]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - html/cgi-bin/tor.cgi
projects / people / teissler / ipfire-2.x.git / blob
? search:


6b4d9cc1b25b370905d5331f30c231dc70acd7c2
[people/teissler/ipfire-2.x.git] / html / cgi-bin / tor.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23 use Locale::Country;
24
25 # enable only the following on debugging purpose
26 use warnings;
27 use CGI::Carp 'fatalsToBrowser';
28
29 require '/var/ipfire/general-functions.pl';
30 require "${General::swroot}/lang.pl";
31 require "${General::swroot}/header.pl";
32
33 #workaround to suppress a warning when a variable is used only once
34 my @dummy = ( ${Header::colouryellow} );
35 undef (@dummy);
36
37 my @bandwidth_limits = (
38 1000 * 1024, # 1G
39 500 * 1024,
40 200 * 1024,
41 100 * 1024, # 100M
42 64 * 1024,
43 50 * 1024,
44 25 * 1024,
45 20 * 1024,
46 16 * 1024,
47 10 * 1024,
48 8 * 1024,
49 4 * 1024,
50 2 * 1024,
51 1024, # 1M
52 512,
53 256,
54 128,
55 64
56 );
57 my @accounting_periods = ('daily', 'weekly', 'monthly');
58
59 my $TOR_CONTROL_PORT = 9051;
60
61 our %netsettings = ();
62 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
63
64 our %settings = ();
65
66 $settings{'TOR_ENABLED'} = 'off';
67 $settings{'TOR_SOCKS_PORT'} = 9050;
68 $settings{'TOR_EXIT_COUNTRY'} = '';
69 $settings{'TOR_USE_EXIT_NODES'} = '';
70 $settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}";
71 if (&Header::blue_used()) {
72 $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}";
73 }
74
75 $settings{'TOR_RELAY_ENABLED'} = 'off';
76 $settings{'TOR_RELAY_MODE'} = 'exit';
77 $settings{'TOR_RELAY_PORT'} = 9001;
78 $settings{'TOR_RELAY_NOADVERTISE'} = 'off';
79 $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0;
80 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
81 $settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0;
82 $settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily';
83
84 $settings{'ACTION'} = '';
85
86 my $errormessage = '';
87 my $warnmessage = '';
88
89 &Header::showhttpheaders();
90
91 # Load settings from file.
92 &General::readhash("${General::swroot}/tor/settings", \%settings);
93
94 # Get GUI values.
95 &Header::getcgihash(\%settings);
96
97 # Create tor command connection.
98 our $torctrl = &TorConnect();
99
100 # Toggle enable/disable field.
101 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
102 my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'});
103 $settings{'TOR_ALLOWED_SUBNETS'} = "";
104 foreach (@temp) {
105 s/^\s+//g; s/\s+$//g;
106 if ($_) {
107 unless (&General::validipandmask($_)) {
108 $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_";
109 }
110 $settings{'TOR_ALLOWED_SUBNETS'} .= $_.",";
111 }
112 }
113
114 @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'});
115 $settings{'TOR_USE_EXIT_NODES'} = "";
116 foreach (@temp) {
117 s/^\s+//g; s/\s+$//g;
118 if ($_) {
119 $settings{'TOR_USE_EXIT_NODES'} .= $_.",";
120 }
121 }
122
123 if ($errormessage eq '') {
124 # Write configuration settings to file.
125 &General::writehash("${General::swroot}/tor/settings", \%settings);
126
127 # Update configuration files.
128 &BuildConfiguration();
129 }
130
131 # Reset ACTION.
132 $settings{'ACTION'} = '';
133 }
134
135 &showMainBox();
136
137 # Close Tor control connection.
138 &TorClose($torctrl);
139
140 # Functions
141
142 sub showMainBox() {
143 my %checked = ();
144 my %selected = ();
145
146 $checked{'TOR_ENABLED'}{'on'} = '';
147 $checked{'TOR_ENABLED'}{'off'} = '';
148 $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked';
149
150 $checked{'TOR_RELAY_ENABLED'}{'on'} = '';
151 $checked{'TOR_RELAY_ENABLED'}{'off'} = '';
152 $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked';
153
154 &Header::openpage($Lang::tr{'tor configuration'}, 1, '');
155 &Header::openbigbox('100%', 'left', '', $errormessage);
156
157 if ($errormessage) {
158 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
159 print "<font class='base'>$errormessage&nbsp;</font>\n";
160 &Header::closebox();
161 }
162
163 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
164
165 &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'});
166
167 print <<END;
168 <table width='100%'>
169 <tr>
170 <td colspan='4' class='base'><b>$Lang::tr{'tor common settings'}</b></td>
171 </tr>
172 <tr>
173 <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td>
174 <td width='20%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td>
175 <td width='25%' class='base'></td>
176 <td width='30%'></td>
177 </tr>
178 <tr>
179 <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td>
180 <td width='20%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td>
181 <td width='25%' class='base'></td>
182 <td width='30%'></td>
183 </tr>
184 </table>
185 END
186
187 &Header::closebox();
188
189 if ($settings{'TOR_ENABLED'} eq 'on') {
190 my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
191 $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp);
192
193 @temp = split(",", $settings{'TOR_USE_EXIT_NODES'});
194 $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp);
195
196 &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'});
197
198 print <<END;
199 <table width='100%'>
200 <tr>
201 <td width='25%' class='base'>$Lang::tr{'tor socks port'}:</td>
202 <td width='30%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td>
203 <td width='50%' class='base' colspan='2'></td>
204 </tr>
205 </table>
206
207 <hr size='1'>
208
209 <table width='100%'>
210 <tr>
211 <td colspan='4' class='base'><b>$Lang::tr{'tor acls'}</b></td>
212 </tr>
213 <tr>
214 <td colspan='2' class='base' width='55%'>
215 $Lang::tr{'tor allowed subnets'}:
216 </td>
217 <td colspan='2' width='45%'></td>
218 </tr>
219 <tr>
220 <td colspan='2' class='base' width='55%'>
221 <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea>
222 </td>
223 <td colspan='2' width='45%'></td>
224 </tr>
225 </table>
226
227 <hr size='1'>
228
229 <table width='100%'>
230 <tr>
231 <td colspan='4' class='base'><b>$Lang::tr{'tor exit nodes'}</b></td>
232 </tr>
233 <tr>
234 <td colspan='2' class='base' width='55%'></td>
235 <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td>
236 </tr>
237 <tr>
238 <td width='50%' colspan='2'>
239 <select name='TOR_EXIT_COUNTRY'>
240 <option value=''>- $Lang::tr{'tor exit country any'} -</option>
241 END
242
243 my @country_names = Locale::Country::all_country_names();
244 foreach my $country_name (sort @country_names) {
245 my $country_code = Locale::Country::country2code($country_name);
246 $country_code = uc($country_code);
247 print "<option value='$country_code'>$country_name ($country_code)</option>\n";
248 }
249
250 print <<END;
251 </select>
252 </td>
253 <td colspan='2'>
254 <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea>
255 </td>
256 </tr>
257 </table>
258 END
259
260 &Header::closebox();
261 }
262
263 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
264 $checked{'TOR_RELAY_NOADVERTISE'}{'on'} = '';
265 $checked{'TOR_RELAY_NOADVERTISE'}{'off'} = '';
266 $checked{'TOR_RELAY_NOADVERTISE'}{$settings{'TOR_RELAY_NOADVERTISE'}} = 'checked';
267
268 $selected{'TOR_RELAY_MODE'}{'bridge'} = '';
269 $selected{'TOR_RELAY_MODE'}{'exit'} = '';
270 $selected{'TOR_RELAY_MODE'}{'private-bridge'} = '';
271 $selected{'TOR_RELAY_MODE'}{'relay'} = '';
272 $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected';
273
274 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = '';
275 foreach (@bandwidth_limits) {
276 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = '';
277 }
278 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected';
279
280 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = '';
281 foreach (@bandwidth_limits) {
282 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = '';
283 }
284 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected';
285
286 foreach (@accounting_periods) {
287 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = '';
288 }
289 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected';
290
291 &Header::openbox('100%', 'left', $Lang::tr{'tor relay configuration'});
292
293 print <<END;
294 <table width='100%'>
295 <tr>
296 <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td>
297 <td width='30%'>
298 <select name='TOR_RELAY_MODE'>
299 <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option>
300 <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option>
301 <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option>
302 <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option>
303 </select>
304 </td>
305 <td width='25%' class='base'>$Lang::tr{'tor relay port'}:</td>
306 <td width='20%'>
307 <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' />
308 </td>
309 </tr>
310 <tr>
311 <td width='25%' class='base'>$Lang::tr{'tor relay address'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
312 <td width='30%'>
313 <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' />
314 </td>
315 <td width='25%' class='base'>$Lang::tr{'tor do not advertise relay'}:</td>
316 <td width='20%'>
317 <input type='checkbox' name='TOR_RELAY_NOADVERTISE' $checked{'TOR_RELAY_NOADVERTISE'}{'on'} />
318 </td>
319 </tr>
320 <tr>
321 <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
322 <td width='30%'>
323 <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' />
324 </td>
325 <td colspan='2'></td>
326 </tr>
327 <tr>
328 <td width='25%' class='base'>$Lang::tr{'tor contact info'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
329 <td width='75%' colspan='3'>
330 <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' size='60' />
331 </td>
332 </tr>
333 </table>
334
335 <hr size='1'>
336
337 <table width='100%'>
338 <tr>
339 <td colspan='4' class='base'><b>$Lang::tr{'tor bandwidth settings'}</b></td>
340 </tr>
341 <tr>
342 <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td>
343 <td width='30%' class='base'>
344 <select name='TOR_RELAY_BANDWIDTH_RATE'>
345 END
346
347 foreach (@bandwidth_limits) {
348 if ($_ >= 1024) {
349 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
350 } else {
351 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kBit/s</option>\n";
352 }
353 }
354
355 print <<END;
356 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
357 </select>
358 </td>
359 <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:</td>
360 <td width='20%'>
361 <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' />
362 </td>
363 </tr>
364 <tr>
365 <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td>
366 <td width='20%' class='base'>
367 <select name='TOR_RELAY_BANDWIDTH_BURST'>
368 END
369
370 foreach (@bandwidth_limits) {
371 if ($_ >= 1024) {
372 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
373 } else {
374 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kBit/s</option>\n";
375 }
376 }
377 print <<END;
378 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
379 </select>
380 </td>
381 <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td>
382 <td width='20%'>
383 <select name='TOR_RELAY_ACCOUNTING_PERIOD'>
384 END
385
386 foreach (@accounting_periods) {
387 print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>";
388 }
389
390 print <<END;
391 </select>
392 </td>
393 </tr>
394 </table>
395 END
396
397 &Header::closebox();
398 }
399
400 print <<END;
401 <table width='100%'>
402 <tr>
403 <td>
404 <img src='/blob.gif' align='top' alt='*' />&nbsp;<font class='base'>$Lang::tr{'this field may be blank'}</font>
405 </td>
406 <td align='right'>&nbsp;</td>
407 </tr>
408 </table>
409
410 <hr>
411
412 <table width='100%'>
413 <tr>
414 <td>&nbsp;</td>
415 <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
416 <td>&nbsp;</td>
417 </tr>
418 </table>
419 END
420
421 # If we have a control connection, show the stats.
422 if ($torctrl) {
423 &Header::openbox('100%', 'left', $Lang::tr{'tor stats'});
424
425 my @traffic = &TorTrafficStats($torctrl);
426
427 if (@traffic) {
428 print <<END;
429 <table width='100%'>
430 END
431
432 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
433 my $fingerprint = &TorRelayFingerprint($torctrl);
434 if ($fingerprint) {
435 print <<END;
436 <tr>
437 <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td>
438 <td width='60%'>
439 <a href='https://atlas.torproject.org/#details/$fingerprint' target='_blank'>$fingerprint</a>
440 </td>
441 </tr>
442 END
443 }
444 }
445
446 my $address = TorGetInfo($torctrl, "address");
447 if ($address) {
448 print <<END;
449 <tr>
450 <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td>
451 <td width='60%'>$address</td>
452 </tr>
453 END
454 }
455
456 print <<END;
457 <tr>
458 <td width='40%'>$Lang::tr{'tor traffic read written'}:</td>
459 END
460 print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>";
461 print <<END;
462 </tr>
463 </table>
464 END
465 }
466
467 my $accounting = &TorAccountingStats($torctrl);
468 if ($accounting) {
469 print <<END;
470 <table width='100%'>
471 <tr>
472 <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td>
473 </tr>
474 END
475
476 if ($accounting->{'hibernating'} eq "hard") {
477 print <<END;
478 <tr>
479 <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'>
480 <font color='white'>$Lang::tr{'tor traffic limit hard'}</font>
481 </td>
482 </tr>
483 END
484 } elsif ($accounting->{'hibernating'} eq "soft") {
485 print <<END;
486 <tr>
487 <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'>
488 <font color='white'>$Lang::tr{'tor traffic limit soft'}</font>
489 </td>
490 </tr>
491 END
492 }
493
494 print <<END;
495 <tr>
496 <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td>
497 <td width='60%'>
498 $accounting->{'interval-start'} - $accounting->{'interval-end'}
499 </td>
500 </tr>
501 <tr>
502 <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td>
503 <td width='60%'>
504 END
505
506 print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'});
507 print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'});
508 print " $Lang::tr{'tor accounting bytes left'})";
509
510 print <<END;
511 </td>
512 </tr>
513 </table>
514 END
515 }
516
517 my @nodes = &TorORConnStatus($torctrl);
518 if (@nodes) {
519 print <<END;
520 <table width='100%'>
521 <tr>
522 <td colspan='3' class='base'><b>$Lang::tr{'tor connected relays'}</b></td>
523 </tr>
524 END
525
526 foreach my $node (@nodes) {
527 print <<END;
528 <tr>
529 <td width='40%'>
530 <a href='https://atlas.torproject.org/#details/$node->{'fingerprint'}' target='_blank'>
531 $node->{'name'}
532 </a>
533 </td>
534 <td width='30%'>
535 END
536
537 if (exists($node->{'country_code'})) {
538 print "<a href='country.cgi#$node->{'country_code'}'><img src='/images/flags/$node->{'country_code'}.png' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>";
539 }
540
541 print <<END;
542 <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'}
543 </td>
544 <td width='30%' align='right'>
545 ~$node->{'bandwidth_string'}
546 </td>
547 </tr>
548 END
549 }
550 print "</table>";
551 }
552
553 &Header::closebox();
554 }
555
556 print "</form>\n";
557
558 &Header::closebigbox();
559 &Header::closepage();
560 }
561
562 sub BuildConfiguration() {
563 my %settings = ();
564 &General::readhash("${General::swroot}/tor/settings", \%settings);
565
566 my $torrc = "${General::swroot}/tor/torrc";
567
568 open(FILE, ">$torrc");
569
570 # Global settings.
571 print FILE "ControlPort $TOR_CONTROL_PORT\n";
572
573 if ($settings{'TOR_ENABLED'} eq 'on') {
574 my $strict_nodes = 0;
575
576 print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n";
577
578 my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
579 foreach (@subnets) {
580 print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_));
581 }
582 print FILE "SocksPolicy reject *\n" if (@subnets);
583
584 if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
585 $strict_nodes = 1;
586
587 print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n";
588 }
589
590 if ($settings{'TOR_USE_EXIT_NODES'} ne '') {
591 $strict_nodes = 1;
592
593 my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'});
594 foreach (@nodes) {
595 print FILE "ExitNode $_\n";
596 }
597 }
598
599 if ($strict_nodes > 0) {
600 print FILE "StrictNodes 1\n";
601 }
602 }
603
604 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
605 # Reject access to private networks.
606 print FILE "ExitPolicyRejectPrivate 1\n";
607
608 print FILE "ORPort $settings{'TOR_RELAY_PORT'}";
609 if ($settings{'TOR_RELAY_NOADVERTISE'} eq 'on') {
610 print FILE " NoAdvertise";
611 }
612 print FILE "\n";
613
614 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
615 print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n";
616 }
617
618 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
619 print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n";
620 }
621
622 if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') {
623 print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n";
624 }
625
626 # Limit to bridge mode.
627 my $is_bridge = 0;
628
629 if ($settings{'TOR_RELAY_MODE'} eq 'bridge') {
630 $is_bridge++;
631
632 # Private bridge.
633 } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') {
634 $is_bridge++;
635
636 print FILE "PublishServerDescriptor 0\n";
637
638 # Exit node.
639 } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') {
640 print FILE "ExitPolicy accept *:*\n";
641
642 # Relay only.
643 } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') {
644 print FILE "ExitPolicy reject *:*\n";
645 }
646
647 if ($is_bridge > 0) {
648 print FILE "BridgeRelay 1\n";
649 print FILE "Exitpolicy reject *:*\n";
650 }
651
652 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) {
653 print FILE "RelayBandwidthRate ";
654 print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8;
655 print FILE " KB\n";
656
657 if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) {
658 print FILE "RelayBandwidthBurst ";
659 print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8;
660 print FILE " KB\n";
661 }
662 }
663
664 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) {
665 print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n";
666
667 if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') {
668 print FILE "AccountingStart day 00:00\n";
669 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') {
670 print FILE "AccountingStart week 1 00:00\n";
671 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') {
672 print FILE "AccountingStart month 1 00:00\n";
673 }
674 }
675 }
676
677 close(FILE);
678
679 # Restart the service.
680 if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) {
681 system("/usr/local/bin/torctrl restart");
682 } else {
683 system("/usr/local/bin/torctrl stop");
684 }
685 }
686
687 sub TorConnect() {
688 my $socket = new IO::Socket::INET(
689 Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT,
690 ) or return;
691
692 $socket->autoflush(1);
693
694 # Authenticate.
695 &TorSendCommand($socket, "AUTHENTICATE");
696
697 return $socket;
698 }
699
700 sub TorSendCommand() {
701 my ($socket, $cmd) = @_;
702
703 # Replace line ending with \r\n.
704 chomp $cmd;
705 $cmd .= "\r\n";
706
707 $socket->send($cmd);
708
709 my @output = ();
710 while (my $line = <$socket>) {
711 # Skip empty lines.
712 if ($line =~ /^.\r\n$/) {
713 next;
714 }
715
716 # Command has been successfully executed.
717 if ($line =~ /250 OK/) {
718 last;
719
720 # Error.
721 } elsif ($line =~ /^5\d+/) {
722 last;
723
724 } else {
725 # Remove line endings.
726 $line =~ s/\r\n$//;
727
728 push(@output, $line);
729 }
730 }
731
732 return @output;
733 }
734
735 sub TorSendCommandOneLine() {
736 my ($tor, $cmd) = @_;
737
738 my @output = &TorSendCommand($tor, $cmd);
739 return $output[0];
740 }
741
742 sub TorGetInfo() {
743 my ($tor, $cmd) = @_;
744
745 my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd);
746
747 my ($key, $value) = split("=", $output);
748 return $value;
749 }
750
751 sub TorClose() {
752 my $socket = shift;
753
754 if ($socket) {
755 $socket->shutdown(2);
756 }
757 }
758
759 sub TorTrafficStats() {
760 my $tor = shift;
761
762 my $output_read = &TorGetInfo($tor, "traffic/read");
763 my $output_written = &TorGetInfo($tor, "traffic/written");
764
765 return ($output_read, $output_written);
766 }
767
768 sub TorRelayFingerprint() {
769 my $tor = shift;
770
771 return &TorGetInfo($tor, "fingerprint");
772 }
773
774 sub TorORConnStatus() {
775 my $tor = shift;
776 my @nodes = ();
777
778 my @output = &TorSendCommand($tor, "GETINFO orconn-status");
779 foreach (@output) {
780 $_ =~ s/^250[\+-]orconn-status=//;
781 next if ($_ eq "");
782 last if ($_ eq ".");
783 next unless ($_ =~ /^\$/);
784
785 my @line = split(" ", $_);
786 my @node = split(/[=~]/, $line[0]);
787
788 my $node = &TorNodeDescription($tor, $node[0]);
789 if ($node) {
790 push(@nodes, $node);
791 }
792 }
793
794 # Sort by names.
795 @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes;
796
797 return @nodes;
798 }
799
800 sub TorNodeDescription() {
801 my ($tor, $fingerprint) = @_;
802 $fingerprint =~ s/\$//;
803
804 my $node = {
805 fingerprint => $fingerprint,
806 exit_node => 0,
807 };
808
809 my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}");
810
811 foreach (@output) {
812 # Router
813 if ($_ =~ /^r (\w+) (.*) (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (\d+)/) {
814 $node->{'name'} = $1;
815 $node->{'address'} = $3;
816 $node->{'port'} = $4;
817
818 my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}");
819 $node->{'country_code'} = $country_code;
820
821 # Flags
822 } elsif ($_ =~ /^s (.*)$/) {
823 $node->{'flags'} = split(" ", $1);
824
825 foreach my $flag ($node->{'flags'}) {
826 if ($flag eq "Exit") {
827 $node->{'exit_node'}++;
828 }
829 }
830
831 # Bandwidth
832 } elsif ($_ =~ /^w Bandwidth=(\d+)/) {
833 $node->{'bandwidth'} = $1 * 8;
834 $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'});
835 }
836 }
837
838 if (exists($node->{'name'})) {
839 return $node;
840 }
841 }
842
843 sub TorAccountingStats() {
844 my $tor = shift;
845 my $ret = {};
846
847 my $enabled = &TorGetInfo($tor, "accounting/enabled");
848 if ($enabled ne '1') {
849 return;
850 }
851
852 my @cmds = ("hibernating", "interval-start", "interval-end");
853 foreach (@cmds) {
854 $ret->{$_} = &TorGetInfo($tor, "accounting/$_");
855 }
856
857 my @cmds = ("bytes", "bytes-left");
858 foreach (@cmds) {
859 my $output = &TorGetInfo($tor, "accounting/$_");
860 my @bytes = split(" ", $output);
861
862 $ret->{$_."_read"} = $bytes[0];
863 $ret->{$_."_written"} = $bytes[1];
864 }
865
866 return $ret;
867 }
868
869 sub FormatBytes() {
870 my $bytes = shift;
871
872 my @units = ("B", "KB", "MB", "GB", "TB");
873 my $units_index = 0;
874
875 while (($units_index <= $#units) && ($bytes >= 1024)) {
876 $units_index++;
877 $bytes /= 1024;
878 }
879
880 return sprintf("%.2f %s", $bytes, $units[$units_index]);
881 }
882
883 sub FormatBitsPerSecond() {
884 my $bits = shift;
885
886 my @units = ("Bit/s", "KBit/s", "MBit/s", "GBit/s", "TBit/s");
887 my $units_index = 0;
888
889 while (($units_index <= $#units) && ($bits >= 1024)) {
890 $units_index++;
891 $bits /= 1024;
892 }
893
894 return sprintf("%.2f %s", $bits, $units[$units_index]);
895 }
Timo's tree of IPFire 2.x