]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - html/cgi-bin/tor.cgi
projects / people / teissler / ipfire-2.x.git / blob
? search:


689a80aee1f449ec263166f70c13c9f4f05ead54
[people/teissler/ipfire-2.x.git] / html / cgi-bin / tor.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23 use Locale::Country;
24
25 # enable only the following on debugging purpose
26 use warnings;
27 use CGI::Carp 'fatalsToBrowser';
28
29 require '/var/ipfire/general-functions.pl';
30 require "${General::swroot}/lang.pl";
31 require "${General::swroot}/header.pl";
32
33 #workaround to suppress a warning when a variable is used only once
34 my @dummy = ( ${Header::colouryellow} );
35 undef (@dummy);
36
37 my @bandwidth_limits = (
38 1000 * 1024, # 1G
39 500 * 1024,
40 200 * 1024,
41 100 * 1024, # 100M
42 64 * 1024,
43 50 * 1024,
44 25 * 1024,
45 20 * 1024,
46 16 * 1024,
47 10 * 1024,
48 8 * 1024,
49 4 * 1024,
50 2 * 1024,
51 1024, # 1M
52 512,
53 256,
54 160
55 );
56 my @accounting_periods = ('daily', 'weekly', 'monthly');
57
58 my $TOR_CONTROL_PORT = 9051;
59
60 my $string=();
61 my $memory=();
62 my @memory=();
63 my @pid=();
64 my @tor=();
65 sub daemonstats
66 {
67 $memory = 0;
68 # for pid and memory
69 open(FILE, '/usr/local/bin/addonctrl tor status | ');
70 @tor = <FILE>;
71 close(FILE);
72 $string = join("", @tor);
73 $string =~ s/[a-z_]//gi;
74 $string =~ s/\[[0-1]\;[0-9]+//gi;
75 $string =~ s/[\(\)\.]//gi;
76 $string =~ s/ //gi;
77 $string =~ s/\e//gi;
78 @pid = split(/\s/,$string);
79 if (open(FILE, "/proc/$pid[0]/statm")){
80 my $temp = <FILE>;
81 @memory = split(/ /,$temp);
82 close(FILE);
83 }
84 $memory+=$memory[0];
85 }
86 daemonstats();
87
88 our %netsettings = ();
89 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
90
91 our %color = ();
92 our %mainsettings = ();
93 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
94 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
95
96 our %settings = ();
97
98 $settings{'TOR_ENABLED'} = 'off';
99 $settings{'TOR_SOCKS_PORT'} = 9050;
100 $settings{'TOR_EXIT_COUNTRY'} = '';
101 $settings{'TOR_USE_EXIT_NODES'} = '';
102 $settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}";
103 if (&Header::blue_used()) {
104 $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}";
105 }
106
107 $settings{'TOR_RELAY_ENABLED'} = 'off';
108 $settings{'TOR_RELAY_MODE'} = 'exit';
109 $settings{'TOR_RELAY_ADDRESS'} = '';
110 $settings{'TOR_RELAY_PORT'} = 9001;
111 $settings{'TOR_RELAY_NICKNAME'} = '';
112 $settings{'TOR_RELAY_CONTACT_INFO'} = '';
113 $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0;
114 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
115 $settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0;
116 $settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily';
117
118 $settings{'ACTION'} = '';
119
120 my $errormessage = '';
121 my $warnmessage = '';
122
123 &Header::showhttpheaders();
124
125 # Get GUI values.
126 &Header::getcgihash(\%settings);
127
128 # Create tor command connection.
129 our $torctrl = &TorConnect();
130
131 # Toggle enable/disable field.
132 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
133 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
134 if ($settings{'TOR_RELAY_NICKNAME'} !~ /^[a-zA-Z0-9]+$/) {
135 $errormessage = "$Lang::tr{'tor errmsg invalid relay name'}: $settings{'TOR_RELAY_NICKNAME'}";
136 }
137 }
138
139 if (!&General::validport($settings{'TOR_SOCKS_PORT'})) {
140 $errormessage = "$Lang::tr{'tor errmsg invalid socks port'}: $settings{'TOR_SOCKS_PORT'}";
141 }
142
143 if (!&General::validport($settings{'TOR_RELAY_PORT'})) {
144 $errormessage = "$Lang::tr{'tor errmsg invalid relay port'}: $settings{'TOR_RELAY_PORT'}";
145 }
146
147 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
148 if ((!&General::validfqdn($settings{'TOR_RELAY_ADDRESS'})) && (!&General::validip($settings{'TOR_RELAY_ADDRESS'}))) {
149 $errormessage = "$Lang::tr{'tor errmsg invalid relay address'}: $settings{'TOR_RELAY_ADDRESS'}";
150 }
151 }
152
153 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} !~ /^\d+$/) {
154 $errormessage = "$Lang::tr{'tor errmsg invalid accounting limit'}: $settings{'TOR_RELAY_ACCOUNTING_LIMIT'}";
155 }
156
157 my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'});
158 $settings{'TOR_ALLOWED_SUBNETS'} = "";
159 foreach (@temp) {
160 s/^\s+//g; s/\s+$//g;
161 if ($_) {
162 unless (&General::validipandmask($_)) {
163 $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_";
164 }
165 $settings{'TOR_ALLOWED_SUBNETS'} .= $_.",";
166 }
167 }
168
169 @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'});
170 $settings{'TOR_USE_EXIT_NODES'} = "";
171 foreach (@temp) {
172 s/^\s+//g; s/\s+$//g;
173 if ($_) {
174 $settings{'TOR_USE_EXIT_NODES'} .= $_.",";
175 }
176 }
177
178 # Burst bandwidth must be less or equal to bandwidth rate.
179 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} == 0) {
180 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
181
182 } elsif ($settings{'TOR_RELAY_BANDWIDTH_BURST'} < $settings{'TOR_RELAY_BANDWIDTH_RATE'}) {
183 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = $settings{'TOR_RELAY_BANDWIDTH_RATE'};
184 }
185
186 if ($errormessage eq '') {
187 # Write configuration settings to file.
188 &General::writehash("${General::swroot}/tor/settings", \%settings);
189
190 # Update configuration files.
191 &BuildConfiguration();
192 }
193 } else {
194 # Load settings from file.
195 &General::readhash("${General::swroot}/tor/settings", \%settings);
196 }
197
198 &showMainBox();
199
200 # Close Tor control connection.
201 &TorClose($torctrl);
202
203 # Functions
204
205 sub showMainBox() {
206 my %checked = ();
207 my %selected = ();
208
209 $checked{'TOR_ENABLED'}{'on'} = '';
210 $checked{'TOR_ENABLED'}{'off'} = '';
211 $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked';
212
213 $checked{'TOR_RELAY_ENABLED'}{'on'} = '';
214 $checked{'TOR_RELAY_ENABLED'}{'off'} = '';
215 $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked';
216
217 &Header::openpage($Lang::tr{'tor configuration'}, 1, '');
218 &Header::openbigbox('100%', 'left', '', $errormessage);
219
220 if ($errormessage) {
221 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
222 print "<font class='base'>$errormessage&nbsp;</font>\n";
223 &Header::closebox();
224 }
225
226 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
227
228 &Header::openbox('100%', 'center', $Lang::tr{'tor'});
229
230
231 if ( ($memory != 0) && (@pid[0] ne "///") ){
232 print "<table width='95%' cellspacing='0'>";
233 print "<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><strong>$Lang::tr{'tor service'}</strong></td></tr>";
234 print "<tr><td class='base'>$Lang::tr{'tor daemon'}</td>";
235 print "<td align='center' colspan='2' width='75%' bgcolor='${Header::colourgreen}'><font color='white'><strong>$Lang::tr{'running'}</strong></font></td></tr>";
236 print "<tr><td class='base'></td>";
237 print "<td bgcolor='$color{'color20'}' align='center'><strong>PID</strong></td>";
238 print "<td bgcolor='$color{'color20'}' align='center'><strong>$Lang::tr{'memory'}</strong></td></tr>";
239 print "<tr><td class='base'></td>";
240 print "<td bgcolor='$color{'color22'}' align='center'>@pid[0]</td>";
241 print "<td bgcolor='$color{'color22'}' align='center'>$memory KB</td></tr>";
242 print "</table>";
243 } else {
244 print "<table width='95%' cellspacing='0'>";
245 print "<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><strong>$Lang::tr{'tor service'}</strong></td></tr>";
246 print "<tr><td class='base'>$Lang::tr{'tor daemon'}</td>";
247 print "<td align='center' width='75%' bgcolor='${Header::colourred}'><font color='white'><strong>$Lang::tr{'stopped'}</strong></font></td></tr>";
248 print "</table>";
249 }
250
251 &Header::closebox();
252
253 &Header::openbox('100%', 'center', $Lang::tr{'tor configuration'});
254
255 print <<END;
256 <table width='95%'>
257 <tr>
258 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor common settings'}</b></td>
259 </tr>
260 <tr>
261 <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td>
262 <td width='30%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td>
263 <td width='25%' class='base'>$Lang::tr{'tor socks port'}:</td>
264 <td width='20%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td>
265 </tr>
266 <tr>
267 <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td>
268 <td width='30%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td>
269 <td width='25%' class='base'></td>
270 <td width='20%'></td>
271 </tr>
272 </table>
273 END
274
275 my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
276 $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp);
277
278 @temp = split(",", $settings{'TOR_USE_EXIT_NODES'});
279 $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp);
280
281 print <<END;
282 <br>
283 <br>
284
285 <table width='95%'>
286 <tr>
287 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor acls'}</b></td>
288 </tr>
289 <tr>
290 <td colspan='2' class='base' width='55%'>
291 $Lang::tr{'tor allowed subnets'}:
292 </td>
293 <td colspan='2' width='45%'></td>
294 </tr>
295 <tr>
296 <td colspan='2' class='base' width='55%'>
297 <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea>
298 </td>
299 <td colspan='2' width='45%'></td>
300 </tr>
301 </table>
302
303 <br>
304 <br>
305
306 <table width='95%'>
307 <tr>
308 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor exit nodes'}</b></td>
309 </tr>
310 <tr>
311 <td colspan='2' class='base' width='55%'></td>
312 <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td>
313 </tr>
314 <tr>
315 <td width='50%' colspan='2'>
316 <select name='TOR_EXIT_COUNTRY'>
317 <option value=''>- $Lang::tr{'tor exit country any'} -</option>
318 END
319
320 my @country_names = Locale::Country::all_country_names();
321 foreach my $country_name (sort @country_names) {
322 my $country_code = Locale::Country::country2code($country_name);
323 $country_code = uc($country_code);
324 print "<option value='$country_code'";
325
326 if ($settings{'TOR_EXIT_COUNTRY'} eq $country_code) {
327 print " selected";
328 }
329
330 print ">$country_name ($country_code)</option>\n";
331 }
332
333 print <<END;
334 </select>
335 </td>
336 <td width='50%' colspan='2'>
337 <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea>
338 </td>
339 </tr>
340 </table>
341 END
342
343 &Header::closebox();
344
345 # Tor relay box
346 $selected{'TOR_RELAY_MODE'}{'bridge'} = '';
347 $selected{'TOR_RELAY_MODE'}{'exit'} = '';
348 $selected{'TOR_RELAY_MODE'}{'private-bridge'} = '';
349 $selected{'TOR_RELAY_MODE'}{'relay'} = '';
350 $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected';
351
352 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = '';
353 foreach (@bandwidth_limits) {
354 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = '';
355 }
356 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected';
357
358 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = '';
359 foreach (@bandwidth_limits) {
360 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = '';
361 }
362 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected';
363
364 foreach (@accounting_periods) {
365 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = '';
366 }
367 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected';
368
369 &Header::openbox('100%', 'center', $Lang::tr{'tor relay configuration'});
370
371 print <<END;
372 <table width='95%'>
373 <tr>
374 <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td>
375 <td width='30%'>
376 <select name='TOR_RELAY_MODE'>
377 <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option>
378 <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option>
379 <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option>
380 <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option>
381 </select>
382 </td>
383 <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
384 <td width='20%'>
385 <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' maxlength='19' />
386 </td>
387 </tr>
388 <tr>
389 <td width='25%' class='base'>$Lang::tr{'tor relay address'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
390 <td width='30%'>
391 <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' />
392 </td>
393 <td width='25%' class='base'>$Lang::tr{'tor relay port'}:</td>
394 <td width='20%'>
395 <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' />
396 </td>
397 </tr>
398 <tr>
399 <td width='25%' class='base'>$Lang::tr{'tor contact info'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
400 <td width='75%' colspan='3'>
401 <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' style='width: 98%;' />
402 </td>
403 </tr>
404 </table>
405
406 <br>
407
408 <table width='95%'>
409 <tr>
410 <td colspan='4' class='base' bgcolor='$color{'color20'}'><b>$Lang::tr{'tor bandwidth settings'}</b></td>
411 </tr>
412 <tr>
413 <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td>
414 <td width='30%' class='base'>
415 <select name='TOR_RELAY_BANDWIDTH_RATE'>
416 END
417
418 foreach (@bandwidth_limits) {
419 if ($_ >= 1024) {
420 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
421 } else {
422 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kBit/s</option>\n";
423 }
424 }
425
426 print <<END;
427 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
428 </select>
429 </td>
430 <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:</td>
431 <td width='20%'>
432 <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' />
433 </td>
434 </tr>
435 <tr>
436 <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td>
437 <td width='20%' class='base'>
438 <select name='TOR_RELAY_BANDWIDTH_BURST'>
439 END
440
441 foreach (@bandwidth_limits) {
442 if ($_ >= 1024) {
443 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
444 } else {
445 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kBit/s</option>\n";
446 }
447 }
448 print <<END;
449 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
450 </select>
451 </td>
452 <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td>
453 <td width='20%'>
454 <select name='TOR_RELAY_ACCOUNTING_PERIOD'>
455 END
456
457 foreach (@accounting_periods) {
458 print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>";
459 }
460
461 print <<END;
462 </select>
463 </td>
464 </tr>
465 </table>
466 END
467
468 &Header::closebox();
469
470 print <<END;
471 <table width='95%'>
472 <tr>
473 <td>
474 <img src='/blob.gif' align='top' alt='*' />&nbsp;<font class='base'>$Lang::tr{'this field may be blank'}</font>
475 </td>
476 <td align='right'>&nbsp;</td>
477 </tr>
478 </table>
479
480 <hr>
481
482 <table width='95%'>
483 <tr>
484 <td>&nbsp;</td>
485 <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
486 <td>&nbsp;</td>
487 </tr>
488 </table>
489 END
490
491 # If we have a control connection, show the stats.
492 if ($torctrl) {
493 &Header::openbox('100%', 'center', $Lang::tr{'tor stats'});
494
495 my @traffic = &TorTrafficStats($torctrl);
496
497 if (@traffic) {
498 print <<END;
499 <table width='95%'>
500 END
501
502 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
503 my $fingerprint = &TorRelayFingerprint($torctrl);
504 if ($fingerprint) {
505 print <<END;
506 <tr>
507 <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td>
508 <td width='60%'>
509 <a href='https://atlas.torproject.org/#details/$fingerprint' target='_blank'>$fingerprint</a>
510 </td>
511 </tr>
512 END
513 }
514 }
515
516 my $address = TorGetInfo($torctrl, "address");
517 if ($address) {
518 print <<END;
519 <tr>
520 <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td>
521 <td width='60%'>$address</td>
522 </tr>
523 END
524 }
525
526 print <<END;
527 <tr>
528 <td width='40%'>$Lang::tr{'tor traffic read written'}:</td>
529 END
530 print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>";
531 print <<END;
532 </tr>
533 </table>
534 END
535 }
536
537 my $accounting = &TorAccountingStats($torctrl);
538 if ($accounting) {
539 print <<END;
540 <table width='95%'>
541 <tr>
542 <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td>
543 </tr>
544 END
545
546 if ($accounting->{'hibernating'} eq "hard") {
547 print <<END;
548 <tr>
549 <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'>
550 <font color='white'>$Lang::tr{'tor traffic limit hard'}</font>
551 </td>
552 </tr>
553 END
554 } elsif ($accounting->{'hibernating'} eq "soft") {
555 print <<END;
556 <tr>
557 <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'>
558 <font color='white'>$Lang::tr{'tor traffic limit soft'}</font>
559 </td>
560 </tr>
561 END
562 }
563
564 print <<END;
565 <tr>
566 <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td>
567 <td width='60%'>
568 $accounting->{'interval-start'} - $accounting->{'interval-end'}
569 </td>
570 </tr>
571 <tr>
572 <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td>
573 <td width='60%'>
574 END
575
576 print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'});
577 print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'});
578 print " $Lang::tr{'tor accounting bytes left'})";
579
580 print <<END;
581 </td>
582 </tr>
583 </table>
584 END
585 }
586
587 my @nodes = &TorORConnStatus($torctrl);
588 if (@nodes) {
589 my $nodes_length = scalar @nodes;
590 print <<END;
591 <table width='95%'>
592 <tr>
593 <td width='40%' class='base'><b>$Lang::tr{'tor connected relays'}</b></td>
594 <td width='60%' colspan='2'>($nodes_length)</td>
595 </tr>
596 END
597
598 foreach my $node (@nodes) {
599 print <<END;
600 <tr>
601 <td width='40%'>
602 <a href='https://atlas.torproject.org/#details/$node->{'fingerprint'}' target='_blank'>
603 $node->{'name'}
604 </a>
605 </td>
606 <td width='30%'>
607 END
608
609 if (exists($node->{'country_code'})) {
610 if ($node->{'country_code'} eq '??') {
611 print "<img src='/images/flags/blank.png' border='0' align='absmiddle'/>";
612 } else {
613 print "<a href='country.cgi#$node->{'country_code'}'><img src='/images/flags/$node->{'country_code'}.png' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>";
614 }
615 }
616
617 print <<END;
618 <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'}
619 </td>
620 <td width='30%' align='right'>
621 ~$node->{'bandwidth_string'}
622 </td>
623 </tr>
624 END
625 }
626 print "</table>";
627 }
628
629 &Header::closebox();
630 }
631
632 print "</form>\n";
633
634 &Header::closebigbox();
635 &Header::closepage();
636 }
637
638 sub BuildConfiguration() {
639 my %settings = ();
640 &General::readhash("${General::swroot}/tor/settings", \%settings);
641
642 my $torrc = "${General::swroot}/tor/torrc";
643
644 open(FILE, ">$torrc");
645
646 # Global settings.
647 print FILE "ControlPort $TOR_CONTROL_PORT\n";
648
649 if ($settings{'TOR_ENABLED'} eq 'on') {
650 my $strict_nodes = 0;
651
652 print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n";
653
654 my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
655 foreach (@subnets) {
656 print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_));
657 }
658 print FILE "SocksPolicy reject *\n" if (@subnets);
659
660 if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
661 $strict_nodes = 1;
662
663 print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n";
664 }
665
666 if ($settings{'TOR_USE_EXIT_NODES'} ne '') {
667 $strict_nodes = 1;
668
669 my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'});
670 foreach (@nodes) {
671 print FILE "ExitNode $_\n";
672 }
673 }
674
675 if ($strict_nodes > 0) {
676 print FILE "StrictNodes 1\n";
677 }
678 }
679
680 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
681 # Reject access to private networks.
682 print FILE "ExitPolicyRejectPrivate 1\n";
683
684 print FILE "ORPort $settings{'TOR_RELAY_PORT'}\n";
685
686 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
687 print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n";
688 }
689
690 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
691 print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n";
692 }
693
694 if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') {
695 print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n";
696 }
697
698 # Limit to bridge mode.
699 my $is_bridge = 0;
700
701 if ($settings{'TOR_RELAY_MODE'} eq 'bridge') {
702 $is_bridge++;
703
704 # Private bridge.
705 } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') {
706 $is_bridge++;
707
708 print FILE "PublishServerDescriptor 0\n";
709
710 # Exit node.
711 } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') {
712 print FILE "ExitPolicy accept *:*\n";
713
714 # Relay only.
715 } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') {
716 print FILE "ExitPolicy reject *:*\n";
717 }
718
719 if ($is_bridge > 0) {
720 print FILE "BridgeRelay 1\n";
721 print FILE "Exitpolicy reject *:*\n";
722 }
723
724 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) {
725 print FILE "RelayBandwidthRate ";
726 print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8;
727 print FILE " KB\n";
728
729 if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) {
730 print FILE "RelayBandwidthBurst ";
731 print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8;
732 print FILE " KB\n";
733 }
734 }
735
736 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) {
737 print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n";
738
739 if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') {
740 print FILE "AccountingStart day 00:00\n";
741 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') {
742 print FILE "AccountingStart week 1 00:00\n";
743 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') {
744 print FILE "AccountingStart month 1 00:00\n";
745 }
746 }
747 }
748
749 close(FILE);
750
751 # Restart the service.
752 if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) {
753 system("/usr/local/bin/torctrl restart &>/dev/null");
754 } else {
755 system("/usr/local/bin/torctrl stop &>/dev/null");
756 }
757 # Update pid and memory
758 daemonstats();
759 }
760
761 sub TorConnect() {
762 my $socket = new IO::Socket::INET(
763 Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT,
764 ) or return;
765
766 $socket->autoflush(1);
767
768 # Authenticate.
769 &TorSendCommand($socket, "AUTHENTICATE");
770
771 return $socket;
772 }
773
774 sub TorSendCommand() {
775 my ($socket, $cmd) = @_;
776
777 # Replace line ending with \r\n.
778 chomp $cmd;
779 $cmd .= "\r\n";
780
781 $socket->send($cmd);
782
783 my @output = ();
784 while (my $line = <$socket>) {
785 # Skip empty lines.
786 if ($line =~ /^.\r\n$/) {
787 next;
788 }
789
790 # Command has been successfully executed.
791 if ($line =~ /250 OK/) {
792 last;
793
794 # Error.
795 } elsif ($line =~ /^5\d+/) {
796 last;
797
798 } else {
799 # Remove line endings.
800 $line =~ s/\r\n$//;
801
802 push(@output, $line);
803 }
804 }
805
806 return @output;
807 }
808
809 sub TorSendCommandOneLine() {
810 my ($tor, $cmd) = @_;
811
812 my @output = &TorSendCommand($tor, $cmd);
813 return $output[0];
814 }
815
816 sub TorGetInfo() {
817 my ($tor, $cmd) = @_;
818
819 my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd);
820
821 my ($key, $value) = split("=", $output);
822 return $value;
823 }
824
825 sub TorClose() {
826 my $socket = shift;
827
828 if ($socket) {
829 $socket->shutdown(2);
830 }
831 }
832
833 sub TorTrafficStats() {
834 my $tor = shift;
835
836 my $output_read = &TorGetInfo($tor, "traffic/read");
837 my $output_written = &TorGetInfo($tor, "traffic/written");
838
839 return ($output_read, $output_written);
840 }
841
842 sub TorRelayFingerprint() {
843 my $tor = shift;
844
845 return &TorGetInfo($tor, "fingerprint");
846 }
847
848 sub TorORConnStatus() {
849 my $tor = shift;
850 my @nodes = ();
851
852 my @output = &TorSendCommand($tor, "GETINFO orconn-status");
853 foreach (@output) {
854 $_ =~ s/^250[\+-]orconn-status=//;
855 next if ($_ eq "");
856 last if ($_ eq ".");
857 next unless ($_ =~ /^\$/);
858
859 my @line = split(" ", $_);
860 my @node = split(/[=~]/, $line[0]);
861
862 my $node = &TorNodeDescription($tor, $node[0]);
863 if ($node) {
864 push(@nodes, $node);
865 }
866 }
867
868 # Sort by names.
869 @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes;
870
871 return @nodes;
872 }
873
874 sub TorNodeDescription() {
875 my ($tor, $fingerprint) = @_;
876 $fingerprint =~ s/\$//;
877
878 my $node = {
879 fingerprint => $fingerprint,
880 exit_node => 0,
881 };
882
883 my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}");
884
885 foreach (@output) {
886 # Router
887 if ($_ =~ /^r (\w+) (.*) (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (\d+)/) {
888 $node->{'name'} = $1;
889 $node->{'address'} = $3;
890 $node->{'port'} = $4;
891
892 my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}");
893 $node->{'country_code'} = $country_code;
894
895 # Flags
896 } elsif ($_ =~ /^s (.*)$/) {
897 $node->{'flags'} = split(" ", $1);
898
899 foreach my $flag ($node->{'flags'}) {
900 if ($flag eq "Exit") {
901 $node->{'exit_node'}++;
902 }
903 }
904
905 # Bandwidth
906 } elsif ($_ =~ /^w Bandwidth=(\d+)/) {
907 $node->{'bandwidth'} = $1 * 8;
908 $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'});
909 }
910 }
911
912 if (exists($node->{'name'})) {
913 return $node;
914 }
915 }
916
917 sub TorAccountingStats() {
918 my $tor = shift;
919 my $ret = {};
920
921 my $enabled = &TorGetInfo($tor, "accounting/enabled");
922 if ($enabled ne '1') {
923 return;
924 }
925
926 my @cmds = ("hibernating", "interval-start", "interval-end");
927 foreach (@cmds) {
928 $ret->{$_} = &TorGetInfo($tor, "accounting/$_");
929 }
930
931 my @cmds = ("bytes", "bytes-left");
932 foreach (@cmds) {
933 my $output = &TorGetInfo($tor, "accounting/$_");
934 my @bytes = split(" ", $output);
935
936 $ret->{$_."_read"} = $bytes[0];
937 $ret->{$_."_written"} = $bytes[1];
938 }
939
940 return $ret;
941 }
942
943 sub FormatBytes() {
944 my $bytes = shift;
945
946 my @units = ("B", "KB", "MB", "GB", "TB");
947 my $units_index = 0;
948
949 while (($units_index <= $#units) && ($bytes >= 1024)) {
950 $units_index++;
951 $bytes /= 1024;
952 }
953
954 return sprintf("%.2f %s", $bytes, $units[$units_index]);
955 }
956
957 sub FormatBitsPerSecond() {
958 my $bits = shift;
959
960 my @units = ("Bit/s", "KBit/s", "MBit/s", "GBit/s", "TBit/s");
961 my $units_index = 0;
962
963 while (($units_index <= $#units) && ($bits >= 1024)) {
964 $units_index++;
965 $bits /= 1024;
966 }
967
968 return sprintf("%.2f %s", $bits, $units[$units_index]);
969 }
Timo's tree of IPFire 2.x