2ae9b6aebca6dbfbedd8c521ca1741d6f7eb623e
[people/teissler/ipfire-2.x.git] / html / cgi-bin / tor.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23 use Locale::Country;
24
25 # enable only the following on debugging purpose
26 use warnings;
27 use CGI::Carp 'fatalsToBrowser';
28
29 require '/var/ipfire/general-functions.pl';
30 require "${General::swroot}/lang.pl";
31 require "${General::swroot}/header.pl";
32
33 #workaround to suppress a warning when a variable is used only once
34 my @dummy = ( ${Header::colouryellow} );
35 undef (@dummy);
36
37 my @bandwidth_limits = (
38 1000 * 1024, # 1G
39 500 * 1024,
40 200 * 1024,
41 100 * 1024, # 100M
42 64 * 1024,
43 50 * 1024,
44 25 * 1024,
45 20 * 1024,
46 16 * 1024,
47 10 * 1024,
48 8 * 1024,
49 4 * 1024,
50 2 * 1024,
51 1024, # 1M
52 512,
53 256,
54 128,
55 64
56 );
57 my @accounting_periods = ('daily', 'weekly', 'monthly');
58
59 my $TOR_CONTROL_PORT = 9051;
60
61 our %netsettings = ();
62 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
63
64 our %settings = ();
65
66 $settings{'TOR_ENABLED'} = 'off';
67 $settings{'TOR_SOCKS_PORT'} = 9050;
68 $settings{'TOR_EXIT_COUNTRY'} = '';
69 $settings{'TOR_USE_EXIT_NODES'} = '';
70 $settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}";
71 if (&Header::blue_used()) {
72 $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}";
73 }
74
75 $settings{'TOR_RELAY_ENABLED'} = 'off';
76 $settings{'TOR_RELAY_MODE'} = 'exit';
77 $settings{'TOR_RELAY_PORT'} = 9001;
78 $settings{'TOR_RELAY_NOADVERTISE'} = 'off';
79 $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0;
80 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
81 $settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0;
82 $settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily';
83
84 $settings{'ACTION'} = '';
85
86 my $errormessage = '';
87 my $warnmessage = '';
88
89 &Header::showhttpheaders();
90
91 # Get GUI values.
92 &Header::getcgihash(\%settings);
93
94 # Create tor command connection.
95 our $torctrl = &TorConnect();
96
97 # Toggle enable/disable field.
98 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
99 my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'});
100 $settings{'TOR_ALLOWED_SUBNETS'} = "";
101 foreach (@temp) {
102 s/^\s+//g; s/\s+$//g;
103 if ($_) {
104 unless (&General::validipandmask($_)) {
105 $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_";
106 }
107 $settings{'TOR_ALLOWED_SUBNETS'} .= $_.",";
108 }
109 }
110
111 @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'});
112 $settings{'TOR_USE_EXIT_NODES'} = "";
113 foreach (@temp) {
114 s/^\s+//g; s/\s+$//g;
115 if ($_) {
116 $settings{'TOR_USE_EXIT_NODES'} .= $_.",";
117 }
118 }
119
120 if ($errormessage eq '') {
121 # Write configuration settings to file.
122 &General::writehash("${General::swroot}/tor/settings", \%settings);
123
124 # Update configuration files.
125 &BuildConfiguration();
126 }
127
128 # Reset ACTION.
129 $settings{'ACTION'} = '';
130 }
131
132 # Load settings from file.
133 &General::readhash("${General::swroot}/tor/settings", \%settings);
134
135 &showMainBox();
136
137 # Close Tor control connection.
138 &TorClose($torctrl);
139
140 # Functions
141
142 sub showMainBox() {
143 my %checked = ();
144 my %selected = ();
145
146 $checked{'TOR_ENABLED'}{'on'} = '';
147 $checked{'TOR_ENABLED'}{'off'} = '';
148 $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked';
149
150 $checked{'TOR_RELAY_ENABLED'}{'on'} = '';
151 $checked{'TOR_RELAY_ENABLED'}{'off'} = '';
152 $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked';
153
154 &Header::openpage($Lang::tr{'tor configuration'}, 1, '');
155 &Header::openbigbox('100%', 'left', '', $errormessage);
156
157 if ($errormessage) {
158 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
159 print "<font class='base'>$errormessage&nbsp;</font>\n";
160 &Header::closebox();
161 }
162
163 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
164
165 &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'});
166
167 print <<END;
168 <table width='100%'>
169 <tr>
170 <td colspan='4' class='base'><b>$Lang::tr{'tor common settings'}</b></td>
171 </tr>
172 <tr>
173 <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td>
174 <td width='30%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td>
175 <td width='25%' class='base'>$Lang::tr{'tor socks port'}:</td>
176 <td width='20%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td>
177 </tr>
178 <tr>
179 <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td>
180 <td width='30%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td>
181 <td width='25%' class='base'></td>
182 <td width='20%'></td>
183 </tr>
184 </table>
185 END
186
187 if ($settings{'TOR_ENABLED'} eq 'on') {
188 my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
189 $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp);
190
191 @temp = split(",", $settings{'TOR_USE_EXIT_NODES'});
192 $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp);
193
194 print <<END;
195 <br>
196 <hr size='1'>
197 <br>
198
199 <table width='100%'>
200 <tr>
201 <td colspan='4' class='base'><b>$Lang::tr{'tor acls'}</b></td>
202 </tr>
203 <tr>
204 <td colspan='2' class='base' width='55%'>
205 $Lang::tr{'tor allowed subnets'}:
206 </td>
207 <td colspan='2' width='45%'></td>
208 </tr>
209 <tr>
210 <td colspan='2' class='base' width='55%'>
211 <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea>
212 </td>
213 <td colspan='2' width='45%'></td>
214 </tr>
215 </table>
216
217 <br>
218 <hr size='1'>
219 <br>
220
221 <table width='100%'>
222 <tr>
223 <td colspan='4' class='base'><b>$Lang::tr{'tor exit nodes'}</b></td>
224 </tr>
225 <tr>
226 <td colspan='2' class='base' width='55%'></td>
227 <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td>
228 </tr>
229 <tr>
230 <td width='50%' colspan='2'>
231 <select name='TOR_EXIT_COUNTRY'>
232 <option value=''>- $Lang::tr{'tor exit country any'} -</option>
233 END
234
235 my @country_names = Locale::Country::all_country_names();
236 foreach my $country_name (sort @country_names) {
237 my $country_code = Locale::Country::country2code($country_name);
238 $country_code = uc($country_code);
239 print "<option value='$country_code'>$country_name ($country_code)</option>\n";
240 }
241
242 print <<END;
243 </select>
244 </td>
245 <td width='50%' colspan='2'>
246 <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea>
247 </td>
248 </tr>
249 </table>
250 <br><br>
251 END
252 }
253
254 &Header::closebox();
255
256 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
257 $checked{'TOR_RELAY_NOADVERTISE'}{'on'} = '';
258 $checked{'TOR_RELAY_NOADVERTISE'}{'off'} = '';
259 $checked{'TOR_RELAY_NOADVERTISE'}{$settings{'TOR_RELAY_NOADVERTISE'}} = 'checked';
260
261 $selected{'TOR_RELAY_MODE'}{'bridge'} = '';
262 $selected{'TOR_RELAY_MODE'}{'exit'} = '';
263 $selected{'TOR_RELAY_MODE'}{'private-bridge'} = '';
264 $selected{'TOR_RELAY_MODE'}{'relay'} = '';
265 $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected';
266
267 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = '';
268 foreach (@bandwidth_limits) {
269 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = '';
270 }
271 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected';
272
273 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = '';
274 foreach (@bandwidth_limits) {
275 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = '';
276 }
277 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected';
278
279 foreach (@accounting_periods) {
280 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = '';
281 }
282 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected';
283
284 &Header::openbox('100%', 'left', $Lang::tr{'tor relay configuration'});
285
286 print <<END;
287 <table width='100%'>
288 <tr>
289 <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td>
290 <td width='30%'>
291 <select name='TOR_RELAY_MODE'>
292 <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option>
293 <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option>
294 <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option>
295 <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option>
296 </select>
297 </td>
298 <td width='25%' class='base'>$Lang::tr{'tor relay port'}:</td>
299 <td width='20%'>
300 <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' />
301 </td>
302 </tr>
303 <tr>
304 <td width='25%' class='base'>$Lang::tr{'tor relay address'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
305 <td width='30%'>
306 <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' />
307 </td>
308 <td width='25%' class='base'>$Lang::tr{'tor do not advertise relay'}:</td>
309 <td width='20%'>
310 <input type='checkbox' name='TOR_RELAY_NOADVERTISE' $checked{'TOR_RELAY_NOADVERTISE'}{'on'} />
311 </td>
312 </tr>
313 <tr>
314 <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
315 <td width='30%'>
316 <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' />
317 </td>
318 <td colspan='2'></td>
319 </tr>
320 <tr>
321 <td width='25%' class='base'>$Lang::tr{'tor contact info'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
322 <td width='75%' colspan='3'>
323 <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' size='60' />
324 </td>
325 </tr>
326 </table>
327
328 <hr size='1'>
329
330 <table width='100%'>
331 <tr>
332 <td colspan='4' class='base'><b>$Lang::tr{'tor bandwidth settings'}</b></td>
333 </tr>
334 <tr>
335 <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td>
336 <td width='30%' class='base'>
337 <select name='TOR_RELAY_BANDWIDTH_RATE'>
338 END
339
340 foreach (@bandwidth_limits) {
341 if ($_ >= 1024) {
342 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
343 } else {
344 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kBit/s</option>\n";
345 }
346 }
347
348 print <<END;
349 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
350 </select>
351 </td>
352 <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:</td>
353 <td width='20%'>
354 <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' />
355 </td>
356 </tr>
357 <tr>
358 <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td>
359 <td width='20%' class='base'>
360 <select name='TOR_RELAY_BANDWIDTH_BURST'>
361 END
362
363 foreach (@bandwidth_limits) {
364 if ($_ >= 1024) {
365 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
366 } else {
367 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kBit/s</option>\n";
368 }
369 }
370 print <<END;
371 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
372 </select>
373 </td>
374 <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td>
375 <td width='20%'>
376 <select name='TOR_RELAY_ACCOUNTING_PERIOD'>
377 END
378
379 foreach (@accounting_periods) {
380 print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>";
381 }
382
383 print <<END;
384 </select>
385 </td>
386 </tr>
387 </table>
388 END
389
390 &Header::closebox();
391 }
392
393 print <<END;
394 <table width='100%'>
395 <tr>
396 <td>
397 <img src='/blob.gif' align='top' alt='*' />&nbsp;<font class='base'>$Lang::tr{'this field may be blank'}</font>
398 </td>
399 <td align='right'>&nbsp;</td>
400 </tr>
401 </table>
402
403 <hr>
404
405 <table width='100%'>
406 <tr>
407 <td>&nbsp;</td>
408 <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
409 <td>&nbsp;</td>
410 </tr>
411 </table>
412 END
413
414 # If we have a control connection, show the stats.
415 if ($torctrl) {
416 &Header::openbox('100%', 'left', $Lang::tr{'tor stats'});
417
418 my @traffic = &TorTrafficStats($torctrl);
419
420 if (@traffic) {
421 print <<END;
422 <table width='100%'>
423 END
424
425 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
426 my $fingerprint = &TorRelayFingerprint($torctrl);
427 if ($fingerprint) {
428 print <<END;
429 <tr>
430 <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td>
431 <td width='60%'>
432 <a href='https://atlas.torproject.org/#details/$fingerprint' target='_blank'>$fingerprint</a>
433 </td>
434 </tr>
435 END
436 }
437 }
438
439 my $address = TorGetInfo($torctrl, "address");
440 if ($address) {
441 print <<END;
442 <tr>
443 <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td>
444 <td width='60%'>$address</td>
445 </tr>
446 END
447 }
448
449 print <<END;
450 <tr>
451 <td width='40%'>$Lang::tr{'tor traffic read written'}:</td>
452 END
453 print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>";
454 print <<END;
455 </tr>
456 </table>
457 END
458 }
459
460 my $accounting = &TorAccountingStats($torctrl);
461 if ($accounting) {
462 print <<END;
463 <table width='100%'>
464 <tr>
465 <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td>
466 </tr>
467 END
468
469 if ($accounting->{'hibernating'} eq "hard") {
470 print <<END;
471 <tr>
472 <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'>
473 <font color='white'>$Lang::tr{'tor traffic limit hard'}</font>
474 </td>
475 </tr>
476 END
477 } elsif ($accounting->{'hibernating'} eq "soft") {
478 print <<END;
479 <tr>
480 <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'>
481 <font color='white'>$Lang::tr{'tor traffic limit soft'}</font>
482 </td>
483 </tr>
484 END
485 }
486
487 print <<END;
488 <tr>
489 <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td>
490 <td width='60%'>
491 $accounting->{'interval-start'} - $accounting->{'interval-end'}
492 </td>
493 </tr>
494 <tr>
495 <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td>
496 <td width='60%'>
497 END
498
499 print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'});
500 print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'});
501 print " $Lang::tr{'tor accounting bytes left'})";
502
503 print <<END;
504 </td>
505 </tr>
506 </table>
507 END
508 }
509
510 my @nodes = &TorORConnStatus($torctrl);
511 if (@nodes) {
512 print <<END;
513 <table width='100%'>
514 <tr>
515 <td colspan='3' class='base'><b>$Lang::tr{'tor connected relays'}</b></td>
516 </tr>
517 END
518
519 foreach my $node (@nodes) {
520 print <<END;
521 <tr>
522 <td width='40%'>
523 <a href='https://atlas.torproject.org/#details/$node->{'fingerprint'}' target='_blank'>
524 $node->{'name'}
525 </a>
526 </td>
527 <td width='30%'>
528 END
529
530 if (exists($node->{'country_code'})) {
531 print "<a href='country.cgi#$node->{'country_code'}'><img src='/images/flags/$node->{'country_code'}.png' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>";
532 }
533
534 print <<END;
535 <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'}
536 </td>
537 <td width='30%' align='right'>
538 ~$node->{'bandwidth_string'}
539 </td>
540 </tr>
541 END
542 }
543 print "</table>";
544 }
545
546 &Header::closebox();
547 }
548
549 print "</form>\n";
550
551 &Header::closebigbox();
552 &Header::closepage();
553 }
554
555 sub BuildConfiguration() {
556 my %settings = ();
557 &General::readhash("${General::swroot}/tor/settings", \%settings);
558
559 my $torrc = "${General::swroot}/tor/torrc";
560
561 open(FILE, ">$torrc");
562
563 # Global settings.
564 print FILE "ControlPort $TOR_CONTROL_PORT\n";
565
566 if ($settings{'TOR_ENABLED'} eq 'on') {
567 my $strict_nodes = 0;
568
569 print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n";
570
571 my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
572 foreach (@subnets) {
573 print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_));
574 }
575 print FILE "SocksPolicy reject *\n" if (@subnets);
576
577 if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
578 $strict_nodes = 1;
579
580 print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n";
581 }
582
583 if ($settings{'TOR_USE_EXIT_NODES'} ne '') {
584 $strict_nodes = 1;
585
586 my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'});
587 foreach (@nodes) {
588 print FILE "ExitNode $_\n";
589 }
590 }
591
592 if ($strict_nodes > 0) {
593 print FILE "StrictNodes 1\n";
594 }
595 }
596
597 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
598 # Reject access to private networks.
599 print FILE "ExitPolicyRejectPrivate 1\n";
600
601 print FILE "ORPort $settings{'TOR_RELAY_PORT'}";
602 if ($settings{'TOR_RELAY_NOADVERTISE'} eq 'on') {
603 print FILE " NoAdvertise";
604 }
605 print FILE "\n";
606
607 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
608 print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n";
609 }
610
611 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
612 print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n";
613 }
614
615 if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') {
616 print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n";
617 }
618
619 # Limit to bridge mode.
620 my $is_bridge = 0;
621
622 if ($settings{'TOR_RELAY_MODE'} eq 'bridge') {
623 $is_bridge++;
624
625 # Private bridge.
626 } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') {
627 $is_bridge++;
628
629 print FILE "PublishServerDescriptor 0\n";
630
631 # Exit node.
632 } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') {
633 print FILE "ExitPolicy accept *:*\n";
634
635 # Relay only.
636 } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') {
637 print FILE "ExitPolicy reject *:*\n";
638 }
639
640 if ($is_bridge > 0) {
641 print FILE "BridgeRelay 1\n";
642 print FILE "Exitpolicy reject *:*\n";
643 }
644
645 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) {
646 print FILE "RelayBandwidthRate ";
647 print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8;
648 print FILE " KB\n";
649
650 if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) {
651 print FILE "RelayBandwidthBurst ";
652 print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8;
653 print FILE " KB\n";
654 }
655 }
656
657 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) {
658 print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n";
659
660 if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') {
661 print FILE "AccountingStart day 00:00\n";
662 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') {
663 print FILE "AccountingStart week 1 00:00\n";
664 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') {
665 print FILE "AccountingStart month 1 00:00\n";
666 }
667 }
668 }
669
670 close(FILE);
671
672 # Restart the service.
673 if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) {
674 system("/usr/local/bin/torctrl restart &>/dev/null");
675 } else {
676 system("/usr/local/bin/torctrl stop &>/dev/null");
677 }
678 }
679
680 sub TorConnect() {
681 my $socket = new IO::Socket::INET(
682 Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT,
683 ) or return;
684
685 $socket->autoflush(1);
686
687 # Authenticate.
688 &TorSendCommand($socket, "AUTHENTICATE");
689
690 return $socket;
691 }
692
693 sub TorSendCommand() {
694 my ($socket, $cmd) = @_;
695
696 # Replace line ending with \r\n.
697 chomp $cmd;
698 $cmd .= "\r\n";
699
700 $socket->send($cmd);
701
702 my @output = ();
703 while (my $line = <$socket>) {
704 # Skip empty lines.
705 if ($line =~ /^.\r\n$/) {
706 next;
707 }
708
709 # Command has been successfully executed.
710 if ($line =~ /250 OK/) {
711 last;
712
713 # Error.
714 } elsif ($line =~ /^5\d+/) {
715 last;
716
717 } else {
718 # Remove line endings.
719 $line =~ s/\r\n$//;
720
721 push(@output, $line);
722 }
723 }
724
725 return @output;
726 }
727
728 sub TorSendCommandOneLine() {
729 my ($tor, $cmd) = @_;
730
731 my @output = &TorSendCommand($tor, $cmd);
732 return $output[0];
733 }
734
735 sub TorGetInfo() {
736 my ($tor, $cmd) = @_;
737
738 my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd);
739
740 my ($key, $value) = split("=", $output);
741 return $value;
742 }
743
744 sub TorClose() {
745 my $socket = shift;
746
747 if ($socket) {
748 $socket->shutdown(2);
749 }
750 }
751
752 sub TorTrafficStats() {
753 my $tor = shift;
754
755 my $output_read = &TorGetInfo($tor, "traffic/read");
756 my $output_written = &TorGetInfo($tor, "traffic/written");
757
758 return ($output_read, $output_written);
759 }
760
761 sub TorRelayFingerprint() {
762 my $tor = shift;
763
764 return &TorGetInfo($tor, "fingerprint");
765 }
766
767 sub TorORConnStatus() {
768 my $tor = shift;
769 my @nodes = ();
770
771 my @output = &TorSendCommand($tor, "GETINFO orconn-status");
772 foreach (@output) {
773 $_ =~ s/^250[\+-]orconn-status=//;
774 next if ($_ eq "");
775 last if ($_ eq ".");
776 next unless ($_ =~ /^\$/);
777
778 my @line = split(" ", $_);
779 my @node = split(/[=~]/, $line[0]);
780
781 my $node = &TorNodeDescription($tor, $node[0]);
782 if ($node) {
783 push(@nodes, $node);
784 }
785 }
786
787 # Sort by names.
788 @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes;
789
790 return @nodes;
791 }
792
793 sub TorNodeDescription() {
794 my ($tor, $fingerprint) = @_;
795 $fingerprint =~ s/\$//;
796
797 my $node = {
798 fingerprint => $fingerprint,
799 exit_node => 0,
800 };
801
802 my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}");
803
804 foreach (@output) {
805 # Router
806 if ($_ =~ /^r (\w+) (.*) (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (\d+)/) {
807 $node->{'name'} = $1;
808 $node->{'address'} = $3;
809 $node->{'port'} = $4;
810
811 my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}");
812 $node->{'country_code'} = $country_code;
813
814 # Flags
815 } elsif ($_ =~ /^s (.*)$/) {
816 $node->{'flags'} = split(" ", $1);
817
818 foreach my $flag ($node->{'flags'}) {
819 if ($flag eq "Exit") {
820 $node->{'exit_node'}++;
821 }
822 }
823
824 # Bandwidth
825 } elsif ($_ =~ /^w Bandwidth=(\d+)/) {
826 $node->{'bandwidth'} = $1 * 8;
827 $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'});
828 }
829 }
830
831 if (exists($node->{'name'})) {
832 return $node;
833 }
834 }
835
836 sub TorAccountingStats() {
837 my $tor = shift;
838 my $ret = {};
839
840 my $enabled = &TorGetInfo($tor, "accounting/enabled");
841 if ($enabled ne '1') {
842 return;
843 }
844
845 my @cmds = ("hibernating", "interval-start", "interval-end");
846 foreach (@cmds) {
847 $ret->{$_} = &TorGetInfo($tor, "accounting/$_");
848 }
849
850 my @cmds = ("bytes", "bytes-left");
851 foreach (@cmds) {
852 my $output = &TorGetInfo($tor, "accounting/$_");
853 my @bytes = split(" ", $output);
854
855 $ret->{$_."_read"} = $bytes[0];
856 $ret->{$_."_written"} = $bytes[1];
857 }
858
859 return $ret;
860 }
861
862 sub FormatBytes() {
863 my $bytes = shift;
864
865 my @units = ("B", "KB", "MB", "GB", "TB");
866 my $units_index = 0;
867
868 while (($units_index <= $#units) && ($bytes >= 1024)) {
869 $units_index++;
870 $bytes /= 1024;
871 }
872
873 return sprintf("%.2f %s", $bytes, $units[$units_index]);
874 }
875
876 sub FormatBitsPerSecond() {
877 my $bits = shift;
878
879 my @units = ("Bit/s", "KBit/s", "MBit/s", "GBit/s", "TBit/s");
880 my $units_index = 0;
881
882 while (($units_index <= $#units) && ($bits >= 1024)) {
883 $units_index++;
884 $bits /= 1024;
885 }
886
887 return sprintf("%.2f %s", $bits, $units[$units_index]);
888 }