dca5fda143c2e596329cfc8300166b74e991aaa5
[people/teissler/ipfire-2.x.git] / html / cgi-bin / tor.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23 use Locale::Country;
24
25 # enable only the following on debugging purpose
26 use warnings;
27 use CGI::Carp 'fatalsToBrowser';
28
29 require '/var/ipfire/general-functions.pl';
30 require "${General::swroot}/lang.pl";
31 require "${General::swroot}/header.pl";
32
33 #workaround to suppress a warning when a variable is used only once
34 my @dummy = ( ${Header::colouryellow} );
35 undef (@dummy);
36
37 my @bandwidth_limits = (
38 1000 * 1024, # 1G
39 500 * 1024,
40 200 * 1024,
41 100 * 1024, # 100M
42 64 * 1024,
43 50 * 1024,
44 25 * 1024,
45 20 * 1024,
46 16 * 1024,
47 10 * 1024,
48 8 * 1024,
49 4 * 1024,
50 2 * 1024,
51 1024, # 1M
52 512,
53 256,
54 160
55 );
56 my @accounting_periods = ('daily', 'weekly', 'monthly');
57
58 my $TOR_CONTROL_PORT = 9051;
59
60 our %netsettings = ();
61 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
62
63 our %settings = ();
64
65 $settings{'TOR_ENABLED'} = 'off';
66 $settings{'TOR_SOCKS_PORT'} = 9050;
67 $settings{'TOR_EXIT_COUNTRY'} = '';
68 $settings{'TOR_USE_EXIT_NODES'} = '';
69 $settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}";
70 if (&Header::blue_used()) {
71 $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}";
72 }
73
74 $settings{'TOR_RELAY_ENABLED'} = 'off';
75 $settings{'TOR_RELAY_MODE'} = 'exit';
76 $settings{'TOR_RELAY_PORT'} = 9001;
77 $settings{'TOR_RELAY_NOADVERTISE'} = 'off';
78 $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0;
79 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
80 $settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0;
81 $settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily';
82
83 $settings{'ACTION'} = '';
84
85 my $errormessage = '';
86 my $warnmessage = '';
87
88 &Header::showhttpheaders();
89
90 # Get GUI values.
91 &Header::getcgihash(\%settings);
92
93 # Create tor command connection.
94 our $torctrl = &TorConnect();
95
96 # Toggle enable/disable field.
97 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
98 my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'});
99 $settings{'TOR_ALLOWED_SUBNETS'} = "";
100 foreach (@temp) {
101 s/^\s+//g; s/\s+$//g;
102 if ($_) {
103 unless (&General::validipandmask($_)) {
104 $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_";
105 }
106 $settings{'TOR_ALLOWED_SUBNETS'} .= $_.",";
107 }
108 }
109
110 @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'});
111 $settings{'TOR_USE_EXIT_NODES'} = "";
112 foreach (@temp) {
113 s/^\s+//g; s/\s+$//g;
114 if ($_) {
115 $settings{'TOR_USE_EXIT_NODES'} .= $_.",";
116 }
117 }
118
119 if ($errormessage eq '') {
120 # Write configuration settings to file.
121 &General::writehash("${General::swroot}/tor/settings", \%settings);
122
123 # Update configuration files.
124 &BuildConfiguration();
125 }
126
127 # Reset ACTION.
128 $settings{'ACTION'} = '';
129 }
130
131 # Load settings from file.
132 &General::readhash("${General::swroot}/tor/settings", \%settings);
133
134 &showMainBox();
135
136 # Close Tor control connection.
137 &TorClose($torctrl);
138
139 # Functions
140
141 sub showMainBox() {
142 my %checked = ();
143 my %selected = ();
144
145 $checked{'TOR_ENABLED'}{'on'} = '';
146 $checked{'TOR_ENABLED'}{'off'} = '';
147 $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked';
148
149 $checked{'TOR_RELAY_ENABLED'}{'on'} = '';
150 $checked{'TOR_RELAY_ENABLED'}{'off'} = '';
151 $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked';
152
153 &Header::openpage($Lang::tr{'tor configuration'}, 1, '');
154 &Header::openbigbox('100%', 'left', '', $errormessage);
155
156 if ($errormessage) {
157 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
158 print "<font class='base'>$errormessage&nbsp;</font>\n";
159 &Header::closebox();
160 }
161
162 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
163
164 &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'});
165
166 print <<END;
167 <table width='100%'>
168 <tr>
169 <td colspan='4' class='base'><b>$Lang::tr{'tor common settings'}</b></td>
170 </tr>
171 <tr>
172 <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td>
173 <td width='30%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td>
174 <td width='25%' class='base'>$Lang::tr{'tor socks port'}:</td>
175 <td width='20%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td>
176 </tr>
177 <tr>
178 <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td>
179 <td width='30%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td>
180 <td width='25%' class='base'></td>
181 <td width='20%'></td>
182 </tr>
183 </table>
184 END
185
186 if ($settings{'TOR_ENABLED'} eq 'on') {
187 my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
188 $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp);
189
190 @temp = split(",", $settings{'TOR_USE_EXIT_NODES'});
191 $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp);
192
193 print <<END;
194 <br>
195 <hr size='1'>
196 <br>
197
198 <table width='100%'>
199 <tr>
200 <td colspan='4' class='base'><b>$Lang::tr{'tor acls'}</b></td>
201 </tr>
202 <tr>
203 <td colspan='2' class='base' width='55%'>
204 $Lang::tr{'tor allowed subnets'}:
205 </td>
206 <td colspan='2' width='45%'></td>
207 </tr>
208 <tr>
209 <td colspan='2' class='base' width='55%'>
210 <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea>
211 </td>
212 <td colspan='2' width='45%'></td>
213 </tr>
214 </table>
215
216 <br>
217 <hr size='1'>
218 <br>
219
220 <table width='100%'>
221 <tr>
222 <td colspan='4' class='base'><b>$Lang::tr{'tor exit nodes'}</b></td>
223 </tr>
224 <tr>
225 <td colspan='2' class='base' width='55%'></td>
226 <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td>
227 </tr>
228 <tr>
229 <td width='50%' colspan='2'>
230 <select name='TOR_EXIT_COUNTRY'>
231 <option value=''>- $Lang::tr{'tor exit country any'} -</option>
232 END
233
234 my @country_names = Locale::Country::all_country_names();
235 foreach my $country_name (sort @country_names) {
236 my $country_code = Locale::Country::country2code($country_name);
237 $country_code = uc($country_code);
238 print "<option value='$country_code'>$country_name ($country_code)</option>\n";
239 }
240
241 print <<END;
242 </select>
243 </td>
244 <td width='50%' colspan='2'>
245 <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea>
246 </td>
247 </tr>
248 </table>
249 <br><br>
250 END
251 }
252
253 &Header::closebox();
254
255 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
256 $checked{'TOR_RELAY_NOADVERTISE'}{'on'} = '';
257 $checked{'TOR_RELAY_NOADVERTISE'}{'off'} = '';
258 $checked{'TOR_RELAY_NOADVERTISE'}{$settings{'TOR_RELAY_NOADVERTISE'}} = 'checked';
259
260 $selected{'TOR_RELAY_MODE'}{'bridge'} = '';
261 $selected{'TOR_RELAY_MODE'}{'exit'} = '';
262 $selected{'TOR_RELAY_MODE'}{'private-bridge'} = '';
263 $selected{'TOR_RELAY_MODE'}{'relay'} = '';
264 $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected';
265
266 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = '';
267 foreach (@bandwidth_limits) {
268 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = '';
269 }
270 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected';
271
272 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = '';
273 foreach (@bandwidth_limits) {
274 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = '';
275 }
276 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected';
277
278 foreach (@accounting_periods) {
279 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = '';
280 }
281 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected';
282
283 &Header::openbox('100%', 'left', $Lang::tr{'tor relay configuration'});
284
285 print <<END;
286 <table width='100%'>
287 <tr>
288 <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td>
289 <td width='30%'>
290 <select name='TOR_RELAY_MODE'>
291 <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option>
292 <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option>
293 <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option>
294 <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option>
295 </select>
296 </td>
297 <td width='25%' class='base'>$Lang::tr{'tor relay port'}:</td>
298 <td width='20%'>
299 <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' />
300 </td>
301 </tr>
302 <tr>
303 <td width='25%' class='base'>$Lang::tr{'tor relay address'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
304 <td width='30%'>
305 <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' />
306 </td>
307 <td width='25%' class='base'>$Lang::tr{'tor do not advertise relay'}:</td>
308 <td width='20%'>
309 <input type='checkbox' name='TOR_RELAY_NOADVERTISE' $checked{'TOR_RELAY_NOADVERTISE'}{'on'} />
310 </td>
311 </tr>
312 <tr>
313 <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
314 <td width='30%'>
315 <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' />
316 </td>
317 <td colspan='2'></td>
318 </tr>
319 <tr>
320 <td width='25%' class='base'>$Lang::tr{'tor contact info'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
321 <td width='75%' colspan='3'>
322 <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' size='60' />
323 </td>
324 </tr>
325 </table>
326
327 <hr size='1'>
328
329 <table width='100%'>
330 <tr>
331 <td colspan='4' class='base'><b>$Lang::tr{'tor bandwidth settings'}</b></td>
332 </tr>
333 <tr>
334 <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td>
335 <td width='30%' class='base'>
336 <select name='TOR_RELAY_BANDWIDTH_RATE'>
337 END
338
339 foreach (@bandwidth_limits) {
340 if ($_ >= 1024) {
341 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
342 } else {
343 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kBit/s</option>\n";
344 }
345 }
346
347 print <<END;
348 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
349 </select>
350 </td>
351 <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:</td>
352 <td width='20%'>
353 <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' />
354 </td>
355 </tr>
356 <tr>
357 <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td>
358 <td width='20%' class='base'>
359 <select name='TOR_RELAY_BANDWIDTH_BURST'>
360 END
361
362 foreach (@bandwidth_limits) {
363 if ($_ >= 1024) {
364 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
365 } else {
366 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kBit/s</option>\n";
367 }
368 }
369 print <<END;
370 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
371 </select>
372 </td>
373 <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td>
374 <td width='20%'>
375 <select name='TOR_RELAY_ACCOUNTING_PERIOD'>
376 END
377
378 foreach (@accounting_periods) {
379 print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>";
380 }
381
382 print <<END;
383 </select>
384 </td>
385 </tr>
386 </table>
387 END
388
389 &Header::closebox();
390 }
391
392 print <<END;
393 <table width='100%'>
394 <tr>
395 <td>
396 <img src='/blob.gif' align='top' alt='*' />&nbsp;<font class='base'>$Lang::tr{'this field may be blank'}</font>
397 </td>
398 <td align='right'>&nbsp;</td>
399 </tr>
400 </table>
401
402 <hr>
403
404 <table width='100%'>
405 <tr>
406 <td>&nbsp;</td>
407 <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
408 <td>&nbsp;</td>
409 </tr>
410 </table>
411 END
412
413 # If we have a control connection, show the stats.
414 if ($torctrl) {
415 &Header::openbox('100%', 'left', $Lang::tr{'tor stats'});
416
417 my @traffic = &TorTrafficStats($torctrl);
418
419 if (@traffic) {
420 print <<END;
421 <table width='100%'>
422 END
423
424 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
425 my $fingerprint = &TorRelayFingerprint($torctrl);
426 if ($fingerprint) {
427 print <<END;
428 <tr>
429 <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td>
430 <td width='60%'>
431 <a href='https://atlas.torproject.org/#details/$fingerprint' target='_blank'>$fingerprint</a>
432 </td>
433 </tr>
434 END
435 }
436 }
437
438 my $address = TorGetInfo($torctrl, "address");
439 if ($address) {
440 print <<END;
441 <tr>
442 <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td>
443 <td width='60%'>$address</td>
444 </tr>
445 END
446 }
447
448 print <<END;
449 <tr>
450 <td width='40%'>$Lang::tr{'tor traffic read written'}:</td>
451 END
452 print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>";
453 print <<END;
454 </tr>
455 </table>
456 END
457 }
458
459 my $accounting = &TorAccountingStats($torctrl);
460 if ($accounting) {
461 print <<END;
462 <table width='100%'>
463 <tr>
464 <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td>
465 </tr>
466 END
467
468 if ($accounting->{'hibernating'} eq "hard") {
469 print <<END;
470 <tr>
471 <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'>
472 <font color='white'>$Lang::tr{'tor traffic limit hard'}</font>
473 </td>
474 </tr>
475 END
476 } elsif ($accounting->{'hibernating'} eq "soft") {
477 print <<END;
478 <tr>
479 <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'>
480 <font color='white'>$Lang::tr{'tor traffic limit soft'}</font>
481 </td>
482 </tr>
483 END
484 }
485
486 print <<END;
487 <tr>
488 <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td>
489 <td width='60%'>
490 $accounting->{'interval-start'} - $accounting->{'interval-end'}
491 </td>
492 </tr>
493 <tr>
494 <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td>
495 <td width='60%'>
496 END
497
498 print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'});
499 print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'});
500 print " $Lang::tr{'tor accounting bytes left'})";
501
502 print <<END;
503 </td>
504 </tr>
505 </table>
506 END
507 }
508
509 my @nodes = &TorORConnStatus($torctrl);
510 if (@nodes) {
511 my $nodes_length = scalar @nodes;
512 print <<END;
513 <table width='100%'>
514 <tr>
515 <td width='40%' class='base'><b>$Lang::tr{'tor connected relays'}</b></td>
516 <td width='60%' colspan='2'>($nodes_length)</td>
517 </tr>
518 END
519
520 foreach my $node (@nodes) {
521 print <<END;
522 <tr>
523 <td width='40%'>
524 <a href='https://atlas.torproject.org/#details/$node->{'fingerprint'}' target='_blank'>
525 $node->{'name'}
526 </a>
527 </td>
528 <td width='30%'>
529 END
530
531 if (exists($node->{'country_code'})) {
532 print "<a href='country.cgi#$node->{'country_code'}'><img src='/images/flags/$node->{'country_code'}.png' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>";
533 }
534
535 print <<END;
536 <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'}
537 </td>
538 <td width='30%' align='right'>
539 ~$node->{'bandwidth_string'}
540 </td>
541 </tr>
542 END
543 }
544 print "</table>";
545 }
546
547 &Header::closebox();
548 }
549
550 print "</form>\n";
551
552 &Header::closebigbox();
553 &Header::closepage();
554 }
555
556 sub BuildConfiguration() {
557 my %settings = ();
558 &General::readhash("${General::swroot}/tor/settings", \%settings);
559
560 my $torrc = "${General::swroot}/tor/torrc";
561
562 open(FILE, ">$torrc");
563
564 # Global settings.
565 print FILE "ControlPort $TOR_CONTROL_PORT\n";
566
567 if ($settings{'TOR_ENABLED'} eq 'on') {
568 my $strict_nodes = 0;
569
570 print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n";
571
572 my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
573 foreach (@subnets) {
574 print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_));
575 }
576 print FILE "SocksPolicy reject *\n" if (@subnets);
577
578 if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
579 $strict_nodes = 1;
580
581 print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n";
582 }
583
584 if ($settings{'TOR_USE_EXIT_NODES'} ne '') {
585 $strict_nodes = 1;
586
587 my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'});
588 foreach (@nodes) {
589 print FILE "ExitNode $_\n";
590 }
591 }
592
593 if ($strict_nodes > 0) {
594 print FILE "StrictNodes 1\n";
595 }
596 }
597
598 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
599 # Reject access to private networks.
600 print FILE "ExitPolicyRejectPrivate 1\n";
601
602 print FILE "ORPort $settings{'TOR_RELAY_PORT'}";
603 if ($settings{'TOR_RELAY_NOADVERTISE'} eq 'on') {
604 print FILE " NoAdvertise";
605 }
606 print FILE "\n";
607
608 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
609 print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n";
610 }
611
612 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
613 print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n";
614 }
615
616 if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') {
617 print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n";
618 }
619
620 # Limit to bridge mode.
621 my $is_bridge = 0;
622
623 if ($settings{'TOR_RELAY_MODE'} eq 'bridge') {
624 $is_bridge++;
625
626 # Private bridge.
627 } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') {
628 $is_bridge++;
629
630 print FILE "PublishServerDescriptor 0\n";
631
632 # Exit node.
633 } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') {
634 print FILE "ExitPolicy accept *:*\n";
635
636 # Relay only.
637 } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') {
638 print FILE "ExitPolicy reject *:*\n";
639 }
640
641 if ($is_bridge > 0) {
642 print FILE "BridgeRelay 1\n";
643 print FILE "Exitpolicy reject *:*\n";
644 }
645
646 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) {
647 print FILE "RelayBandwidthRate ";
648 print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8;
649 print FILE " KB\n";
650
651 if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) {
652 print FILE "RelayBandwidthBurst ";
653 print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8;
654 print FILE " KB\n";
655 }
656 }
657
658 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) {
659 print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n";
660
661 if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') {
662 print FILE "AccountingStart day 00:00\n";
663 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') {
664 print FILE "AccountingStart week 1 00:00\n";
665 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') {
666 print FILE "AccountingStart month 1 00:00\n";
667 }
668 }
669 }
670
671 close(FILE);
672
673 # Restart the service.
674 if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) {
675 system("/usr/local/bin/torctrl restart &>/dev/null");
676 } else {
677 system("/usr/local/bin/torctrl stop &>/dev/null");
678 }
679 }
680
681 sub TorConnect() {
682 my $socket = new IO::Socket::INET(
683 Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT,
684 ) or return;
685
686 $socket->autoflush(1);
687
688 # Authenticate.
689 &TorSendCommand($socket, "AUTHENTICATE");
690
691 return $socket;
692 }
693
694 sub TorSendCommand() {
695 my ($socket, $cmd) = @_;
696
697 # Replace line ending with \r\n.
698 chomp $cmd;
699 $cmd .= "\r\n";
700
701 $socket->send($cmd);
702
703 my @output = ();
704 while (my $line = <$socket>) {
705 # Skip empty lines.
706 if ($line =~ /^.\r\n$/) {
707 next;
708 }
709
710 # Command has been successfully executed.
711 if ($line =~ /250 OK/) {
712 last;
713
714 # Error.
715 } elsif ($line =~ /^5\d+/) {
716 last;
717
718 } else {
719 # Remove line endings.
720 $line =~ s/\r\n$//;
721
722 push(@output, $line);
723 }
724 }
725
726 return @output;
727 }
728
729 sub TorSendCommandOneLine() {
730 my ($tor, $cmd) = @_;
731
732 my @output = &TorSendCommand($tor, $cmd);
733 return $output[0];
734 }
735
736 sub TorGetInfo() {
737 my ($tor, $cmd) = @_;
738
739 my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd);
740
741 my ($key, $value) = split("=", $output);
742 return $value;
743 }
744
745 sub TorClose() {
746 my $socket = shift;
747
748 if ($socket) {
749 $socket->shutdown(2);
750 }
751 }
752
753 sub TorTrafficStats() {
754 my $tor = shift;
755
756 my $output_read = &TorGetInfo($tor, "traffic/read");
757 my $output_written = &TorGetInfo($tor, "traffic/written");
758
759 return ($output_read, $output_written);
760 }
761
762 sub TorRelayFingerprint() {
763 my $tor = shift;
764
765 return &TorGetInfo($tor, "fingerprint");
766 }
767
768 sub TorORConnStatus() {
769 my $tor = shift;
770 my @nodes = ();
771
772 my @output = &TorSendCommand($tor, "GETINFO orconn-status");
773 foreach (@output) {
774 $_ =~ s/^250[\+-]orconn-status=//;
775 next if ($_ eq "");
776 last if ($_ eq ".");
777 next unless ($_ =~ /^\$/);
778
779 my @line = split(" ", $_);
780 my @node = split(/[=~]/, $line[0]);
781
782 my $node = &TorNodeDescription($tor, $node[0]);
783 if ($node) {
784 push(@nodes, $node);
785 }
786 }
787
788 # Sort by names.
789 @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes;
790
791 return @nodes;
792 }
793
794 sub TorNodeDescription() {
795 my ($tor, $fingerprint) = @_;
796 $fingerprint =~ s/\$//;
797
798 my $node = {
799 fingerprint => $fingerprint,
800 exit_node => 0,
801 };
802
803 my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}");
804
805 foreach (@output) {
806 # Router
807 if ($_ =~ /^r (\w+) (.*) (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (\d+)/) {
808 $node->{'name'} = $1;
809 $node->{'address'} = $3;
810 $node->{'port'} = $4;
811
812 my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}");
813 $node->{'country_code'} = $country_code;
814
815 # Flags
816 } elsif ($_ =~ /^s (.*)$/) {
817 $node->{'flags'} = split(" ", $1);
818
819 foreach my $flag ($node->{'flags'}) {
820 if ($flag eq "Exit") {
821 $node->{'exit_node'}++;
822 }
823 }
824
825 # Bandwidth
826 } elsif ($_ =~ /^w Bandwidth=(\d+)/) {
827 $node->{'bandwidth'} = $1 * 8;
828 $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'});
829 }
830 }
831
832 if (exists($node->{'name'})) {
833 return $node;
834 }
835 }
836
837 sub TorAccountingStats() {
838 my $tor = shift;
839 my $ret = {};
840
841 my $enabled = &TorGetInfo($tor, "accounting/enabled");
842 if ($enabled ne '1') {
843 return;
844 }
845
846 my @cmds = ("hibernating", "interval-start", "interval-end");
847 foreach (@cmds) {
848 $ret->{$_} = &TorGetInfo($tor, "accounting/$_");
849 }
850
851 my @cmds = ("bytes", "bytes-left");
852 foreach (@cmds) {
853 my $output = &TorGetInfo($tor, "accounting/$_");
854 my @bytes = split(" ", $output);
855
856 $ret->{$_."_read"} = $bytes[0];
857 $ret->{$_."_written"} = $bytes[1];
858 }
859
860 return $ret;
861 }
862
863 sub FormatBytes() {
864 my $bytes = shift;
865
866 my @units = ("B", "KB", "MB", "GB", "TB");
867 my $units_index = 0;
868
869 while (($units_index <= $#units) && ($bytes >= 1024)) {
870 $units_index++;
871 $bytes /= 1024;
872 }
873
874 return sprintf("%.2f %s", $bytes, $units[$units_index]);
875 }
876
877 sub FormatBitsPerSecond() {
878 my $bits = shift;
879
880 my @units = ("Bit/s", "KBit/s", "MBit/s", "GBit/s", "TBit/s");
881 my $units_index = 0;
882
883 while (($units_index <= $#units) && ($bits >= 1024)) {
884 $units_index++;
885 $bits /= 1024;
886 }
887
888 return sprintf("%.2f %s", $bits, $units[$units_index]);
889 }