Merge remote-tracking branch 'ms/tor' into tor
[people/teissler/ipfire-2.x.git] / html / cgi-bin / tor.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23 use Locale::Country;
24
25 # enable only the following on debugging purpose
26 use warnings;
27 use CGI::Carp 'fatalsToBrowser';
28
29 require '/var/ipfire/general-functions.pl';
30 require "${General::swroot}/lang.pl";
31 require "${General::swroot}/header.pl";
32
33 #workaround to suppress a warning when a variable is used only once
34 my @dummy = ( ${Header::colouryellow} );
35 undef (@dummy);
36
37 my @bandwidth_limits = (
38 1000 * 1024, # 1G
39 500 * 1024,
40 200 * 1024,
41 100 * 1024, # 100M
42 64 * 1024,
43 50 * 1024,
44 25 * 1024,
45 20 * 1024,
46 16 * 1024,
47 10 * 1024,
48 8 * 1024,
49 4 * 1024,
50 2 * 1024,
51 1024, # 1M
52 512,
53 256,
54 128,
55 64
56 );
57 my @accounting_periods = ('daily', 'weekly', 'monthly');
58
59 my $TOR_CONTROL_PORT = 9051;
60
61 our %netsettings = ();
62 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
63
64 our %settings = ();
65
66 $settings{'TOR_ENABLED'} = 'off';
67 $settings{'TOR_SOCKS_PORT'} = 9050;
68 $settings{'TOR_EXIT_COUNTRY'} = '';
69 $settings{'TOR_USE_EXIT_NODES'} = '';
70 $settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}";
71 if (&Header::blue_used()) {
72 $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}";
73 }
74
75 $settings{'TOR_RELAY_ENABLED'} = 'off';
76 $settings{'TOR_RELAY_MODE'} = 'exit';
77 $settings{'TOR_RELAY_PORT'} = 9001;
78 $settings{'TOR_RELAY_NOADVERTISE'} = 'off';
79 $settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0;
80 $settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0;
81 $settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0;
82 $settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily';
83
84 $settings{'ACTION'} = '';
85
86 my $errormessage = '';
87 my $warnmessage = '';
88
89 &Header::showhttpheaders();
90
91 # Get GUI values.
92 &Header::getcgihash(\%settings);
93
94 # Create tor command connection.
95 our $torctrl = &TorConnect();
96
97 # Toggle enable/disable field.
98 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
99 my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'});
100 $settings{'TOR_ALLOWED_SUBNETS'} = "";
101 foreach (@temp) {
102 s/^\s+//g; s/\s+$//g;
103 if ($_) {
104 unless (&General::validipandmask($_)) {
105 $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_";
106 }
107 $settings{'TOR_ALLOWED_SUBNETS'} .= $_.",";
108 }
109 }
110
111 @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'});
112 $settings{'TOR_USE_EXIT_NODES'} = "";
113 foreach (@temp) {
114 s/^\s+//g; s/\s+$//g;
115 if ($_) {
116 $settings{'TOR_USE_EXIT_NODES'} .= $_.",";
117 }
118 }
119
120 if ($errormessage eq '') {
121 # Write configuration settings to file.
122 &General::writehash("${General::swroot}/tor/settings", \%settings);
123
124 # Update configuration files.
125 &BuildConfiguration();
126 }
127
128 # Reset ACTION.
129 $settings{'ACTION'} = '';
130 }
131
132 # Load settings from file.
133 &General::readhash("${General::swroot}/tor/settings", \%settings);
134
135 &showMainBox();
136
137 # Close Tor control connection.
138 &TorClose($torctrl);
139
140 # Functions
141
142 sub showMainBox() {
143 my %checked = ();
144 my %selected = ();
145
146 $checked{'TOR_ENABLED'}{'on'} = '';
147 $checked{'TOR_ENABLED'}{'off'} = '';
148 $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked';
149
150 $checked{'TOR_RELAY_ENABLED'}{'on'} = '';
151 $checked{'TOR_RELAY_ENABLED'}{'off'} = '';
152 $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked';
153
154 &Header::openpage($Lang::tr{'tor configuration'}, 1, '');
155 &Header::openbigbox('100%', 'left', '', $errormessage);
156
157 if ($errormessage) {
158 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
159 print "<font class='base'>$errormessage&nbsp;</font>\n";
160 &Header::closebox();
161 }
162
163 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
164
165 &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'});
166
167 print <<END;
168 <table width='100%'>
169 <tr>
170 <td colspan='4' class='base'><b>$Lang::tr{'tor common settings'}</b></td>
171 </tr>
172 <tr>
173 <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td>
174 <td width='30%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td>
175 <td width='25%' class='base'>$Lang::tr{'tor socks port'}:</td>
176 <td width='20%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td>
177 </tr>
178 <tr>
179 <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td>
180 <td width='30%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td>
181 <td width='25%' class='base'></td>
182 <td width='20%'></td>
183 </tr>
184 </table>
185 END
186
187 if ($settings{'TOR_ENABLED'} eq 'on') {
188 my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
189 $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp);
190
191 @temp = split(",", $settings{'TOR_USE_EXIT_NODES'});
192 $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp);
193
194 print <<END;
195 <br>
196 <hr size='1'>
197 <br>
198
199 <table width='100%'>
200 <tr>
201 <td colspan='4' class='base'><b>$Lang::tr{'tor acls'}</b></td>
202 </tr>
203 <tr>
204 <td colspan='2' class='base' width='55%'>
205 $Lang::tr{'tor allowed subnets'}:
206 </td>
207 <td colspan='2' width='45%'></td>
208 </tr>
209 <tr>
210 <td colspan='2' class='base' width='55%'>
211 <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea>
212 </td>
213 <td colspan='2' width='45%'></td>
214 </tr>
215 </table>
216
217 <br>
218 <hr size='1'>
219 <br>
220
221 <table width='100%'>
222 <tr>
223 <td colspan='4' class='base'><b>$Lang::tr{'tor exit nodes'}</b></td>
224 </tr>
225 <tr>
226 <td colspan='2' class='base' width='55%'></td>
227 <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td>
228 </tr>
229 <tr>
230 <td width='50%' colspan='2'>
231 <select name='TOR_EXIT_COUNTRY'>
232 <option value=''>- $Lang::tr{'tor exit country any'} -</option>
233 END
234
235 my @country_names = Locale::Country::all_country_names();
236 foreach my $country_name (sort @country_names) {
237 my $country_code = Locale::Country::country2code($country_name);
238 $country_code = uc($country_code);
239 print "<option value='$country_code'>$country_name ($country_code)</option>\n";
240 }
241
242 print <<END;
243 </select>
244 </td>
245 <td width='50%' colspan='2'>
246 <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea>
247 </td>
248 </tr>
249 </table>
250 <br><br>
251 END
252 }
253
254 &Header::closebox();
255
256 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
257 $checked{'TOR_RELAY_NOADVERTISE'}{'on'} = '';
258 $checked{'TOR_RELAY_NOADVERTISE'}{'off'} = '';
259 $checked{'TOR_RELAY_NOADVERTISE'}{$settings{'TOR_RELAY_NOADVERTISE'}} = 'checked';
260
261 $selected{'TOR_RELAY_MODE'}{'bridge'} = '';
262 $selected{'TOR_RELAY_MODE'}{'exit'} = '';
263 $selected{'TOR_RELAY_MODE'}{'private-bridge'} = '';
264 $selected{'TOR_RELAY_MODE'}{'relay'} = '';
265 $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected';
266
267 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = '';
268 foreach (@bandwidth_limits) {
269 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = '';
270 }
271 $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected';
272
273 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = '';
274 foreach (@bandwidth_limits) {
275 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = '';
276 }
277 $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected';
278
279 foreach (@accounting_periods) {
280 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = '';
281 }
282 $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected';
283
284 &Header::openbox('100%', 'left', $Lang::tr{'tor relay configuration'});
285
286 print <<END;
287 <table width='100%'>
288 <tr>
289 <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td>
290 <td width='30%'>
291 <select name='TOR_RELAY_MODE'>
292 <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option>
293 <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option>
294 <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option>
295 <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option>
296 </select>
297 </td>
298 <td width='25%' class='base'>$Lang::tr{'tor relay port'}:</td>
299 <td width='20%'>
300 <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' />
301 </td>
302 </tr>
303 <tr>
304 <td width='25%' class='base'>$Lang::tr{'tor relay address'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
305 <td width='30%'>
306 <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' />
307 </td>
308 <td width='25%' class='base'>$Lang::tr{'tor do not advertise relay'}:</td>
309 <td width='20%'>
310 <input type='checkbox' name='TOR_RELAY_NOADVERTISE' $checked{'TOR_RELAY_NOADVERTISE'}{'on'} />
311 </td>
312 </tr>
313 <tr>
314 <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
315 <td width='30%'>
316 <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' />
317 </td>
318 <td colspan='2'></td>
319 </tr>
320 <tr>
321 <td width='25%' class='base'>$Lang::tr{'tor contact info'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
322 <td width='75%' colspan='3'>
323 <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' size='60' />
324 </td>
325 </tr>
326 </table>
327
328 <hr size='1'>
329
330 <table width='100%'>
331 <tr>
332 <td colspan='4' class='base'><b>$Lang::tr{'tor bandwidth settings'}</b></td>
333 </tr>
334 <tr>
335 <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td>
336 <td width='30%' class='base'>
337 <select name='TOR_RELAY_BANDWIDTH_RATE'>
338 END
339
340 foreach (@bandwidth_limits) {
341 if ($_ >= 1024) {
342 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
343 } else {
344 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kBit/s</option>\n";
345 }
346 }
347
348 print <<END;
349 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
350 </select>
351 </td>
352 <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:</td>
353 <td width='20%'>
354 <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' />
355 </td>
356 </tr>
357 <tr>
358 <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td>
359 <td width='20%' class='base'>
360 <select name='TOR_RELAY_BANDWIDTH_BURST'>
361 END
362
363 foreach (@bandwidth_limits) {
364 if ($_ >= 1024) {
365 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." MBit/s</option>\n";
366 } else {
367 print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kBit/s</option>\n";
368 }
369 }
370 print <<END;
371 <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option>
372 </select>
373 </td>
374 <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td>
375 <td width='20%'>
376 <select name='TOR_RELAY_ACCOUNTING_PERIOD'>
377 END
378
379 foreach (@accounting_periods) {
380 print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>";
381 }
382
383 print <<END;
384 </select>
385 </td>
386 </tr>
387 </table>
388 END
389
390 &Header::closebox();
391 }
392
393 print <<END;
394 <table width='100%'>
395 <tr>
396 <td>
397 <img src='/blob.gif' align='top' alt='*' />&nbsp;<font class='base'>$Lang::tr{'this field may be blank'}</font>
398 </td>
399 <td align='right'>&nbsp;</td>
400 </tr>
401 </table>
402
403 <hr>
404
405 <table width='100%'>
406 <tr>
407 <td>&nbsp;</td>
408 <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
409 <td>&nbsp;</td>
410 </tr>
411 </table>
412 END
413
414 # If we have a control connection, show the stats.
415 if ($torctrl) {
416 &Header::openbox('100%', 'left', $Lang::tr{'tor stats'});
417
418 my @traffic = &TorTrafficStats($torctrl);
419
420 if (@traffic) {
421 print <<END;
422 <table width='100%'>
423 END
424
425 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
426 my $fingerprint = &TorRelayFingerprint($torctrl);
427 if ($fingerprint) {
428 print <<END;
429 <tr>
430 <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td>
431 <td width='60%'>
432 <a href='https://atlas.torproject.org/#details/$fingerprint' target='_blank'>$fingerprint</a>
433 </td>
434 </tr>
435 END
436 }
437 }
438
439 my $address = TorGetInfo($torctrl, "address");
440 if ($address) {
441 print <<END;
442 <tr>
443 <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td>
444 <td width='60%'>$address</td>
445 </tr>
446 END
447 }
448
449 print <<END;
450 <tr>
451 <td width='40%'>$Lang::tr{'tor traffic read written'}:</td>
452 END
453 print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>";
454 print <<END;
455 </tr>
456 </table>
457 END
458 }
459
460 my $accounting = &TorAccountingStats($torctrl);
461 if ($accounting) {
462 print <<END;
463 <table width='100%'>
464 <tr>
465 <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td>
466 </tr>
467 END
468
469 if ($accounting->{'hibernating'} eq "hard") {
470 print <<END;
471 <tr>
472 <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'>
473 <font color='white'>$Lang::tr{'tor traffic limit hard'}</font>
474 </td>
475 </tr>
476 END
477 } elsif ($accounting->{'hibernating'} eq "soft") {
478 print <<END;
479 <tr>
480 <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'>
481 <font color='white'>$Lang::tr{'tor traffic limit soft'}</font>
482 </td>
483 </tr>
484 END
485 }
486
487 print <<END;
488 <tr>
489 <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td>
490 <td width='60%'>
491 $accounting->{'interval-start'} - $accounting->{'interval-end'}
492 </td>
493 </tr>
494 <tr>
495 <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td>
496 <td width='60%'>
497 END
498
499 print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'});
500 print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'});
501 print " $Lang::tr{'tor accounting bytes left'})";
502
503 print <<END;
504 </td>
505 </tr>
506 </table>
507 END
508 }
509
510 my @nodes = &TorORConnStatus($torctrl);
511 if (@nodes) {
512 my $nodes_length = scalar @nodes;
513 print <<END;
514 <table width='100%'>
515 <tr>
516 <td width='40%' class='base'><b>$Lang::tr{'tor connected relays'}</b></td>
517 <td width='60%' colspan='2'>($nodes_length)</td>
518 </tr>
519 END
520
521 foreach my $node (@nodes) {
522 print <<END;
523 <tr>
524 <td width='40%'>
525 <a href='https://atlas.torproject.org/#details/$node->{'fingerprint'}' target='_blank'>
526 $node->{'name'}
527 </a>
528 </td>
529 <td width='30%'>
530 END
531
532 if (exists($node->{'country_code'})) {
533 print "<a href='country.cgi#$node->{'country_code'}'><img src='/images/flags/$node->{'country_code'}.png' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>";
534 }
535
536 print <<END;
537 <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'}
538 </td>
539 <td width='30%' align='right'>
540 ~$node->{'bandwidth_string'}
541 </td>
542 </tr>
543 END
544 }
545 print "</table>";
546 }
547
548 &Header::closebox();
549 }
550
551 print "</form>\n";
552
553 &Header::closebigbox();
554 &Header::closepage();
555 }
556
557 sub BuildConfiguration() {
558 my %settings = ();
559 &General::readhash("${General::swroot}/tor/settings", \%settings);
560
561 my $torrc = "${General::swroot}/tor/torrc";
562
563 open(FILE, ">$torrc");
564
565 # Global settings.
566 print FILE "ControlPort $TOR_CONTROL_PORT\n";
567
568 if ($settings{'TOR_ENABLED'} eq 'on') {
569 my $strict_nodes = 0;
570
571 print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n";
572
573 my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'});
574 foreach (@subnets) {
575 print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_));
576 }
577 print FILE "SocksPolicy reject *\n" if (@subnets);
578
579 if ($settings{'TOR_EXIT_COUNTRY'} ne '') {
580 $strict_nodes = 1;
581
582 print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n";
583 }
584
585 if ($settings{'TOR_USE_EXIT_NODES'} ne '') {
586 $strict_nodes = 1;
587
588 my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'});
589 foreach (@nodes) {
590 print FILE "ExitNode $_\n";
591 }
592 }
593
594 if ($strict_nodes > 0) {
595 print FILE "StrictNodes 1\n";
596 }
597 }
598
599 if ($settings{'TOR_RELAY_ENABLED'} eq 'on') {
600 # Reject access to private networks.
601 print FILE "ExitPolicyRejectPrivate 1\n";
602
603 print FILE "ORPort $settings{'TOR_RELAY_PORT'}";
604 if ($settings{'TOR_RELAY_NOADVERTISE'} eq 'on') {
605 print FILE " NoAdvertise";
606 }
607 print FILE "\n";
608
609 if ($settings{'TOR_RELAY_ADDRESS'} ne '') {
610 print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n";
611 }
612
613 if ($settings{'TOR_RELAY_NICKNAME'} ne '') {
614 print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n";
615 }
616
617 if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') {
618 print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n";
619 }
620
621 # Limit to bridge mode.
622 my $is_bridge = 0;
623
624 if ($settings{'TOR_RELAY_MODE'} eq 'bridge') {
625 $is_bridge++;
626
627 # Private bridge.
628 } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') {
629 $is_bridge++;
630
631 print FILE "PublishServerDescriptor 0\n";
632
633 # Exit node.
634 } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') {
635 print FILE "ExitPolicy accept *:*\n";
636
637 # Relay only.
638 } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') {
639 print FILE "ExitPolicy reject *:*\n";
640 }
641
642 if ($is_bridge > 0) {
643 print FILE "BridgeRelay 1\n";
644 print FILE "Exitpolicy reject *:*\n";
645 }
646
647 if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) {
648 print FILE "RelayBandwidthRate ";
649 print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8;
650 print FILE " KB\n";
651
652 if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) {
653 print FILE "RelayBandwidthBurst ";
654 print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8;
655 print FILE " KB\n";
656 }
657 }
658
659 if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) {
660 print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n";
661
662 if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') {
663 print FILE "AccountingStart day 00:00\n";
664 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') {
665 print FILE "AccountingStart week 1 00:00\n";
666 } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') {
667 print FILE "AccountingStart month 1 00:00\n";
668 }
669 }
670 }
671
672 close(FILE);
673
674 # Restart the service.
675 if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) {
676 system("/usr/local/bin/torctrl restart &>/dev/null");
677 } else {
678 system("/usr/local/bin/torctrl stop &>/dev/null");
679 }
680 }
681
682 sub TorConnect() {
683 my $socket = new IO::Socket::INET(
684 Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT,
685 ) or return;
686
687 $socket->autoflush(1);
688
689 # Authenticate.
690 &TorSendCommand($socket, "AUTHENTICATE");
691
692 return $socket;
693 }
694
695 sub TorSendCommand() {
696 my ($socket, $cmd) = @_;
697
698 # Replace line ending with \r\n.
699 chomp $cmd;
700 $cmd .= "\r\n";
701
702 $socket->send($cmd);
703
704 my @output = ();
705 while (my $line = <$socket>) {
706 # Skip empty lines.
707 if ($line =~ /^.\r\n$/) {
708 next;
709 }
710
711 # Command has been successfully executed.
712 if ($line =~ /250 OK/) {
713 last;
714
715 # Error.
716 } elsif ($line =~ /^5\d+/) {
717 last;
718
719 } else {
720 # Remove line endings.
721 $line =~ s/\r\n$//;
722
723 push(@output, $line);
724 }
725 }
726
727 return @output;
728 }
729
730 sub TorSendCommandOneLine() {
731 my ($tor, $cmd) = @_;
732
733 my @output = &TorSendCommand($tor, $cmd);
734 return $output[0];
735 }
736
737 sub TorGetInfo() {
738 my ($tor, $cmd) = @_;
739
740 my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd);
741
742 my ($key, $value) = split("=", $output);
743 return $value;
744 }
745
746 sub TorClose() {
747 my $socket = shift;
748
749 if ($socket) {
750 $socket->shutdown(2);
751 }
752 }
753
754 sub TorTrafficStats() {
755 my $tor = shift;
756
757 my $output_read = &TorGetInfo($tor, "traffic/read");
758 my $output_written = &TorGetInfo($tor, "traffic/written");
759
760 return ($output_read, $output_written);
761 }
762
763 sub TorRelayFingerprint() {
764 my $tor = shift;
765
766 return &TorGetInfo($tor, "fingerprint");
767 }
768
769 sub TorORConnStatus() {
770 my $tor = shift;
771 my @nodes = ();
772
773 my @output = &TorSendCommand($tor, "GETINFO orconn-status");
774 foreach (@output) {
775 $_ =~ s/^250[\+-]orconn-status=//;
776 next if ($_ eq "");
777 last if ($_ eq ".");
778 next unless ($_ =~ /^\$/);
779
780 my @line = split(" ", $_);
781 my @node = split(/[=~]/, $line[0]);
782
783 my $node = &TorNodeDescription($tor, $node[0]);
784 if ($node) {
785 push(@nodes, $node);
786 }
787 }
788
789 # Sort by names.
790 @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes;
791
792 return @nodes;
793 }
794
795 sub TorNodeDescription() {
796 my ($tor, $fingerprint) = @_;
797 $fingerprint =~ s/\$//;
798
799 my $node = {
800 fingerprint => $fingerprint,
801 exit_node => 0,
802 };
803
804 my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}");
805
806 foreach (@output) {
807 # Router
808 if ($_ =~ /^r (\w+) (.*) (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) (\d+)/) {
809 $node->{'name'} = $1;
810 $node->{'address'} = $3;
811 $node->{'port'} = $4;
812
813 my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}");
814 $node->{'country_code'} = $country_code;
815
816 # Flags
817 } elsif ($_ =~ /^s (.*)$/) {
818 $node->{'flags'} = split(" ", $1);
819
820 foreach my $flag ($node->{'flags'}) {
821 if ($flag eq "Exit") {
822 $node->{'exit_node'}++;
823 }
824 }
825
826 # Bandwidth
827 } elsif ($_ =~ /^w Bandwidth=(\d+)/) {
828 $node->{'bandwidth'} = $1 * 8;
829 $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'});
830 }
831 }
832
833 if (exists($node->{'name'})) {
834 return $node;
835 }
836 }
837
838 sub TorAccountingStats() {
839 my $tor = shift;
840 my $ret = {};
841
842 my $enabled = &TorGetInfo($tor, "accounting/enabled");
843 if ($enabled ne '1') {
844 return;
845 }
846
847 my @cmds = ("hibernating", "interval-start", "interval-end");
848 foreach (@cmds) {
849 $ret->{$_} = &TorGetInfo($tor, "accounting/$_");
850 }
851
852 my @cmds = ("bytes", "bytes-left");
853 foreach (@cmds) {
854 my $output = &TorGetInfo($tor, "accounting/$_");
855 my @bytes = split(" ", $output);
856
857 $ret->{$_."_read"} = $bytes[0];
858 $ret->{$_."_written"} = $bytes[1];
859 }
860
861 return $ret;
862 }
863
864 sub FormatBytes() {
865 my $bytes = shift;
866
867 my @units = ("B", "KB", "MB", "GB", "TB");
868 my $units_index = 0;
869
870 while (($units_index <= $#units) && ($bytes >= 1024)) {
871 $units_index++;
872 $bytes /= 1024;
873 }
874
875 return sprintf("%.2f %s", $bytes, $units[$units_index]);
876 }
877
878 sub FormatBitsPerSecond() {
879 my $bits = shift;
880
881 my @units = ("Bit/s", "KBit/s", "MBit/s", "GBit/s", "TBit/s");
882 my $units_index = 0;
883
884 while (($units_index <= $#units) && ($bits >= 1024)) {
885 $units_index++;
886 $bits /= 1024;
887 }
888
889 return sprintf("%.2f %s", $bits, $units[$units_index]);
890 }