='100%'> | |
252 | <tr> | |
253 | <td colspan='4' class='base'><b>$Lang::tr{'tor exit nodes'}</b></td> | |
254 | </tr> | |
255 | <tr> | |
256 | <td colspan='2' class='base' width='55%'></td> | |
257 | <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td> | |
258 | </tr> | |
259 | <tr> | |
260 | <td width='50%' colspan='2'> | |
261 | <select name='TOR_EXIT_COUNTRY'> | |
262 | <option value=''>- $Lang::tr{'tor exit country any'} -</option> | |
13b5ce6e MT |
263 | END |
264 | ||
a03547fe MT |
265 | my @country_names = Locale::Country::all_country_names(); |
266 | foreach my $country_name (sort @country_names) { | |
267 | my $country_code = Locale::Country::country2code($country_name); | |
268 | $country_code = uc($country_code); | |
269 | print "<option value='$country_code'>$country_name ($country_code)</option>\n"; | |
270 | } | |
13b5ce6e | 271 | |
a03547fe MT |
272 | print <<END; |
273 | </select> | |
274 | </td> | |
275 | <td width='50%' colspan='2'> | |
276 | <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea> | |
277 | </td> | |
278 | </tr> | |
279 | </table> | |
280 | <br><br> | |
13b5ce6e | 281 | END |
13b5ce6e | 282 | |
005db206 MT |
283 | &Header::closebox(); |
284 | ||
a03547fe MT |
285 | # Tor relay box |
286 | $checked{'TOR_RELAY_NOADVERTISE'}{'on'} = ''; | |
287 | $checked{'TOR_RELAY_NOADVERTISE'}{'off'} = ''; | |
288 | $checked{'TOR_RELAY_NOADVERTISE'}{$settings{'TOR_RELAY_NOADVERTISE'}} = 'checked'; | |
13b5ce6e | 289 | |
a03547fe MT |
290 | $selected{'TOR_RELAY_MODE'}{'bridge'} = ''; |
291 | $selected{'TOR_RELAY_MODE'}{'exit'} = ''; | |
292 | $selected{'TOR_RELAY_MODE'}{'private-bridge'} = ''; | |
293 | $selected{'TOR_RELAY_MODE'}{'relay'} = ''; | |
294 | $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected'; | |
13b5ce6e | 295 | |
a03547fe MT |
296 | $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = ''; |
297 | foreach (@bandwidth_limits) { | |
298 | $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = ''; | |
299 | } | |
300 | $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected'; | |
13b5ce6e | 301 | |
a03547fe MT |
302 | $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = ''; |
303 | foreach (@bandwidth_limits) { | |
304 | $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = ''; | |
305 | } | |
306 | $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected'; | |
13b5ce6e | 307 | |
a03547fe MT |
308 | foreach (@accounting_periods) { |
309 | $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = ''; | |
310 | } | |
311 | $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected'; | |
312 | ||
313 | &Header::openbox('100%', 'left', $Lang::tr{'tor relay configuration'}); | |
314 | ||
315 | print <<END; | |
316 | <table width='100%'> | |
317 | <tr> | |
318 | <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td> | |
319 | <td width='30%'> | |
320 | <select name='TOR_RELAY_MODE'> | |
321 | <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option> | |
322 | <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option> | |
323 | <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option> | |
324 | <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option> | |
325 | </select> | |
326 | </td> | |
327 | <td width='25%' class='base'>$Lang::tr{'tor relay port'}:</td> | |
328 | <td width='20%'> | |
329 | <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' /> | |
330 | </td> | |
331 | </tr> | |
332 | <tr> | |
333 | <td width='25%' class='base'>$Lang::tr{'tor relay address'}: <img src='/blob.gif' alt='*' /></td> | |
334 | <td width='30%'> | |
335 | <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' /> | |
336 | </td> | |
337 | <td width='25%' class='base'>$Lang::tr{'tor do not advertise relay'}:</td> | |
338 | <td width='20%'> | |
339 | <input type='checkbox' name='TOR_RELAY_NOADVERTISE' $checked{'TOR_RELAY_NOADVERTISE'}{'on'} /> | |
340 | </td> | |
341 | </tr> | |
342 | <tr> | |
343 | <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}: <img src='/blob.gif' alt='*' /></td> | |
344 | <td width='30%'> | |
345 | <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' /> | |
346 | </td> | |
347 | <td colspan='2'></td> | |
348 | </tr> | |
349 | <tr> | |
350 | <td width='25%' class='base'>$Lang::tr{'tor contact info'}: <img src='/blob.gif' alt='*' /></td> | |
351 | <td width='75%' colspan='3'> | |
352 | <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' size='60' /> | |
353 | </td> | |
354 | </tr> | |
355 | </table> | |
356 | ||
357 | <hr size='1'> | |
358 | ||
359 | <table width='100%'> | |
360 | <tr> | |
361 | <td colspan='4' class='base'><b>$Lang::tr{'tor bandwidth settings'}</b></td> | |
362 | </tr> | |
363 | <tr> | |
364 | <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td> | |
365 | <td width='30%' class='base'> | |
366 | <select name='TOR_RELAY_BANDWIDTH_RATE'> | |
13b5ce6e MT |
367 | END |
368 | ||
a03547fe MT |
369 | foreach (@bandwidth_limits) { |
370 | if ($_ >= 1024) { | |
371 | print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." MBit/s</option>\n"; | |
372 | } else { | |
373 | print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kBit/s</option>\n"; | |
13b5ce6e | 374 | } |
a03547fe | 375 | } |
13b5ce6e | 376 | |
a03547fe MT |
377 | print <<END; |
378 | <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option> | |
379 | </select> | |
380 | </td> | |
381 | <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:</td> | |
382 | <td width='20%'> | |
383 | <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' /> | |
384 | </td> | |
385 | </tr> | |
386 | <tr> | |
387 | <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td> | |
388 | <td width='20%' class='base'> | |
389 | <select name='TOR_RELAY_BANDWIDTH_BURST'> | |
13b5ce6e MT |
390 | END |
391 | ||
a03547fe MT |
392 | foreach (@bandwidth_limits) { |
393 | if ($_ >= 1024) { | |
394 | print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." MBit/s</option>\n"; | |
395 | } else { | |
396 | print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kBit/s</option>\n"; | |
13b5ce6e | 397 | } |
a03547fe MT |
398 | } |
399 | print <<END; | |
400 | <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option> | |
401 | </select> | |
402 | </td> | |
403 | <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td> | |
404 | <td width='20%'> | |
405 | <select name='TOR_RELAY_ACCOUNTING_PERIOD'> | |
13b5ce6e MT |
406 | END |
407 | ||
a03547fe MT |
408 | foreach (@accounting_periods) { |
409 | print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>"; | |
410 | } | |
13b5ce6e | 411 | |
a03547fe MT |
412 | print <<END; |
413 | </select> | |
414 | </td> | |
415 | </tr> | |
416 | </table> | |
13b5ce6e MT |
417 | END |
418 | ||
a03547fe | 419 | &Header::closebox(); |
13b5ce6e MT |
420 | |
421 | print <<END; | |
422 | <table width='100%'> | |
423 | <tr> | |
424 | <td> | |
425 | <img src='/blob.gif' align='top' alt='*' /> <font class='base'>$Lang::tr{'this field may be blank'}</font> | |
426 | </td> | |
427 | <td align='right'> </td> | |
428 | </tr> | |
429 | </table> | |
430 | ||
431 | <hr> | |
432 | ||
433 | <table width='100%'> | |
434 | <tr> | |
435 | <td> </td> | |
436 | <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td> | |
437 | <td> </td> | |
438 | </tr> | |
439 | </table> | |
440 | END | |
441 | ||
442 | # If we have a control connection, show the stats. | |
443 | if ($torctrl) { | |
444 | &Header::openbox('100%', 'left', $Lang::tr{'tor stats'}); | |
445 | ||
446 | my @traffic = &TorTrafficStats($torctrl); | |
447 | ||
448 | if (@traffic) { | |
449 | print <<END; | |
450 | <table width='100%'> | |
451 | END | |
452 | ||
453 | if ($settings{'TOR_RELAY_ENABLED'} eq 'on') { | |
454 | my $fingerprint = &TorRelayFingerprint($torctrl); | |
455 | if ($fingerprint) { | |
456 | print <<END; | |
457 | <tr> | |
458 | <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td> | |
459 | <td width='60%'> | |
460 | <a href='https://atlas.torproject.org/#details/$fingerprint' target='_blank'>$fingerprint</a> | |
461 | </td> | |
462 | </tr> | |
463 | END | |
464 | } | |
465 | } | |
466 | ||
467 | my $address = TorGetInfo($torctrl, "address"); | |
468 | if ($address) { | |
469 | print <<END; | |
470 | <tr> | |
471 | <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td> | |
472 | <td width='60%'>$address</td> | |
473 | </tr> | |
474 | END | |
475 | } | |
476 | ||
477 | print <<END; | |
478 | <tr> | |
479 | <td width='40%'>$Lang::tr{'tor traffic read written'}:</td> | |
480 | END | |
481 | print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>"; | |
482 | print <<END; | |
483 | </tr> | |
484 | </table> | |
485 | END | |
486 | } | |
487 | ||
488 | my $accounting = &TorAccountingStats($torctrl); | |
489 | if ($accounting) { | |
490 | print <<END; | |
491 | <table width='100%'> | |
492 | <tr> | |
493 | <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td> | |
494 | </tr> | |
495 | END | |
496 | ||
497 | if ($accounting->{'hibernating'} eq "hard") { | |
498 | print <<END; | |
499 | <tr> | |
500 | <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'> | |
501 | <font color='white'>$Lang::tr{'tor traffic limit hard'}</font> | |
502 | </td> | |
503 | </tr> | |
504 | END | |
505 | } elsif ($accounting->{'hibernating'} eq "soft") { | |
506 | print <<END; | |
507 | <tr> | |
508 | <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'> | |
509 | <font color='white'>$Lang::tr{'tor traffic limit soft'}</font> | |
510 | </td> | |
511 | </tr> | |
512 | END | |
513 | } | |
514 | ||
515 | print <<END; | |
516 | <tr> | |
517 | <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td> | |
518 | <td width='60%'> | |
519 | $accounting->{'interval-start'} - $accounting->{'interval-end'} | |
520 | </td> | |
521 | </tr> | |
522 | <tr> | |
523 | <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td> | |
524 | <td width='60%'> | |
525 | END | |
526 | ||
527 | print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'}); | |
528 | print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'}); | |
529 | print " $Lang::tr{'tor accounting bytes left'})"; | |
530 | ||
531 | print <<END; | |
532 | </td> | |
533 | </tr> | |
534 | </table> | |
535 | END | |
536 | } | |
537 | ||
538 | my @nodes = &TorORConnStatus($torctrl); | |
539 | if (@nodes) { | |
f16bcc3e | 540 | my $nodes_length = scalar @nodes; |
13b5ce6e MT |
541 | print <<END; |
542 | <table width='100%'> | |
543 | <tr> | |
f16bcc3e MT |
544 | <td width='40%' class='base'><b>$Lang::tr{'tor connected relays'}</b></td> |
545 | <td width='60%' colspan='2'>($nodes_length)</td> | |
13b5ce6e MT |
546 | </tr> |
547 | END | |
548 | ||
549 | foreach my $node (@nodes) { | |
550 | print <<END; | |
551 | <tr> | |
552 | <td width='40%'> | |
553 | <a href='https://atlas.torproject.org/#details/$node->{'fingerprint'}' target='_blank'> | |
554 | $node->{'name'} | |
555 | </a> | |
556 | </td> | |
557 | <td width='30%'> | |
558 | END | |
559 | ||
560 | if (exists($node->{'country_code'})) { | |
561 | print "<a href='country.cgi#$node->{'country_code'}'><img src='/images/flags/$node->{'country_code'}.png' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>"; | |
562 | } | |
563 | ||
564 | print <<END; | |
565 | <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'} | |
566 | </td> | |
567 | <td width='30%' align='right'> | |
568 | ~$node->{'bandwidth_string'} | |
569 | </td> | |
570 | </tr> | |
571 | END | |
572 | } | |
573 | print "</table>"; | |
574 | } | |
575 | ||
576 | &Header::closebox(); | |
577 | } | |
578 | ||
579 | print "</form>\n"; | |
580 | ||
581 | &Header::closebigbox(); | |
582 | &Header::closepage(); | |
583 | } | |
584 | ||
585 | sub BuildConfiguration() { | |
586 | my %settings = (); | |
587 | &General::readhash("${General::swroot}/tor/settings", \%settings); | |
588 | ||
589 | my $torrc = "${General::swroot}/tor/torrc"; | |
590 | ||
591 | open(FILE, ">$torrc"); | |
592 | ||
593 | # Global settings. | |
594 | print FILE "ControlPort $TOR_CONTROL_PORT\n"; | |
595 | ||
596 | if ($settings{'TOR_ENABLED'} eq 'on') { | |
597 | my $strict_nodes = 0; | |
598 | ||
599 | print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n"; | |
600 | ||
601 | my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'}); | |
602 | foreach (@subnets) { | |
603 | print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_)); | |
604 | } | |
605 | print FILE "SocksPolicy reject *\n" if (@subnets); | |
606 | ||
607 | if ($settings{'TOR_EXIT_COUNTRY'} ne '') { | |
608 | $strict_nodes = 1; | |
609 | ||
610 | print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n"; | |
611 | } | |
612 | ||
613 | if ($settings{'TOR_USE_EXIT_NODES'} ne '') { | |
614 | $strict_nodes = 1; | |
615 | ||
616 | my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'}); | |
617 | foreach (@nodes) { | |
618 | print FILE "ExitNode $_\n"; | |
619 | } | |
620 | } | |
621 | ||
622 | if ($strict_nodes > 0) { | |
623 | print FILE "StrictNodes 1\n"; | |
624 | } | |
625 | } | |
626 | ||
627 | if ($settings{'TOR_RELAY_ENABLED'} eq 'on') { | |
628 | # Reject access to private networks. | |
629 | print FILE "ExitPolicyRejectPrivate 1\n"; | |
630 | ||
631 | print FILE "ORPort $settings{'TOR_RELAY_PORT'}"; | |
632 | if ($settings{'TOR_RELAY_NOADVERTISE'} eq 'on') { | |
633 | print FILE " NoAdvertise"; | |
634 | } | |
635 | print FILE "\n"; | |
636 | ||
637 | if ($settings{'TOR_RELAY_ADDRESS'} ne '') { | |
638 | print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n"; | |
639 | } | |
640 | ||
641 | if ($settings{'TOR_RELAY_NICKNAME'} ne '') { | |
642 | print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n"; | |
643 | } | |
644 | ||
645 | if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') { | |
646 | print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n"; | |
647 | } | |
648 | ||
649 | # Limit to bridge mode. | |
650 | my $is_bridge = 0; | |
651 | ||
652 | if ($settings{'TOR_RELAY_MODE'} eq 'bridge') { | |
653 | $is_bridge++; | |
654 | ||
655 | # Private bridge. | |
656 | } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') { | |
657 | $is_bridge++; | |
658 | ||
659 | print FILE "PublishServerDescriptor 0\n"; | |
660 | ||
661 | # Exit node. | |
662 | } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') { | |
663 | print FILE "ExitPolicy accept *:*\n"; | |
664 | ||
665 | # Relay only. | |
666 | } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') { | |
667 | print FILE "ExitPolicy reject *:*\n"; | |
668 | } | |
669 | ||
670 | if ($is_bridge > 0) { | |
671 | print FILE "BridgeRelay 1\n"; | |
672 | print FILE "Exitpolicy reject *:*\n"; | |
673 | } | |
674 | ||
675 | if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) { | |
676 | print FILE "RelayBandwidthRate "; | |
677 | print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8; | |
678 | print FILE " KB\n"; | |
679 | ||
680 | if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) { | |
681 | print FILE "RelayBandwidthBurst "; | |
682 | print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8; | |
683 | print FILE " KB\n"; | |
684 | } | |
685 | } | |
686 | ||
687 | if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) { | |
688 | print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n"; | |
689 | ||
690 | if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') { | |
691 | print FILE "AccountingStart day 00:00\n"; | |
692 | } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') { | |
693 | print FILE "AccountingStart week 1 00:00\n"; | |
694 | } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') { | |
695 | print FILE "AccountingStart month 1 00:00\n"; | |
696 | } | |
697 | } | |
698 | } | |
699 | ||
700 | close(FILE); | |
701 | ||
702 | # Restart the service. | |
703 | if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) { | |
005db206 | 704 | system("/usr/local/bin/torctrl restart &>/dev/null"); |
13b5ce6e | 705 | } else { |
005db206 | 706 | system("/usr/local/bin/torctrl stop &>/dev/null"); |
13b5ce6e MT |
707 | } |
708 | } | |
709 | ||
710 | sub TorConnect() { | |
711 | my $socket = new IO::Socket::INET( | |
712 | Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT, | |
713 | ) or return; | |
714 | ||
715 | $socket->autoflush(1); | |
716 | ||
717 | # Authenticate. | |
718 | &TorSendCommand($socket, "AUTHENTICATE"); | |
719 | ||
720 | return $socket; | |
721 | } | |
722 | ||
723 | sub TorSendCommand() { | |
724 | my ($socket, $cmd) = @_; | |
725 | ||
726 | # Replace line ending with \r\n. | |
727 | chomp $cmd; | |
728 | $cmd .= "\r\n"; | |
729 | ||
730 | $socket->send($cmd); | |
731 | ||
732 | my @output = (); | |
733 | while (my $line = <$socket>) { | |
734 | # Skip empty lines. | |
735 | if ($line =~ /^.\r\n$/) { | |
736 | next; | |
737 | } | |
738 | ||
739 | # Command has been successfully executed. | |
740 | if ($line =~ /250 OK/) { | |
741 | last; | |
742 | ||
743 | # Error. | |
744 | } elsif ($line =~ /^5\d+/) { | |
745 | last; | |
746 | ||
747 | } else { | |
748 | # Remove line endings. | |
749 | $line =~ s/\r\n$//; | |
750 | ||
751 | push(@output, $line); | |
752 | } | |
753 | } | |
754 | ||
755 | return @output; | |
756 | } | |
757 | ||
758 | sub TorSendCommandOneLine() { | |
759 | my ($tor, $cmd) = @_; | |
760 | ||
761 | my @output = &TorSendCommand($tor, $cmd); | |
762 | return $output[0]; | |
763 | } | |
764 | ||
765 | sub TorGetInfo() { | |
766 | my ($tor, $cmd) = @_; | |
767 | ||
768 | my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd); | |
769 | ||
770 | my ($key, $value) = split("=", $output); | |
771 | return $value; | |
772 | } | |
773 | ||
774 | sub TorClose() { | |
775 | my $socket = shift; | |
776 | ||
777 | if ($socket) { | |
778 | $socket->shutdown(2); | |
779 | } | |
780 | } | |
781 | ||
782 | sub TorTrafficStats() { | |
783 | my $tor = shift; | |
784 | ||
785 | my $output_read = &TorGetInfo($tor, "traffic/read"); | |
786 | my $output_written = &TorGetInfo($tor, "traffic/written"); | |
787 | ||
788 | return ($output_read, $output_written); | |
789 | } | |
790 | ||
791 | sub TorRelayFingerprint() { | |
792 | my $tor = shift; | |
793 | ||
794 | return &TorGetInfo($tor, "fingerprint"); | |
795 | } | |
796 | ||
797 | sub TorORConnStatus() { | |
798 | my $tor = shift; | |
799 | my @nodes = (); | |
800 | ||
801 | my @output = &TorSendCommand($tor, "GETINFO orconn-status"); | |
802 | foreach (@output) { | |
803 | $_ =~ s/^250[\+-]orconn-status=//; | |
804 | next if ($_ eq ""); | |
805 | last if ($_ eq "."); | |
806 | next unless ($_ =~ /^\$/); | |
807 | ||
808 | my @line = split(" ", $_); | |
809 | my @node = split(/[=~]/, $line[0]); | |
810 | ||
811 | my $node = &TorNodeDescription($tor, $node[0]); | |
812 | if ($node) { | |
813 | push(@nodes, $node); | |
814 | } | |
815 | } | |
816 | ||
817 | # Sort by names. | |
818 | @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes; | |
819 | ||
820 | return @nodes; | |
821 | } | |
822 | ||
823 | sub TorNodeDescription() { | |
824 | my ($tor, $fingerprint) = @_; | |
825 | $fingerprint =~ s/\$//; | |
826 | ||
827 | my $node = { | |
828 | fingerprint => $fingerprint, | |
829 | exit_node => 0, | |
830 | }; | |
831 | ||
832 | my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}"); | |
833 | ||
834 | foreach (@output) { | |
835 | # Router | |
836 | if ($_ =~ /^r (\w+) (.*) (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (\d+)/) { | |
837 | $node->{'name'} = $1; | |
838 | $node->{'address'} = $3; | |
839 | $node->{'port'} = $4; | |
840 | ||
841 | my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}"); | |
842 | $node->{'country_code'} = $country_code; | |
843 | ||
844 | # Flags | |
845 | } elsif ($_ =~ /^s (.*)$/) { | |
846 | $node->{'flags'} = split(" ", $1); | |
847 | ||
848 | foreach my $flag ($node->{'flags'}) { | |
849 | if ($flag eq "Exit") { | |
850 | $node->{'exit_node'}++; | |
851 | } | |
852 | } | |
853 | ||
854 | # Bandwidth | |
855 | } elsif ($_ =~ /^w Bandwidth=(\d+)/) { | |
856 | $node->{'bandwidth'} = $1 * 8; | |
857 | $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'}); | |
858 | } | |
859 | } | |
860 | ||
861 | if (exists($node->{'name'})) { | |
862 | return $node; | |
863 | } | |
864 | } | |
865 | ||
866 | sub TorAccountingStats() { | |
867 | my $tor = shift; | |
868 | my $ret = {}; | |
869 | ||
870 | my $enabled = &TorGetInfo($tor, "accounting/enabled"); | |
871 | if ($enabled ne '1') { | |
872 | return; | |
873 | } | |
874 | ||
875 | my @cmds = ("hibernating", "interval-start", "interval-end"); | |
876 | foreach (@cmds) { | |
877 | $ret->{$_} = &TorGetInfo($tor, "accounting/$_"); | |
878 | } | |
879 | ||
880 | my @cmds = ("bytes", "bytes-left"); | |
881 | foreach (@cmds) { | |
882 | my $output = &TorGetInfo($tor, "accounting/$_"); | |
883 | my @bytes = split(" ", $output); | |
884 | ||
885 | $ret->{$_."_read"} = $bytes[0]; | |
886 | $ret->{$_."_written"} = $bytes[1]; | |
887 | } | |
888 | ||
889 | return $ret; | |
890 | } | |
891 | ||
892 | sub FormatBytes() { | |
893 | my $bytes = shift; | |
894 | ||
895 | my @units = ("B", "KB", "MB", "GB", "TB"); | |
896 | my $units_index = 0; | |
897 | ||
898 | while (($units_index <= $#units) && ($bytes >= 1024)) { | |
899 | $units_index++; | |
900 | $bytes /= 1024; | |
901 | } | |
902 | ||
903 | return sprintf("%.2f %s", $bytes, $units[$units_index]); | |
904 | } | |
905 | ||
906 | sub FormatBitsPerSecond() { | |
907 | my $bits = shift; | |
908 | ||
909 | my @units = ("Bit/s", "KBit/s", "MBit/s", "GBit/s", "TBit/s"); | |
910 | my $units_index = 0; | |
911 | ||
912 | while (($units_index <= $#units) && ($bits >= 1024)) { | |
913 | $units_index++; | |
914 | $bits /= 1024; | |
915 | } | |
916 | ||
917 | return sprintf("%.2f %s", $bits, $units[$units_index]); | |
918 | } |