This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via d154ab5899fc6f380be7d42148c2803e7dc3017f (commit) via f16bcc3e310ef5118dfbf3258306ab20d6b93916 (commit) via cee75a0d96e33b04764d121f43bedeb64b8623f6 (commit) via 0830129a3c5065be7d3af416de16481f2d5a612f (commit) via 005db20668d04046ad4a9b256fa17dc961258977 (commit) via 6869929e9ac66287494e2da14b0634036d25e588 (commit) via ae4bf64b6af924b6cace4515daca3e1eeca8184c (commit) via d3f2ac3f5d591aa7b78d198feeea75f693ba4910 (commit) via 9e7591e7256f69f80325cf851cbeb0730fa5d5b9 (commit) via c60301c06a340cdd7a1bc619a3fa081d4771fc76 (commit) via 27cb780589dd7436f16f68b12694898a171b3829 (commit) via 13b5ce6e4068de1719ba69b67ea5b96291b7fe71 (commit) via 295649ff27854d6899dd72f4dd587dbee45d74ff (commit) via ce33eb3e3b2422954081bdf7c8cfd3fc8af8ede0 (commit) via b312967ce3f9d66dbc6b8521d70725eafd1b68e3 (commit) from aea35c5aca126e10d6aeb803b5c929b136ca9f97 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit d154ab5899fc6f380be7d42148c2803e7dc3017f Merge: 6869929 f16bcc3 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 19:40:17 2013 +0200
Merge remote-tracking branch 'ms/tor' into tor
commit f16bcc3e310ef5118dfbf3258306ab20d6b93916 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 19:26:37 2013 +0200
tor.cgi: Show number of connected relays.
commit cee75a0d96e33b04764d121f43bedeb64b8623f6 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 19:22:00 2013 +0200
tor: Don't ship torify.
This will need tsocks, which is not present on IPFire.
commit 0830129a3c5065be7d3af416de16481f2d5a612f Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 19:20:42 2013 +0200
WUI: Add Tor menu entry.
commit 005db20668d04046ad4a9b256fa17dc961258977 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 19:11:59 2013 +0200
tor.cgi: Minor functionality fixes and layout improvements.
commit 6869929e9ac66287494e2da14b0634036d25e588 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 18:06:05 2013 +0200
arm: Don't require distutils.
We don't have that module shipped and we don't really need it for arm either.
commit ae4bf64b6af924b6cace4515daca3e1eeca8184c Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 12:56:58 2013 +0200
core72: Add updated firewall script.
commit d3f2ac3f5d591aa7b78d198feeea75f693ba4910 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 12:56:17 2013 +0200
torctrl: Add new binary to rootfiles.
commit 9e7591e7256f69f80325cf851cbeb0730fa5d5b9 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 12:55:08 2013 +0200
torctrl: Add stop action.
commit c60301c06a340cdd7a1bc619a3fa081d4771fc76 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 12:52:40 2013 +0200
tor: Add necessary firewall rules.
commit 27cb780589dd7436f16f68b12694898a171b3829 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 31 12:52:26 2013 +0200
tor: Add torctrl binary.
commit 13b5ce6e4068de1719ba69b67ea5b96291b7fe71 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 30 21:53:16 2013 +0200
tor: Import CGI script.
commit 295649ff27854d6899dd72f4dd587dbee45d74ff Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 30 21:39:50 2013 +0200
tor: Configuration file updates.
commit ce33eb3e3b2422954081bdf7c8cfd3fc8af8ede0 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Jul 19 14:34:14 2013 +0200
arm: New package.
Resource monitor for tor.
commit b312967ce3f9d66dbc6b8521d70725eafd1b68e3 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Jul 19 11:40:14 2013 +0200
tor: New package.
-----------------------------------------------------------------------
Summary of changes: config/backup/includes/tor | 4 + config/menu/EX-tor.menu | 6 + config/rootfiles/common/armv5tel/initscripts | 1 + config/rootfiles/common/configroot | 1 + config/rootfiles/common/i586/initscripts | 1 + config/rootfiles/common/misc-progs | 1 + config/rootfiles/core/72/filelists/files | 1 + config/rootfiles/packages/arm | 166 +++++ config/rootfiles/packages/tor | 31 + config/tor/defaults-torrc | 3 + config/tor/tor.logrotate | 13 + doc/language_issues.de | 4 + doc/language_issues.en | 6 + doc/language_issues.es | 47 ++ doc/language_issues.fr | 47 ++ doc/language_issues.nl | 47 ++ doc/language_issues.pl | 47 ++ doc/language_issues.ru | 47 ++ doc/language_issues.tr | 47 ++ doc/language_missings | 204 ++++++ html/cgi-bin/tor.cgi | 890 +++++++++++++++++++++++++++ langs/de/cgi-bin/de.pl | 44 ++ langs/en/cgi-bin/en.pl | 46 ++ lfs/{libexif => arm} | 17 +- lfs/{flac => tor} | 52 +- make.sh | 2 + src/initscripts/init.d/firewall | 4 + src/initscripts/init.d/tor | 82 +++ src/misc-progs/Makefile | 5 +- src/misc-progs/{dnsmasqctrl.c => torctrl.c} | 12 +- src/patches/arm-dont-require-distutils.patch | 20 + 31 files changed, 1866 insertions(+), 32 deletions(-) create mode 100644 config/backup/includes/tor create mode 100644 config/menu/EX-tor.menu create mode 100644 config/rootfiles/packages/arm create mode 100644 config/rootfiles/packages/tor create mode 100644 config/tor/defaults-torrc create mode 100644 config/tor/tor.logrotate create mode 100644 html/cgi-bin/tor.cgi copy lfs/{libexif => arm} (90%) copy lfs/{flac => tor} (76%) create mode 100644 src/initscripts/init.d/tor copy src/misc-progs/{dnsmasqctrl.c => torctrl.c} (63%) create mode 100644 src/patches/arm-dont-require-distutils.patch
Difference in files: diff --git a/config/backup/includes/tor b/config/backup/includes/tor new file mode 100644 index 0000000..bff4956 --- /dev/null +++ b/config/backup/includes/tor @@ -0,0 +1,4 @@ +/etc/tor +/var/ipfire/tor +/var/lib/tor/fingerprint +/var/lib/tor/keys diff --git a/config/menu/EX-tor.menu b/config/menu/EX-tor.menu new file mode 100644 index 0000000..00ddffe --- /dev/null +++ b/config/menu/EX-tor.menu @@ -0,0 +1,6 @@ +$subipfire->{'50.tor'} = { + 'caption' => $Lang::tr{'tor'}, + 'uri' => '/cgi-bin/tor.cgi', + 'title' => $Lang::tr{'tor'}, + 'enabled' => 1, +}; diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index ff6d731..25fca8d 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -126,6 +126,7 @@ etc/rc.d/init.d/teamspeak etc/rc.d/init.d/template #etc/rc.d/init.d/tftpd etc/rc.d/init.d/tmpfs +#etc/rc.d/init.d/tor etc/rc.d/init.d/udev etc/rc.d/init.d/udev_retry etc/rc.d/init.d/upnpd diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index cd33ec4..8965ff7 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -91,6 +91,7 @@ var/ipfire/menu.d/70-log.menu #var/ipfire/menu.d/EX-imspector.menu #var/ipfire/menu.d/EX-mpfire.menu #var/ipfire/menu.d/EX-samba.menu +#var/ipfire/menu.d/EX-tor.menu #var/ipfire/menu.d/EX-tripwire.menu #var/ipfire/menu.d/EX-wlanap.menu var/ipfire/modem diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index 55cee86..3aca59e 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -128,6 +128,7 @@ etc/rc.d/init.d/teamspeak etc/rc.d/init.d/template #etc/rc.d/init.d/tftpd etc/rc.d/init.d/tmpfs +#etc/rc.d/init.d/tor #etc/rc.d/init.d/transmission etc/rc.d/init.d/udev etc/rc.d/init.d/udev_retry diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs index a8dac59..8fd9b0b 100644 --- a/config/rootfiles/common/misc-progs +++ b/config/rootfiles/common/misc-progs @@ -32,6 +32,7 @@ usr/local/bin/squidctrl usr/local/bin/sshctrl usr/local/bin/syslogdctrl usr/local/bin/timectrl +#usr/local/bin/torctrl #usr/local/bin/tripwirectrl usr/local/bin/updxlratorctrl usr/local/bin/upnpctrl diff --git a/config/rootfiles/core/72/filelists/files b/config/rootfiles/core/72/filelists/files index 7ab00d4..3a1767c 100644 --- a/config/rootfiles/core/72/filelists/files +++ b/config/rootfiles/core/72/filelists/files @@ -1,4 +1,5 @@ etc/system-release etc/issue +etc/rc.d/init.d/firewall srv/web/ipfire/cgi-bin/vpnmain.cgi usr/local/bin/openvpnctrl diff --git a/config/rootfiles/packages/arm b/config/rootfiles/packages/arm new file mode 100644 index 0000000..eb9d128 --- /dev/null +++ b/config/rootfiles/packages/arm @@ -0,0 +1,166 @@ +usr/bin/arm +#usr/share/arm +#usr/share/arm-1.4.5.0-py2.7.egg-info +usr/share/arm/TorCtl +usr/share/arm/TorCtl/GeoIPSupport.py +usr/share/arm/TorCtl/GeoIPSupport.pyc +usr/share/arm/TorCtl/PathSupport.py +usr/share/arm/TorCtl/PathSupport.pyc +usr/share/arm/TorCtl/SQLSupport.py +usr/share/arm/TorCtl/SQLSupport.pyc +usr/share/arm/TorCtl/ScanSupport.py +usr/share/arm/TorCtl/ScanSupport.pyc +usr/share/arm/TorCtl/StatsSupport.py +usr/share/arm/TorCtl/StatsSupport.pyc +usr/share/arm/TorCtl/TorCtl.py +usr/share/arm/TorCtl/TorCtl.pyc +usr/share/arm/TorCtl/TorUtil.py +usr/share/arm/TorCtl/TorUtil.pyc +usr/share/arm/TorCtl/__init__.py +usr/share/arm/TorCtl/__init__.pyc +usr/share/arm/TorCtl/example.py +usr/share/arm/TorCtl/example.pyc +usr/share/arm/__init__.py +usr/share/arm/__init__.pyc +usr/share/arm/cli +usr/share/arm/cli/__init__.py +usr/share/arm/cli/__init__.pyc +usr/share/arm/cli/configPanel.py +usr/share/arm/cli/configPanel.pyc +usr/share/arm/cli/connections +usr/share/arm/cli/connections/__init__.py +usr/share/arm/cli/connections/__init__.pyc +usr/share/arm/cli/connections/circEntry.py +usr/share/arm/cli/connections/circEntry.pyc +usr/share/arm/cli/connections/connEntry.py +usr/share/arm/cli/connections/connEntry.pyc +usr/share/arm/cli/connections/connPanel.py +usr/share/arm/cli/connections/connPanel.pyc +usr/share/arm/cli/connections/countPopup.py +usr/share/arm/cli/connections/countPopup.pyc +usr/share/arm/cli/connections/descriptorPopup.py +usr/share/arm/cli/connections/descriptorPopup.pyc +usr/share/arm/cli/connections/entries.py +usr/share/arm/cli/connections/entries.pyc +usr/share/arm/cli/controller.py +usr/share/arm/cli/controller.pyc +usr/share/arm/cli/graphing +usr/share/arm/cli/graphing/__init__.py +usr/share/arm/cli/graphing/__init__.pyc +usr/share/arm/cli/graphing/bandwidthStats.py +usr/share/arm/cli/graphing/bandwidthStats.pyc +usr/share/arm/cli/graphing/connStats.py +usr/share/arm/cli/graphing/connStats.pyc +usr/share/arm/cli/graphing/graphPanel.py +usr/share/arm/cli/graphing/graphPanel.pyc +usr/share/arm/cli/graphing/resourceStats.py +usr/share/arm/cli/graphing/resourceStats.pyc +usr/share/arm/cli/headerPanel.py +usr/share/arm/cli/headerPanel.pyc +usr/share/arm/cli/interpretorPanel.py +usr/share/arm/cli/interpretorPanel.pyc +usr/share/arm/cli/logPanel.py +usr/share/arm/cli/logPanel.pyc +usr/share/arm/cli/menu +usr/share/arm/cli/menu/__init__.py +usr/share/arm/cli/menu/__init__.pyc +usr/share/arm/cli/menu/actions.py +usr/share/arm/cli/menu/actions.pyc +usr/share/arm/cli/menu/item.py +usr/share/arm/cli/menu/item.pyc +usr/share/arm/cli/menu/menu.py +usr/share/arm/cli/menu/menu.pyc +usr/share/arm/cli/popups.py +usr/share/arm/cli/popups.pyc +usr/share/arm/cli/torrcPanel.py +usr/share/arm/cli/torrcPanel.pyc +usr/share/arm/cli/wizard.py +usr/share/arm/cli/wizard.pyc +usr/share/arm/gui +usr/share/arm/gui/__init__.py +usr/share/arm/gui/__init__.pyc +usr/share/arm/gui/arm.xml +usr/share/arm/gui/configPanel.py +usr/share/arm/gui/configPanel.pyc +usr/share/arm/gui/connections +usr/share/arm/gui/connections/__init__.py +usr/share/arm/gui/connections/__init__.pyc +usr/share/arm/gui/connections/circEntry.py +usr/share/arm/gui/connections/circEntry.pyc +usr/share/arm/gui/connections/connEntry.py +usr/share/arm/gui/connections/connEntry.pyc +usr/share/arm/gui/connections/connPanel.py +usr/share/arm/gui/connections/connPanel.pyc +usr/share/arm/gui/controller.py +usr/share/arm/gui/controller.pyc +usr/share/arm/gui/generalPanel.py +usr/share/arm/gui/generalPanel.pyc +usr/share/arm/gui/graphing +usr/share/arm/gui/graphing/__init__.py +usr/share/arm/gui/graphing/__init__.pyc +usr/share/arm/gui/graphing/bandwidthStats.py +usr/share/arm/gui/graphing/bandwidthStats.pyc +usr/share/arm/gui/graphing/graphPanel.py +usr/share/arm/gui/graphing/graphPanel.pyc +usr/share/arm/gui/logPanel.py +usr/share/arm/gui/logPanel.pyc +usr/share/arm/prereq.py +usr/share/arm/prereq.pyc +#usr/share/arm/resources +#usr/share/arm/resources/arm.1 +#usr/share/arm/resources/exitNotice +#usr/share/arm/resources/exitNotice/how_tor_works_thumb.png +#usr/share/arm/resources/exitNotice/index.html +#usr/share/arm/resources/startTor +#usr/share/arm/resources/tor-arm.desktop +#usr/share/arm/resources/tor-arm.svg +#usr/share/arm/resources/torConfigDesc.txt +#usr/share/arm/resources/torrcOverride +#usr/share/arm/resources/torrcOverride/override.c +#usr/share/arm/resources/torrcOverride/override.h +#usr/share/arm/resources/torrcOverride/override.py +#usr/share/arm/resources/torrcTemplate.txt +usr/share/arm/settings.cfg +usr/share/arm/starter.py +usr/share/arm/starter.pyc +usr/share/arm/test.py +usr/share/arm/test.pyc +#usr/share/arm/uninstall +usr/share/arm/util +usr/share/arm/util/__init__.py +usr/share/arm/util/__init__.pyc +usr/share/arm/util/conf.py +usr/share/arm/util/conf.pyc +usr/share/arm/util/connections.py +usr/share/arm/util/connections.pyc +usr/share/arm/util/enum.py +usr/share/arm/util/enum.pyc +usr/share/arm/util/gtkTools.py +usr/share/arm/util/gtkTools.pyc +usr/share/arm/util/hostnames.py +usr/share/arm/util/hostnames.pyc +usr/share/arm/util/log.py +usr/share/arm/util/log.pyc +usr/share/arm/util/panel.py +usr/share/arm/util/panel.pyc +usr/share/arm/util/procName.py +usr/share/arm/util/procName.pyc +usr/share/arm/util/procTools.py +usr/share/arm/util/procTools.pyc +usr/share/arm/util/sysTools.py +usr/share/arm/util/sysTools.pyc +usr/share/arm/util/textInput.py +usr/share/arm/util/textInput.pyc +usr/share/arm/util/torConfig.py +usr/share/arm/util/torConfig.pyc +usr/share/arm/util/torInterpretor.py +usr/share/arm/util/torInterpretor.pyc +usr/share/arm/util/torTools.py +usr/share/arm/util/torTools.pyc +usr/share/arm/util/uiTools.py +usr/share/arm/util/uiTools.pyc +usr/share/arm/version.py +usr/share/arm/version.pyc +#usr/share/doc/arm +#usr/share/doc/arm/armrc.sample +#usr/share/man/man1/arm.1.gz diff --git a/config/rootfiles/packages/tor b/config/rootfiles/packages/tor new file mode 100644 index 0000000..8eb6dad --- /dev/null +++ b/config/rootfiles/packages/tor @@ -0,0 +1,31 @@ +#etc/logrotate.d +etc/logrotate.d/tor +etc/rc.d/init.d/tor +#etc/tor +etc/tor/tor-tsocks.conf +etc/tor/torrc +srv/web/ipfire/cgi-bin/tor.cgi +usr/bin/tor +usr/bin/tor-gencert +usr/bin/tor-resolve +#usr/bin/torify +usr/local/bin/torctrl +#usr/share/doc/tor +#usr/share/doc/tor/tor-gencert.html +#usr/share/doc/tor/tor-resolve.html +#usr/share/doc/tor/tor.html +#usr/share/doc/tor/torify.html +#usr/share/man/man1/tor-gencert.1 +#usr/share/man/man1/tor-resolve.1 +#usr/share/man/man1/tor.1 +#usr/share/man/man1/torify.1 +usr/share/tor +usr/share/tor/defaults-torrc +usr/share/tor/geoip +var/ipfire/backup/addons/includes/tor +var/ipfire/menu.d/EX-tor.menu +var/ipfire/tor +var/ipfire/tor/settings +var/ipfire/tor/torrc +var/lib/tor +var/log/tor diff --git a/config/tor/defaults-torrc b/config/tor/defaults-torrc new file mode 100644 index 0000000..703d821 --- /dev/null +++ b/config/tor/defaults-torrc @@ -0,0 +1,3 @@ +DataDirectory /var/lib/tor +User nobody +Log notice syslog diff --git a/config/tor/tor.logrotate b/config/tor/tor.logrotate new file mode 100644 index 0000000..49fe002 --- /dev/null +++ b/config/tor/tor.logrotate @@ -0,0 +1,13 @@ +/var/log/tor/*.log { + daily + rotate 5 + compress + delaycompress + missingok + notifempty + create 0640 nobody nobody + sharedscripts + postrotate + /etc/init.d/tor reload >/dev/null 2>&1 || : + endscript +} diff --git a/doc/language_issues.de b/doc/language_issues.de index 3b6e117..bbe5e1d 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -406,6 +406,10 @@ WARNING: translation string unused: to email adr WARNING: translation string unused: to install an update WARNING: translation string unused: to warn email bad WARNING: translation string unused: too long 80 char max +WARNING: translation string unused: tor accounting period daily +WARNING: translation string unused: tor accounting period monthly +WARNING: translation string unused: tor accounting period weekly +WARNING: translation string unused: tor exit country WARNING: translation string unused: traffic back WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad diff --git a/doc/language_issues.en b/doc/language_issues.en index 8f530a3..1248957 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -437,6 +437,12 @@ WARNING: translation string unused: to email adr WARNING: translation string unused: to install an update WARNING: translation string unused: to warn email bad WARNING: translation string unused: too long 80 char max +WARNING: translation string unused: tor accounting period daily +WARNING: translation string unused: tor accounting period monthly +WARNING: translation string unused: tor accounting period weekly +WARNING: translation string unused: tor bridge enabled +WARNING: translation string unused: tor errmsg invalid node id +WARNING: translation string unused: tor exit country WARNING: translation string unused: traffic back WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad diff --git a/doc/language_issues.es b/doc/language_issues.es index 2258d1b..8adc0f4 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -549,6 +549,13 @@ WARNING: untranslated string: ccd routes WARNING: untranslated string: ccd subnet WARNING: untranslated string: ccd used WARNING: untranslated string: deprecated fs warn +WARNING: untranslated string: dnsforward +WARNING: untranslated string: dnsforward add a new entry +WARNING: untranslated string: dnsforward configuration +WARNING: untranslated string: dnsforward edit an entry +WARNING: untranslated string: dnsforward entries +WARNING: untranslated string: dnsforward forward_server +WARNING: untranslated string: dnsforward zone WARNING: untranslated string: emerging rules WARNING: untranslated string: fireinfo ipfire version WARNING: untranslated string: fireinfo is disabled @@ -618,6 +625,46 @@ WARNING: untranslated string: routing table WARNING: untranslated string: server restart WARNING: untranslated string: static routes WARNING: untranslated string: system information +WARNING: untranslated string: tor +WARNING: untranslated string: tor accounting +WARNING: untranslated string: tor accounting bytes +WARNING: untranslated string: tor accounting bytes left +WARNING: untranslated string: tor accounting interval +WARNING: untranslated string: tor accounting limit +WARNING: untranslated string: tor accounting period +WARNING: untranslated string: tor acls +WARNING: untranslated string: tor allowed subnets +WARNING: untranslated string: tor bandwidth burst +WARNING: untranslated string: tor bandwidth rate +WARNING: untranslated string: tor bandwidth settings +WARNING: untranslated string: tor bandwidth unlimited +WARNING: untranslated string: tor common settings +WARNING: untranslated string: tor configuration +WARNING: untranslated string: tor connected relays +WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor do not advertise relay +WARNING: untranslated string: tor enabled +WARNING: untranslated string: tor errmsg invalid ip or mask +WARNING: untranslated string: tor exit country any +WARNING: untranslated string: tor exit nodes +WARNING: untranslated string: tor relay address +WARNING: untranslated string: tor relay configuration +WARNING: untranslated string: tor relay enabled +WARNING: untranslated string: tor relay external address +WARNING: untranslated string: tor relay fingerprint +WARNING: untranslated string: tor relay mode +WARNING: untranslated string: tor relay mode bridge +WARNING: untranslated string: tor relay mode exit +WARNING: untranslated string: tor relay mode private bridge +WARNING: untranslated string: tor relay mode relay +WARNING: untranslated string: tor relay nickname +WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor socks port +WARNING: untranslated string: tor stats +WARNING: untranslated string: tor traffic limit hard +WARNING: untranslated string: tor traffic limit soft +WARNING: untranslated string: tor traffic read written +WARNING: untranslated string: tor use exit nodes WARNING: untranslated string: uptime load average WARNING: untranslated string: visit us at WARNING: untranslated string: vpn keyexchange diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 58f4454..b5361a7 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -549,6 +549,13 @@ WARNING: untranslated string: ccd subnet WARNING: untranslated string: ccd used WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: dns address deleted txt +WARNING: untranslated string: dnsforward +WARNING: untranslated string: dnsforward add a new entry +WARNING: untranslated string: dnsforward configuration +WARNING: untranslated string: dnsforward edit an entry +WARNING: untranslated string: dnsforward entries +WARNING: untranslated string: dnsforward forward_server +WARNING: untranslated string: dnsforward zone WARNING: untranslated string: emerging rules WARNING: untranslated string: fireinfo ipfire version WARNING: untranslated string: fireinfo is disabled @@ -603,6 +610,46 @@ WARNING: untranslated string: server restart WARNING: untranslated string: snort working WARNING: untranslated string: static routes WARNING: untranslated string: system information +WARNING: untranslated string: tor +WARNING: untranslated string: tor accounting +WARNING: untranslated string: tor accounting bytes +WARNING: untranslated string: tor accounting bytes left +WARNING: untranslated string: tor accounting interval +WARNING: untranslated string: tor accounting limit +WARNING: untranslated string: tor accounting period +WARNING: untranslated string: tor acls +WARNING: untranslated string: tor allowed subnets +WARNING: untranslated string: tor bandwidth burst +WARNING: untranslated string: tor bandwidth rate +WARNING: untranslated string: tor bandwidth settings +WARNING: untranslated string: tor bandwidth unlimited +WARNING: untranslated string: tor common settings +WARNING: untranslated string: tor configuration +WARNING: untranslated string: tor connected relays +WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor do not advertise relay +WARNING: untranslated string: tor enabled +WARNING: untranslated string: tor errmsg invalid ip or mask +WARNING: untranslated string: tor exit country any +WARNING: untranslated string: tor exit nodes +WARNING: untranslated string: tor relay address +WARNING: untranslated string: tor relay configuration +WARNING: untranslated string: tor relay enabled +WARNING: untranslated string: tor relay external address +WARNING: untranslated string: tor relay fingerprint +WARNING: untranslated string: tor relay mode +WARNING: untranslated string: tor relay mode bridge +WARNING: untranslated string: tor relay mode exit +WARNING: untranslated string: tor relay mode private bridge +WARNING: untranslated string: tor relay mode relay +WARNING: untranslated string: tor relay nickname +WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor socks port +WARNING: untranslated string: tor stats +WARNING: untranslated string: tor traffic limit hard +WARNING: untranslated string: tor traffic limit soft +WARNING: untranslated string: tor traffic read written +WARNING: untranslated string: tor use exit nodes WARNING: untranslated string: upload new ruleset WARNING: untranslated string: uptime load average WARNING: untranslated string: urlfilter file ext block diff --git a/doc/language_issues.nl b/doc/language_issues.nl index d7a7ff7..febebf9 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -513,6 +513,13 @@ WARNING: untranslated string: age sminute WARNING: untranslated string: age ssecond WARNING: untranslated string: bytes WARNING: untranslated string: ccd iroute2 +WARNING: untranslated string: dnsforward +WARNING: untranslated string: dnsforward add a new entry +WARNING: untranslated string: dnsforward configuration +WARNING: untranslated string: dnsforward edit an entry +WARNING: untranslated string: dnsforward entries +WARNING: untranslated string: dnsforward forward_server +WARNING: untranslated string: dnsforward zone WARNING: untranslated string: new WARNING: untranslated string: outgoing firewall reserved groupname WARNING: untranslated string: qos enter bandwidths @@ -520,6 +527,46 @@ WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table +WARNING: untranslated string: tor +WARNING: untranslated string: tor accounting +WARNING: untranslated string: tor accounting bytes +WARNING: untranslated string: tor accounting bytes left +WARNING: untranslated string: tor accounting interval +WARNING: untranslated string: tor accounting limit +WARNING: untranslated string: tor accounting period +WARNING: untranslated string: tor acls +WARNING: untranslated string: tor allowed subnets +WARNING: untranslated string: tor bandwidth burst +WARNING: untranslated string: tor bandwidth rate +WARNING: untranslated string: tor bandwidth settings +WARNING: untranslated string: tor bandwidth unlimited +WARNING: untranslated string: tor common settings +WARNING: untranslated string: tor configuration +WARNING: untranslated string: tor connected relays +WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor do not advertise relay +WARNING: untranslated string: tor enabled +WARNING: untranslated string: tor errmsg invalid ip or mask +WARNING: untranslated string: tor exit country any +WARNING: untranslated string: tor exit nodes +WARNING: untranslated string: tor relay address +WARNING: untranslated string: tor relay configuration +WARNING: untranslated string: tor relay enabled +WARNING: untranslated string: tor relay external address +WARNING: untranslated string: tor relay fingerprint +WARNING: untranslated string: tor relay mode +WARNING: untranslated string: tor relay mode bridge +WARNING: untranslated string: tor relay mode exit +WARNING: untranslated string: tor relay mode private bridge +WARNING: untranslated string: tor relay mode relay +WARNING: untranslated string: tor relay nickname +WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor socks port +WARNING: untranslated string: tor stats +WARNING: untranslated string: tor traffic limit hard +WARNING: untranslated string: tor traffic limit soft +WARNING: untranslated string: tor traffic read written +WARNING: untranslated string: tor use exit nodes WARNING: untranslated string: uptime load average WARNING: untranslated string: wlan client WARNING: untranslated string: wlan client advanced settings diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 2258d1b..8adc0f4 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -549,6 +549,13 @@ WARNING: untranslated string: ccd routes WARNING: untranslated string: ccd subnet WARNING: untranslated string: ccd used WARNING: untranslated string: deprecated fs warn +WARNING: untranslated string: dnsforward +WARNING: untranslated string: dnsforward add a new entry +WARNING: untranslated string: dnsforward configuration +WARNING: untranslated string: dnsforward edit an entry +WARNING: untranslated string: dnsforward entries +WARNING: untranslated string: dnsforward forward_server +WARNING: untranslated string: dnsforward zone WARNING: untranslated string: emerging rules WARNING: untranslated string: fireinfo ipfire version WARNING: untranslated string: fireinfo is disabled @@ -618,6 +625,46 @@ WARNING: untranslated string: routing table WARNING: untranslated string: server restart WARNING: untranslated string: static routes WARNING: untranslated string: system information +WARNING: untranslated string: tor +WARNING: untranslated string: tor accounting +WARNING: untranslated string: tor accounting bytes +WARNING: untranslated string: tor accounting bytes left +WARNING: untranslated string: tor accounting interval +WARNING: untranslated string: tor accounting limit +WARNING: untranslated string: tor accounting period +WARNING: untranslated string: tor acls +WARNING: untranslated string: tor allowed subnets +WARNING: untranslated string: tor bandwidth burst +WARNING: untranslated string: tor bandwidth rate +WARNING: untranslated string: tor bandwidth settings +WARNING: untranslated string: tor bandwidth unlimited +WARNING: untranslated string: tor common settings +WARNING: untranslated string: tor configuration +WARNING: untranslated string: tor connected relays +WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor do not advertise relay +WARNING: untranslated string: tor enabled +WARNING: untranslated string: tor errmsg invalid ip or mask +WARNING: untranslated string: tor exit country any +WARNING: untranslated string: tor exit nodes +WARNING: untranslated string: tor relay address +WARNING: untranslated string: tor relay configuration +WARNING: untranslated string: tor relay enabled +WARNING: untranslated string: tor relay external address +WARNING: untranslated string: tor relay fingerprint +WARNING: untranslated string: tor relay mode +WARNING: untranslated string: tor relay mode bridge +WARNING: untranslated string: tor relay mode exit +WARNING: untranslated string: tor relay mode private bridge +WARNING: untranslated string: tor relay mode relay +WARNING: untranslated string: tor relay nickname +WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor socks port +WARNING: untranslated string: tor stats +WARNING: untranslated string: tor traffic limit hard +WARNING: untranslated string: tor traffic limit soft +WARNING: untranslated string: tor traffic read written +WARNING: untranslated string: tor use exit nodes WARNING: untranslated string: uptime load average WARNING: untranslated string: visit us at WARNING: untranslated string: vpn keyexchange diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 7b83295..47c2da4 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -542,6 +542,13 @@ WARNING: untranslated string: ccd used WARNING: untranslated string: community rules WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: disk access per +WARNING: untranslated string: dnsforward +WARNING: untranslated string: dnsforward add a new entry +WARNING: untranslated string: dnsforward configuration +WARNING: untranslated string: dnsforward edit an entry +WARNING: untranslated string: dnsforward entries +WARNING: untranslated string: dnsforward forward_server +WARNING: untranslated string: dnsforward zone WARNING: untranslated string: emerging rules WARNING: untranslated string: extrahd because there is already a device mounted WARNING: untranslated string: extrahd cant umount @@ -583,6 +590,46 @@ WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table WARNING: untranslated string: server restart WARNING: untranslated string: static routes +WARNING: untranslated string: tor +WARNING: untranslated string: tor accounting +WARNING: untranslated string: tor accounting bytes +WARNING: untranslated string: tor accounting bytes left +WARNING: untranslated string: tor accounting interval +WARNING: untranslated string: tor accounting limit +WARNING: untranslated string: tor accounting period +WARNING: untranslated string: tor acls +WARNING: untranslated string: tor allowed subnets +WARNING: untranslated string: tor bandwidth burst +WARNING: untranslated string: tor bandwidth rate +WARNING: untranslated string: tor bandwidth settings +WARNING: untranslated string: tor bandwidth unlimited +WARNING: untranslated string: tor common settings +WARNING: untranslated string: tor configuration +WARNING: untranslated string: tor connected relays +WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor do not advertise relay +WARNING: untranslated string: tor enabled +WARNING: untranslated string: tor errmsg invalid ip or mask +WARNING: untranslated string: tor exit country any +WARNING: untranslated string: tor exit nodes +WARNING: untranslated string: tor relay address +WARNING: untranslated string: tor relay configuration +WARNING: untranslated string: tor relay enabled +WARNING: untranslated string: tor relay external address +WARNING: untranslated string: tor relay fingerprint +WARNING: untranslated string: tor relay mode +WARNING: untranslated string: tor relay mode bridge +WARNING: untranslated string: tor relay mode exit +WARNING: untranslated string: tor relay mode private bridge +WARNING: untranslated string: tor relay mode relay +WARNING: untranslated string: tor relay nickname +WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor socks port +WARNING: untranslated string: tor stats +WARNING: untranslated string: tor traffic limit hard +WARNING: untranslated string: tor traffic limit soft +WARNING: untranslated string: tor traffic read written +WARNING: untranslated string: tor use exit nodes WARNING: untranslated string: uptime load average WARNING: untranslated string: visit us at WARNING: untranslated string: vpn keyexchange diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 1756840..6679e73 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -510,12 +510,59 @@ WARNING: translation string unused: year-graph WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Scan for Songs WARNING: untranslated string: bytes +WARNING: untranslated string: dnsforward +WARNING: untranslated string: dnsforward add a new entry +WARNING: untranslated string: dnsforward configuration +WARNING: untranslated string: dnsforward edit an entry +WARNING: untranslated string: dnsforward entries +WARNING: untranslated string: dnsforward forward_server +WARNING: untranslated string: dnsforward zone WARNING: untranslated string: new WARNING: untranslated string: outgoing firewall reserved groupname WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table +WARNING: untranslated string: tor +WARNING: untranslated string: tor accounting +WARNING: untranslated string: tor accounting bytes +WARNING: untranslated string: tor accounting bytes left +WARNING: untranslated string: tor accounting interval +WARNING: untranslated string: tor accounting limit +WARNING: untranslated string: tor accounting period +WARNING: untranslated string: tor acls +WARNING: untranslated string: tor allowed subnets +WARNING: untranslated string: tor bandwidth burst +WARNING: untranslated string: tor bandwidth rate +WARNING: untranslated string: tor bandwidth settings +WARNING: untranslated string: tor bandwidth unlimited +WARNING: untranslated string: tor common settings +WARNING: untranslated string: tor configuration +WARNING: untranslated string: tor connected relays +WARNING: untranslated string: tor contact info +WARNING: untranslated string: tor do not advertise relay +WARNING: untranslated string: tor enabled +WARNING: untranslated string: tor errmsg invalid ip or mask +WARNING: untranslated string: tor exit country any +WARNING: untranslated string: tor exit nodes +WARNING: untranslated string: tor relay address +WARNING: untranslated string: tor relay configuration +WARNING: untranslated string: tor relay enabled +WARNING: untranslated string: tor relay external address +WARNING: untranslated string: tor relay fingerprint +WARNING: untranslated string: tor relay mode +WARNING: untranslated string: tor relay mode bridge +WARNING: untranslated string: tor relay mode exit +WARNING: untranslated string: tor relay mode private bridge +WARNING: untranslated string: tor relay mode relay +WARNING: untranslated string: tor relay nickname +WARNING: untranslated string: tor relay port +WARNING: untranslated string: tor socks port +WARNING: untranslated string: tor stats +WARNING: untranslated string: tor traffic limit hard +WARNING: untranslated string: tor traffic limit soft +WARNING: untranslated string: tor traffic read written +WARNING: untranslated string: tor use exit nodes WARNING: untranslated string: wlan client WARNING: untranslated string: wlan client advanced settings WARNING: untranslated string: wlan client and diff --git a/doc/language_missings b/doc/language_missings index b78b367..a9fa875 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -60,6 +60,13 @@ < ccd used < deprecated fs warn < dns address deleted txt +< dnsforward +< dnsforward add a new entry +< dnsforward configuration +< dnsforward edit an entry +< dnsforward entries +< dnsforward forward_server +< dnsforward zone < fireinfo ipfire version < fireinfo is disabled < fireinfo is enabled @@ -109,6 +116,50 @@ < snort working < static routes < system information +< tor +< tor accounting +< tor accounting bytes +< tor accounting bytes left +< tor accounting interval +< tor accounting limit +< tor accounting period +< tor accounting period daily +< tor accounting period monthly +< tor accounting period weekly +< tor acls +< tor allowed subnets +< tor bandwidth burst +< tor bandwidth rate +< tor bandwidth settings +< tor bandwidth unlimited +< tor common settings +< tor configuration +< tor connected relays +< tor contact info +< tor do not advertise relay +< tor enabled +< tor errmsg invalid ip or mask +< tor exit country +< tor exit country any +< tor exit nodes +< tor relay address +< tor relay configuration +< tor relay enabled +< tor relay external address +< tor relay fingerprint +< tor relay mode +< tor relay mode bridge +< tor relay mode exit +< tor relay mode private bridge +< tor relay mode relay +< tor relay nickname +< tor relay port +< tor socks port +< tor stats +< tor traffic limit hard +< tor traffic limit soft +< tor traffic read written +< tor use exit nodes < updxlrtr sources < updxlrtr standard view < upload new ruleset @@ -224,6 +275,13 @@ < ccd subnet < ccd used < deprecated fs warn +< dnsforward +< dnsforward add a new entry +< dnsforward configuration +< dnsforward edit an entry +< dnsforward entries +< dnsforward forward_server +< dnsforward zone < fireinfo ipfire version < fireinfo is disabled < fireinfo is enabled @@ -289,6 +347,50 @@ < Set time on boot < static routes < system information +< tor +< tor accounting +< tor accounting bytes +< tor accounting bytes left +< tor accounting interval +< tor accounting limit +< tor accounting period +< tor accounting period daily +< tor accounting period monthly +< tor accounting period weekly +< tor acls +< tor allowed subnets +< tor bandwidth burst +< tor bandwidth rate +< tor bandwidth settings +< tor bandwidth unlimited +< tor common settings +< tor configuration +< tor connected relays +< tor contact info +< tor do not advertise relay +< tor enabled +< tor errmsg invalid ip or mask +< tor exit country +< tor exit country any +< tor exit nodes +< tor relay address +< tor relay configuration +< tor relay enabled +< tor relay external address +< tor relay fingerprint +< tor relay mode +< tor relay mode bridge +< tor relay mode exit +< tor relay mode private bridge +< tor relay mode relay +< tor relay nickname +< tor relay port +< tor socks port +< tor stats +< tor traffic limit hard +< tor traffic limit soft +< tor traffic read written +< tor use exit nodes < updxlrtr sources < updxlrtr standard view < uptime @@ -380,6 +482,13 @@ < ccd subnet < ccd used < deprecated fs warn +< dnsforward +< dnsforward add a new entry +< dnsforward configuration +< dnsforward edit an entry +< dnsforward entries +< dnsforward forward_server +< dnsforward zone < extrahd because there is already a device mounted < extrahd cant umount < extrahd install or load driver @@ -421,6 +530,50 @@ < qos enter bandwidths < server restart < static routes +< tor +< tor accounting +< tor accounting bytes +< tor accounting bytes left +< tor accounting interval +< tor accounting limit +< tor accounting period +< tor accounting period daily +< tor accounting period monthly +< tor accounting period weekly +< tor acls +< tor allowed subnets +< tor bandwidth burst +< tor bandwidth rate +< tor bandwidth settings +< tor bandwidth unlimited +< tor common settings +< tor configuration +< tor connected relays +< tor contact info +< tor do not advertise relay +< tor enabled +< tor errmsg invalid ip or mask +< tor exit country +< tor exit country any +< tor exit nodes +< tor relay address +< tor relay configuration +< tor relay enabled +< tor relay external address +< tor relay fingerprint +< tor relay mode +< tor relay mode bridge +< tor relay mode exit +< tor relay mode private bridge +< tor relay mode relay +< tor relay nickname +< tor relay port +< tor socks port +< tor stats +< tor traffic limit hard +< tor traffic limit soft +< tor traffic read written +< tor use exit nodes < updxlrtr sources < updxlrtr standard view < uptime @@ -515,6 +668,13 @@ < day-graph < deprecated fs warn < disk access per +< dnsforward +< dnsforward add a new entry +< dnsforward configuration +< dnsforward edit an entry +< dnsforward entries +< dnsforward forward_server +< dnsforward zone < Edit an existing route < extrahd because there is already a device mounted < extrahd cant umount @@ -558,6 +718,50 @@ < qos enter bandwidths < server restart < static routes +< tor +< tor accounting +< tor accounting bytes +< tor accounting bytes left +< tor accounting interval +< tor accounting limit +< tor accounting period +< tor accounting period daily +< tor accounting period monthly +< tor accounting period weekly +< tor acls +< tor allowed subnets +< tor bandwidth burst +< tor bandwidth rate +< tor bandwidth settings +< tor bandwidth unlimited +< tor common settings +< tor configuration +< tor connected relays +< tor contact info +< tor do not advertise relay +< tor enabled +< tor errmsg invalid ip or mask +< tor exit country +< tor exit country any +< tor exit nodes +< tor relay address +< tor relay configuration +< tor relay enabled +< tor relay external address +< tor relay fingerprint +< tor relay mode +< tor relay mode bridge +< tor relay mode exit +< tor relay mode private bridge +< tor relay mode relay +< tor relay nickname +< tor relay port +< tor socks port +< tor stats +< tor traffic limit hard +< tor traffic limit soft +< tor traffic read written +< tor use exit nodes < updxlrtr sources < updxlrtr standard view < uptime diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi new file mode 100644 index 0000000..0c173e0 --- /dev/null +++ b/html/cgi-bin/tor.cgi @@ -0,0 +1,890 @@ +#!/usr/bin/perl +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2013 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +use strict; +use Locale::Country; + +# enable only the following on debugging purpose +use warnings; +use CGI::Carp 'fatalsToBrowser'; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; + +#workaround to suppress a warning when a variable is used only once +my @dummy = ( ${Header::colouryellow} ); +undef (@dummy); + +my @bandwidth_limits = ( + 1000 * 1024, # 1G + 500 * 1024, + 200 * 1024, + 100 * 1024, # 100M + 64 * 1024, + 50 * 1024, + 25 * 1024, + 20 * 1024, + 16 * 1024, + 10 * 1024, + 8 * 1024, + 4 * 1024, + 2 * 1024, + 1024, # 1M + 512, + 256, + 128, + 64 +); +my @accounting_periods = ('daily', 'weekly', 'monthly'); + +my $TOR_CONTROL_PORT = 9051; + +our %netsettings = (); +&General::readhash("${General::swroot}/ethernet/settings", %netsettings); + +our %settings = (); + +$settings{'TOR_ENABLED'} = 'off'; +$settings{'TOR_SOCKS_PORT'} = 9050; +$settings{'TOR_EXIT_COUNTRY'} = ''; +$settings{'TOR_USE_EXIT_NODES'} = ''; +$settings{'TOR_ALLOWED_SUBNETS'} = "$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}"; +if (&Header::blue_used()) { + $settings{'TOR_ALLOWED_SUBNETS'} .= ",$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}"; +} + +$settings{'TOR_RELAY_ENABLED'} = 'off'; +$settings{'TOR_RELAY_MODE'} = 'exit'; +$settings{'TOR_RELAY_PORT'} = 9001; +$settings{'TOR_RELAY_NOADVERTISE'} = 'off'; +$settings{'TOR_RELAY_BANDWIDTH_RATE'} = 0; +$settings{'TOR_RELAY_BANDWIDTH_BURST'} = 0; +$settings{'TOR_RELAY_ACCOUNTING_LIMIT'} = 0; +$settings{'TOR_RELAY_ACCOUNTING_PERIOD'} = 'daily'; + +$settings{'ACTION'} = ''; + +my $errormessage = ''; +my $warnmessage = ''; + +&Header::showhttpheaders(); + +# Get GUI values. +&Header::getcgihash(%settings); + +# Create tor command connection. +our $torctrl = &TorConnect(); + +# Toggle enable/disable field. +if ($settings{'ACTION'} eq $Lang::tr{'save'}) { + my @temp = split(/[\n,]/,$settings{'TOR_ALLOWED_SUBNETS'}); + $settings{'TOR_ALLOWED_SUBNETS'} = ""; + foreach (@temp) { + s/^\s+//g; s/\s+$//g; + if ($_) { + unless (&General::validipandmask($_)) { + $errormessage = "$Lang::tr{'tor errmsg invalid ip or mask'}: $_"; + } + $settings{'TOR_ALLOWED_SUBNETS'} .= $_.","; + } + } + + @temp = split(/[\n,]/,$settings{'TOR_USE_EXIT_NODES'}); + $settings{'TOR_USE_EXIT_NODES'} = ""; + foreach (@temp) { + s/^\s+//g; s/\s+$//g; + if ($_) { + $settings{'TOR_USE_EXIT_NODES'} .= $_.","; + } + } + + if ($errormessage eq '') { + # Write configuration settings to file. + &General::writehash("${General::swroot}/tor/settings", %settings); + + # Update configuration files. + &BuildConfiguration(); + } + + # Reset ACTION. + $settings{'ACTION'} = ''; +} + +# Load settings from file. +&General::readhash("${General::swroot}/tor/settings", %settings); + +&showMainBox(); + +# Close Tor control connection. +&TorClose($torctrl); + +# Functions + +sub showMainBox() { + my %checked = (); + my %selected = (); + + $checked{'TOR_ENABLED'}{'on'} = ''; + $checked{'TOR_ENABLED'}{'off'} = ''; + $checked{'TOR_ENABLED'}{$settings{'TOR_ENABLED'}} = 'checked'; + + $checked{'TOR_RELAY_ENABLED'}{'on'} = ''; + $checked{'TOR_RELAY_ENABLED'}{'off'} = ''; + $checked{'TOR_RELAY_ENABLED'}{$settings{'TOR_RELAY_ENABLED'}} = 'checked'; + + &Header::openpage($Lang::tr{'tor configuration'}, 1, ''); + &Header::openbigbox('100%', 'left', '', $errormessage); + + if ($errormessage) { + &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); + print "<font class='base'>$errormessage </font>\n"; + &Header::closebox(); + } + + print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n"; + + &Header::openbox('100%', 'left', $Lang::tr{'tor configuration'}); + + print <<END; + <table width='100%'> + <tr> + <td colspan='4' class='base'><b>$Lang::tr{'tor common settings'}</b></td> + </tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor enabled'}:</td> + <td width='30%'><input type='checkbox' name='TOR_ENABLED' $checked{'TOR_ENABLED'}{'on'} /></td> + <td width='25%' class='base'>$Lang::tr{'tor socks port'}:</td> + <td width='20%'><input type='text' name='TOR_SOCKS_PORT' value='$settings{'TOR_SOCKS_PORT'}' size='5' /></td> + </tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor relay enabled'}:</td> + <td width='30%'><input type='checkbox' name='TOR_RELAY_ENABLED' $checked{'TOR_RELAY_ENABLED'}{'on'} /></td> + <td width='25%' class='base'></td> + <td width='20%'></td> + </tr> + </table> +END + + if ($settings{'TOR_ENABLED'} eq 'on') { + my @temp = split(",", $settings{'TOR_ALLOWED_SUBNETS'}); + $settings{'TOR_ALLOWED_SUBNETS'} = join("\n", @temp); + + @temp = split(",", $settings{'TOR_USE_EXIT_NODES'}); + $settings{'TOR_USE_EXIT_NODES'} = join("\n", @temp); + + print <<END; + <br> + <hr size='1'> + <br> + + <table width='100%'> + <tr> + <td colspan='4' class='base'><b>$Lang::tr{'tor acls'}</b></td> + </tr> + <tr> + <td colspan='2' class='base' width='55%'> + $Lang::tr{'tor allowed subnets'}: + </td> + <td colspan='2' width='45%'></td> + </tr> + <tr> + <td colspan='2' class='base' width='55%'> + <textarea name='TOR_ALLOWED_SUBNETS' cols='32' rows='3' wrap='off'>$settings{'TOR_ALLOWED_SUBNETS'}</textarea> + </td> + <td colspan='2' width='45%'></td> + </tr> + </table> + + <br> + <hr size='1'> + <br> + + <table width='100%'> + <tr> + <td colspan='4' class='base'><b>$Lang::tr{'tor exit nodes'}</b></td> + </tr> + <tr> + <td colspan='2' class='base' width='55%'></td> + <td colspan='2' class='base' width='45%'>$Lang::tr{'tor use exit nodes'}:</td> + </tr> + <tr> + <td width='50%' colspan='2'> + <select name='TOR_EXIT_COUNTRY'> + <option value=''>- $Lang::tr{'tor exit country any'} -</option> +END + + my @country_names = Locale::Country::all_country_names(); + foreach my $country_name (sort @country_names) { + my $country_code = Locale::Country::country2code($country_name); + $country_code = uc($country_code); + print "<option value='$country_code'>$country_name ($country_code)</option>\n"; + } + + print <<END; + </select> + </td> + <td width='50%' colspan='2'> + <textarea name='TOR_USE_EXIT_NODES' cols='32' rows='3' wrap='off'>$settings{'TOR_USE_EXIT_NODES'}</textarea> + </td> + </tr> + </table> + <br><br> +END + } + + &Header::closebox(); + + if ($settings{'TOR_RELAY_ENABLED'} eq 'on') { + $checked{'TOR_RELAY_NOADVERTISE'}{'on'} = ''; + $checked{'TOR_RELAY_NOADVERTISE'}{'off'} = ''; + $checked{'TOR_RELAY_NOADVERTISE'}{$settings{'TOR_RELAY_NOADVERTISE'}} = 'checked'; + + $selected{'TOR_RELAY_MODE'}{'bridge'} = ''; + $selected{'TOR_RELAY_MODE'}{'exit'} = ''; + $selected{'TOR_RELAY_MODE'}{'private-bridge'} = ''; + $selected{'TOR_RELAY_MODE'}{'relay'} = ''; + $selected{'TOR_RELAY_MODE'}{$settings{'TOR_RELAY_MODE'}} = 'selected'; + + $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'} = ''; + foreach (@bandwidth_limits) { + $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_} = ''; + } + $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$settings{'TOR_RELAY_BANDWIDTH_RATE'}} = 'selected'; + + $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'} = ''; + foreach (@bandwidth_limits) { + $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_} = ''; + } + $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$settings{'TOR_RELAY_BANDWIDTH_BURST'}} = 'selected'; + + foreach (@accounting_periods) { + $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_} = ''; + } + $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$settings{'TOR_RELAY_ACCOUNTING_PERIOD'}} = 'selected'; + + &Header::openbox('100%', 'left', $Lang::tr{'tor relay configuration'}); + + print <<END; + <table width='100%'> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor relay mode'}:</td> + <td width='30%'> + <select name='TOR_RELAY_MODE'> + <option value='exit' $selected{'TOR_RELAY_MODE'}{'exit'}>$Lang::tr{'tor relay mode exit'}</option> + <option value='relay' $selected{'TOR_RELAY_MODE'}{'relay'}>$Lang::tr{'tor relay mode relay'}</option> + <option value='bridge' $selected{'TOR_RELAY_MODE'}{'bridge'}>$Lang::tr{'tor relay mode bridge'}</option> + <option value='private-bridge' $selected{'TOR_RELAY_MODE'}{'private-bridge'}>$Lang::tr{'tor relay mode private bridge'}</option> + </select> + </td> + <td width='25%' class='base'>$Lang::tr{'tor relay port'}:</td> + <td width='20%'> + <input type='text' name='TOR_RELAY_PORT' value='$settings{'TOR_RELAY_PORT'}' size='5' /> + </td> + </tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor relay address'}: <img src='/blob.gif' alt='*' /></td> + <td width='30%'> + <input type='text' name='TOR_RELAY_ADDRESS' value='$settings{'TOR_RELAY_ADDRESS'}' /> + </td> + <td width='25%' class='base'>$Lang::tr{'tor do not advertise relay'}:</td> + <td width='20%'> + <input type='checkbox' name='TOR_RELAY_NOADVERTISE' $checked{'TOR_RELAY_NOADVERTISE'}{'on'} /> + </td> + </tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor relay nickname'}: <img src='/blob.gif' alt='*' /></td> + <td width='30%'> + <input type='text' name='TOR_RELAY_NICKNAME' value='$settings{'TOR_RELAY_NICKNAME'}' /> + </td> + <td colspan='2'></td> + </tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor contact info'}: <img src='/blob.gif' alt='*' /></td> + <td width='75%' colspan='3'> + <input type='text' name='TOR_RELAY_CONTACT_INFO' value='$settings{'TOR_RELAY_CONTACT_INFO'}' size='60' /> + </td> + </tr> + </table> + + <hr size='1'> + + <table width='100%'> + <tr> + <td colspan='4' class='base'><b>$Lang::tr{'tor bandwidth settings'}</b></td> + </tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor bandwidth rate'}:</td> + <td width='30%' class='base'> + <select name='TOR_RELAY_BANDWIDTH_RATE'> +END + + foreach (@bandwidth_limits) { + if ($_ >= 1024) { + print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>". $_ / 1024 ." MBit/s</option>\n"; + } else { + print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{$_}>$_ kBit/s</option>\n"; + } + } + + print <<END; + <option value='0' $selected{'TOR_RELAY_BANDWIDTH_RATE'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option> + </select> + </td> + <td width='25%' class='base'>$Lang::tr{'tor accounting limit'}:</td> + <td width='20%'> + <input type='text' name='TOR_RELAY_ACCOUNTING_LIMIT' value='$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}' size='12' /> + </td> + </tr> + <tr> + <td width='25%' class='base'>$Lang::tr{'tor bandwidth burst'}:</td> + <td width='20%' class='base'> + <select name='TOR_RELAY_BANDWIDTH_BURST'> +END + + foreach (@bandwidth_limits) { + if ($_ >= 1024) { + print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>". $_ / 1024 ." MBit/s</option>\n"; + } else { + print "<option value='$_' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{$_}>$_ kBit/s</option>\n"; + } + } + print <<END; + <option value='0' $selected{'TOR_RELAY_BANDWIDTH_BURST'}{'0'}>$Lang::tr{'tor bandwidth unlimited'}</option> + </select> + </td> + <td width='25%' class='base'>$Lang::tr{'tor accounting period'}:</td> + <td width='20%'> + <select name='TOR_RELAY_ACCOUNTING_PERIOD'> +END + + foreach (@accounting_periods) { + print "<option value='$_' $selected{'TOR_RELAY_ACCOUNTING_PERIOD'}{$_}>$Lang::tr{'tor accounting period '.$_}</option>"; + } + + print <<END; + </select> + </td> + </tr> + </table> +END + + &Header::closebox(); + } + + print <<END; + <table width='100%'> + <tr> + <td> + <img src='/blob.gif' align='top' alt='*' /> <font class='base'>$Lang::tr{'this field may be blank'}</font> + </td> + <td align='right'> </td> + </tr> + </table> + + <hr> + + <table width='100%'> + <tr> + <td> </td> + <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td> + <td> </td> + </tr> + </table> +END + + # If we have a control connection, show the stats. + if ($torctrl) { + &Header::openbox('100%', 'left', $Lang::tr{'tor stats'}); + + my @traffic = &TorTrafficStats($torctrl); + + if (@traffic) { + print <<END; + <table width='100%'> +END + + if ($settings{'TOR_RELAY_ENABLED'} eq 'on') { + my $fingerprint = &TorRelayFingerprint($torctrl); + if ($fingerprint) { + print <<END; + <tr> + <td width='40%' class='base'>$Lang::tr{'tor relay fingerprint'}:</td> + <td width='60%'> + <a href='https://atlas.torproject.org/#details/$fingerprint' target='_blank'>$fingerprint</a> + </td> + </tr> +END + } + } + + my $address = TorGetInfo($torctrl, "address"); + if ($address) { + print <<END; + <tr> + <td width='40%' class='base'>$Lang::tr{'tor relay external address'}:</td> + <td width='60%'>$address</td> + </tr> +END + } + + print <<END; + <tr> + <td width='40%'>$Lang::tr{'tor traffic read written'}:</td> +END + print "<td width='60%'>" . &FormatBytes($traffic[0]) ."/". &FormatBytes($traffic[1]) . "</td>"; + print <<END; + </tr> + </table> +END + } + + my $accounting = &TorAccountingStats($torctrl); + if ($accounting) { + print <<END; + <table width='100%'> + <tr> + <td colspan='2' class='base'><b>$Lang::tr{'tor accounting'}</b></td> + </tr> +END + + if ($accounting->{'hibernating'} eq "hard") { + print <<END; + <tr> + <td class='base' colspan='2' bgcolor="$Header::colourred" align='center'> + <font color='white'>$Lang::tr{'tor traffic limit hard'}</font> + </td> + </tr> +END + } elsif ($accounting->{'hibernating'} eq "soft") { + print <<END; + <tr> + <td class='base' colspan='2' bgcolor="$Header::colourorange" align='center'> + <font color='white'>$Lang::tr{'tor traffic limit soft'}</font> + </td> + </tr> +END + } + + print <<END; + <tr> + <td width='40%' class='base'>$Lang::tr{'tor accounting interval'}</td> + <td width='60%'> + $accounting->{'interval-start'} - $accounting->{'interval-end'} + </td> + </tr> + <tr> + <td width='40%' class='base'>$Lang::tr{'tor accounting bytes'}</td> + <td width='60%'> +END + + print &FormatBytes($accounting->{'bytes_read'}) . "/" . &FormatBytes($accounting->{'bytes_written'}); + print " (" . &FormatBytes($accounting->{'bytes-left_read'}) . "/" . &FormatBytes($accounting->{'bytes-left_written'}); + print " $Lang::tr{'tor accounting bytes left'})"; + + print <<END; + </td> + </tr> + </table> +END + } + + my @nodes = &TorORConnStatus($torctrl); + if (@nodes) { + my $nodes_length = scalar @nodes; + print <<END; + <table width='100%'> + <tr> + <td width='40%' class='base'><b>$Lang::tr{'tor connected relays'}</b></td> + <td width='60%' colspan='2'>($nodes_length)</td> + </tr> +END + + foreach my $node (@nodes) { + print <<END; + <tr> + <td width='40%'> + <a href='https://atlas.torproject.org/#details/$node-%3E%7B%27fingerprint%27%7D' target='_blank'> + $node->{'name'} + </a> + </td> + <td width='30%'> +END + + if (exists($node->{'country_code'})) { + print "<a href='country.cgi#$node->{'country_code'}'><img src='/images/flags/$node->{'country_code'}.png' border='0' align='absmiddle' alt='$node->{'country_code'}'></a>"; + } + + print <<END; + <a href='ipinfo.cgi?ip=$node->{'address'}'>$node->{'address'}</a>:$node->{'port'} + </td> + <td width='30%' align='right'> + ~$node->{'bandwidth_string'} + </td> + </tr> +END + } + print "</table>"; + } + + &Header::closebox(); + } + + print "</form>\n"; + + &Header::closebigbox(); + &Header::closepage(); +} + +sub BuildConfiguration() { + my %settings = (); + &General::readhash("${General::swroot}/tor/settings", %settings); + + my $torrc = "${General::swroot}/tor/torrc"; + + open(FILE, ">$torrc"); + + # Global settings. + print FILE "ControlPort $TOR_CONTROL_PORT\n"; + + if ($settings{'TOR_ENABLED'} eq 'on') { + my $strict_nodes = 0; + + print FILE "SocksPort 0.0.0.0:$settings{'TOR_SOCKS_PORT'}\n"; + + my @subnets = split(",", $settings{'TOR_ALLOWED_SUBNETS'}); + foreach (@subnets) { + print FILE "SocksPolicy accept $_\n" if (&General::validipandmask($_)); + } + print FILE "SocksPolicy reject *\n" if (@subnets); + + if ($settings{'TOR_EXIT_COUNTRY'} ne '') { + $strict_nodes = 1; + + print FILE "ExitNodes {$settings{'TOR_EXIT_COUNTRY'}}\n"; + } + + if ($settings{'TOR_USE_EXIT_NODES'} ne '') { + $strict_nodes = 1; + + my @nodes = split(",", $settings{'TOR_USE_EXIT_NODES'}); + foreach (@nodes) { + print FILE "ExitNode $_\n"; + } + } + + if ($strict_nodes > 0) { + print FILE "StrictNodes 1\n"; + } + } + + if ($settings{'TOR_RELAY_ENABLED'} eq 'on') { + # Reject access to private networks. + print FILE "ExitPolicyRejectPrivate 1\n"; + + print FILE "ORPort $settings{'TOR_RELAY_PORT'}"; + if ($settings{'TOR_RELAY_NOADVERTISE'} eq 'on') { + print FILE " NoAdvertise"; + } + print FILE "\n"; + + if ($settings{'TOR_RELAY_ADDRESS'} ne '') { + print FILE "Address $settings{'TOR_RELAY_ADDRESS'}\n"; + } + + if ($settings{'TOR_RELAY_NICKNAME'} ne '') { + print FILE "Nickname $settings{'TOR_RELAY_NICKNAME'}\n"; + } + + if ($settings{'TOR_RELAY_CONTACT_INFO'} ne '') { + print FILE "ContactInfo $settings{'TOR_RELAY_CONTACT_INFO'}\n"; + } + + # Limit to bridge mode. + my $is_bridge = 0; + + if ($settings{'TOR_RELAY_MODE'} eq 'bridge') { + $is_bridge++; + + # Private bridge. + } elsif ($settings{'TOR_RELAY_MODE'} eq 'private-bridge') { + $is_bridge++; + + print FILE "PublishServerDescriptor 0\n"; + + # Exit node. + } elsif ($settings{'TOR_RELAY_MODE'} eq 'exit') { + print FILE "ExitPolicy accept *:*\n"; + + # Relay only. + } elsif ($settings{'TOR_RELAY_MODE'} eq 'relay') { + print FILE "ExitPolicy reject *:*\n"; + } + + if ($is_bridge > 0) { + print FILE "BridgeRelay 1\n"; + print FILE "Exitpolicy reject *:*\n"; + } + + if ($settings{'TOR_RELAY_BANDWIDTH_RATE'} > 0) { + print FILE "RelayBandwidthRate "; + print FILE $settings{'TOR_RELAY_BANDWIDTH_RATE'} / 8; + print FILE " KB\n"; + + if ($settings{'TOR_RELAY_BANDWIDTH_BURST'} > 0) { + print FILE "RelayBandwidthBurst "; + print FILE $settings{'TOR_RELAY_BANDWIDTH_BURST'} / 8; + print FILE " KB\n"; + } + } + + if ($settings{'TOR_RELAY_ACCOUNTING_LIMIT'} > 0) { + print FILE "AccountingMax ".$settings{'TOR_RELAY_ACCOUNTING_LIMIT'}." MB\n"; + + if ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'daily') { + print FILE "AccountingStart day 00:00\n"; + } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'weekly') { + print FILE "AccountingStart week 1 00:00\n"; + } elsif ($settings{'TOR_RELAY_ACCOUNTING_PERIOD'} eq 'monthly') { + print FILE "AccountingStart month 1 00:00\n"; + } + } + } + + close(FILE); + + # Restart the service. + if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) { + system("/usr/local/bin/torctrl restart &>/dev/null"); + } else { + system("/usr/local/bin/torctrl stop &>/dev/null"); + } +} + +sub TorConnect() { + my $socket = new IO::Socket::INET( + Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => $TOR_CONTROL_PORT, + ) or return; + + $socket->autoflush(1); + + # Authenticate. + &TorSendCommand($socket, "AUTHENTICATE"); + + return $socket; +} + +sub TorSendCommand() { + my ($socket, $cmd) = @_; + + # Replace line ending with \r\n. + chomp $cmd; + $cmd .= "\r\n"; + + $socket->send($cmd); + + my @output = (); + while (my $line = <$socket>) { + # Skip empty lines. + if ($line =~ /^.\r\n$/) { + next; + } + + # Command has been successfully executed. + if ($line =~ /250 OK/) { + last; + + # Error. + } elsif ($line =~ /^5\d+/) { + last; + + } else { + # Remove line endings. + $line =~ s/\r\n$//; + + push(@output, $line); + } + } + + return @output; +} + +sub TorSendCommandOneLine() { + my ($tor, $cmd) = @_; + + my @output = &TorSendCommand($tor, $cmd); + return $output[0]; +} + +sub TorGetInfo() { + my ($tor, $cmd) = @_; + + my $output = &TorSendCommandOneLine($tor, "GETINFO ".$cmd); + + my ($key, $value) = split("=", $output); + return $value; +} + +sub TorClose() { + my $socket = shift; + + if ($socket) { + $socket->shutdown(2); + } +} + +sub TorTrafficStats() { + my $tor = shift; + + my $output_read = &TorGetInfo($tor, "traffic/read"); + my $output_written = &TorGetInfo($tor, "traffic/written"); + + return ($output_read, $output_written); +} + +sub TorRelayFingerprint() { + my $tor = shift; + + return &TorGetInfo($tor, "fingerprint"); +} + +sub TorORConnStatus() { + my $tor = shift; + my @nodes = (); + + my @output = &TorSendCommand($tor, "GETINFO orconn-status"); + foreach (@output) { + $_ =~ s/^250[+-]orconn-status=//; + next if ($_ eq ""); + last if ($_ eq "."); + next unless ($_ =~ /^$/); + + my @line = split(" ", $_); + my @node = split(/[=~]/, $line[0]); + + my $node = &TorNodeDescription($tor, $node[0]); + if ($node) { + push(@nodes, $node); + } + } + + # Sort by names. + @nodes = sort { $a->{'name'} cmp $b->{'name'} } @nodes; + + return @nodes; +} + +sub TorNodeDescription() { + my ($tor, $fingerprint) = @_; + $fingerprint =~ s/$//; + + my $node = { + fingerprint => $fingerprint, + exit_node => 0, + }; + + my @output = &TorSendCommand($tor, "GETINFO ns/id/$node->{'fingerprint'}"); + + foreach (@output) { + # Router + if ($_ =~ /^r (\w+) (.*) (\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}) (\d+)/) { + $node->{'name'} = $1; + $node->{'address'} = $3; + $node->{'port'} = $4; + + my $country_code = &TorGetInfo($tor, "ip-to-country/$node->{'address'}"); + $node->{'country_code'} = $country_code; + + # Flags + } elsif ($_ =~ /^s (.*)$/) { + $node->{'flags'} = split(" ", $1); + + foreach my $flag ($node->{'flags'}) { + if ($flag eq "Exit") { + $node->{'exit_node'}++; + } + } + + # Bandwidth + } elsif ($_ =~ /^w Bandwidth=(\d+)/) { + $node->{'bandwidth'} = $1 * 8; + $node->{'bandwidth_string'} = &FormatBitsPerSecond($node->{'bandwidth'}); + } + } + + if (exists($node->{'name'})) { + return $node; + } +} + +sub TorAccountingStats() { + my $tor = shift; + my $ret = {}; + + my $enabled = &TorGetInfo($tor, "accounting/enabled"); + if ($enabled ne '1') { + return; + } + + my @cmds = ("hibernating", "interval-start", "interval-end"); + foreach (@cmds) { + $ret->{$_} = &TorGetInfo($tor, "accounting/$_"); + } + + my @cmds = ("bytes", "bytes-left"); + foreach (@cmds) { + my $output = &TorGetInfo($tor, "accounting/$_"); + my @bytes = split(" ", $output); + + $ret->{$_."_read"} = $bytes[0]; + $ret->{$_."_written"} = $bytes[1]; + } + + return $ret; +} + +sub FormatBytes() { + my $bytes = shift; + + my @units = ("B", "KB", "MB", "GB", "TB"); + my $units_index = 0; + + while (($units_index <= $#units) && ($bytes >= 1024)) { + $units_index++; + $bytes /= 1024; + } + + return sprintf("%.2f %s", $bytes, $units[$units_index]); +} + +sub FormatBitsPerSecond() { + my $bits = shift; + + my @units = ("Bit/s", "KBit/s", "MBit/s", "GBit/s", "TBit/s"); + my $units_index = 0; + + while (($units_index <= $#units) && ($bits >= 1024)) { + $units_index++; + $bits /= 1024; + } + + return sprintf("%.2f %s", $bits, $units[$units_index]); +} diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index d1ad7b0..a21f75a 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1797,6 +1797,50 @@ 'tone' => 'Ton', 'tone dial' => 'Tonwahl:', 'too long 80 char max' => ' ist zu lang, es sind maximal 80 Zeichen erlaubt', +'tor' => 'Tor', +'tor accounting' => 'Accounting', +'tor accounting bytes' => 'Traffic (empfangen/gesendet)', +'tor accounting bytes left' => 'übrig', +'tor accounting interval' => 'Intervall (UTC)', +'tor accounting limit' => 'Übertragungslimit (MB)', +'tor accounting period' => 'Accounting-Periode', +'tor accounting period daily' => 'täglich', +'tor accounting period monthly' => 'monatlich', +'tor accounting period weekly' => 'wöchentlich', +'tor acls' => 'Zugriffskontrolle', +'tor allowed subnets' => 'Erlaubte Subnetze (eins pro Zeile)', +'tor bandwidth burst' => 'Max. Spitzenwert (Burst)', +'tor bandwidth rate' => 'Max. Bandbreite', +'tor bandwidth settings' => 'Bandbreiteneinstellungen', +'tor bandwidth unlimited' => 'unlimitiert', +'tor common settings' => 'Einstellungen', +'tor configuration' => 'Tor-Konfiguration', +'tor connected relays' => 'Verbundene Relays', +'tor contact info' => 'Kontaktinformationen', +'tor do not advertise relay' => 'Relay nicht announcieren', +'tor enabled' => 'Tor einschalten', +'tor errmsg invalid ip or mask' => 'Ungültiges IP-Subnetz', +'tor exit country' => 'Exit-Land', +'tor exit country any' => 'Beliebig', +'tor exit nodes' => 'Exit-Nodes', +'tor relay address' => 'Relay-Adresse', +'tor relay configuration' => 'Tor-Relay-Konfiguration', +'tor relay enabled' => 'Tor-Relay einschalten', +'tor relay external address' => 'Externe Relay-Adresse', +'tor relay fingerprint' => 'Relay-Fingerabdruck', +'tor relay mode' => 'Relay-Modues', +'tor relay mode bridge' => 'Bridge', +'tor relay mode exit' => 'Exit-Node', +'tor relay mode private bridge' => 'private Bridge', +'tor relay mode relay' => 'Nur Relay', +'tor relay nickname' => 'Relay-Nickname', +'tor relay port' => 'Relay-Port', +'tor socks port' => 'SOCKS-Port', +'tor stats' => 'Statistiken', +'tor traffic limit hard' => 'Das Übertragungslimit wurde erreicht.', +'tor traffic limit soft' => 'Das Übertragungslimit wurde fast erreicht. Es werden keine neuen Verbindungen akzeptiert.', +'tor traffic read written' => 'Gesamter Traffic (empfangen/gesendet)', +'tor use exit nodes' => 'Nur diese Exit-Nodes benutzen (eins pro Zeile)', 'total connection time' => 'Verbindungszeit', 'total hits for log section' => 'Gesamte Treffer für Log Sektion', 'traffic back' => 'Zurück', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 30d0734..b16ecbf 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1831,6 +1831,52 @@ 'tone' => 'Tone', 'tone dial' => 'Tone dial:', 'too long 80 char max' => ' is too long, maximum allowed is 80 characters', +'tor' => 'Tor', +'tor accounting' => 'Accounting', +'tor accounting bytes' => 'Traffic (read/written)', +'tor accounting bytes left' => 'left', +'tor accounting interval' => 'Interval (UTC)', +'tor accounting limit' => 'Accounting limit (MB)', +'tor accounting period' => 'Accounting period', +'tor accounting period daily' => 'daily', +'tor accounting period monthly' => 'monthly', +'tor accounting period weekly' => 'weekly', +'tor acls' => 'Access Control', +'tor allowed subnets' => 'Allowed subnets (one per line)', +'tor bandwidth burst' => 'Max. burst', +'tor bandwidth rate' => 'Max. rate', +'tor bandwidth settings' => 'Bandwidth Settings', +'tor bandwidth unlimited' => 'unlimited', +'tor bridge enabled' => 'Enable Tor bridge', +'tor common settings' => 'Common Settings', +'tor configuration' => 'Tor Configuration', +'tor connected relays' => 'Connected relays', +'tor contact info' => 'Contact Info', +'tor do not advertise relay' => 'Do not advertise the relay', +'tor enabled' => 'Enable Tor', +'tor errmsg invalid ip or mask' => 'Invalid IP subnet', +'tor errmsg invalid node id' => 'Invalid node ID', +'tor exit country' => 'Exit country', +'tor exit country any' => 'Any country', +'tor exit nodes' => 'Exit Nodes', +'tor relay address' => 'Relay address', +'tor relay configuration' => 'Tor Relay Configuration', +'tor relay enabled' => 'Enable Tor Relay', +'tor relay external address' => 'Relay external address', +'tor relay fingerprint' => 'Relay fingerprint', +'tor relay mode' => 'Relay mode', +'tor relay mode bridge' => 'Bridge', +'tor relay mode exit' => 'Exit-Node', +'tor relay mode private bridge' => 'Private bridge', +'tor relay mode relay' => 'Relay only', +'tor relay nickname' => 'Relay nickname', +'tor relay port' => 'Relay port', +'tor socks port' => 'SOCKS port', +'tor stats' => 'Statistics', +'tor traffic limit hard' => 'Traffic limit has been reached.', +'tor traffic limit soft' => 'Traffic limit almost reached. Not accepting any new connections.', +'tor traffic read written' => 'Total traffic (read/written)', +'tor use exit nodes' => 'Use only these exit nodes (one per line)', 'total connection time' => 'Total connection time', 'total hits for log section' => 'Total hits for log section', 'traffic back' => 'Back', diff --git a/lfs/arm b/lfs/arm new file mode 100644 index 0000000..2fbf65e --- /dev/null +++ b/lfs/arm @@ -0,0 +1,83 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.4.5.0 + +THISAPP = arm-$(VER) +DL_FILE = $(THISAPP).tar.bz2 +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/arm +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = arm +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = f85f306e50b90796ab7097d948e8fcf2 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/arm-dont-require-distutils.patch + cd $(DIR_APP) && ./install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/tor b/lfs/tor new file mode 100644 index 0000000..a61ac40 --- /dev/null +++ b/lfs/tor @@ -0,0 +1,113 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.2.3.25 + +THISAPP = tor-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = tor +PAK_VER = 1 + +DEPS = "libevent2" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = a1c364189a9a66ed9daa8e6436489daf + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && \ + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --with-tor-user=nobody \ + --with-tor-group=nobody + + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + # Install configuration files. + mkdir -pv /var/ipfire/tor /var/lib/tor /var/log/tor + touch /var/ipfire/tor/settings + mv /etc/tor/torrc.sample /var/ipfire/tor/torrc + ln -svf /var/ipfire/tor/torrc /etc/tor/torrc + + # Adjust ownerships. + chown nobody:nobody /var/lib/tor /var/ipfire/tor + + # Logrotate + mkdir -pv /etc/logrotate.d + install -v -m 644 $(DIR_SRC)/config/tor/tor.logrotate \ + /etc/logrotate.d/tor + + # Defaults + mkdir -pv /usr/share/tor + install -v -m 644 $(DIR_SRC)/config/tor/defaults-torrc \ + /usr/share/tor/defaults-torrc + + install -v -m 644 $(DIR_SRC)/config/backup/includes/tor \ + /var/ipfire/backup/addons/includes/tor + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index 8ca36bf..f74288d 100755 --- a/make.sh +++ b/make.sh @@ -779,6 +779,8 @@ buildipfire() { ipfiremake perl-File-Tail ipfiremake perl-TimeDate ipfiremake swatch + ipfiremake tor + ipfiremake arm echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild echo >> $BASEDIR/build/var/ipfire/firebuild diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall index 844618a..0237297 100644 --- a/src/initscripts/init.d/firewall +++ b/src/initscripts/init.d/firewall @@ -188,6 +188,10 @@ case "$1" in /sbin/iptables -t nat -A POSTROUTING -j OVPNNAT /sbin/iptables -t nat -A POSTROUTING -j IPSECNAT
+ # TOR + /sbin/iptables -N TOR_INPUT + /sbin/iptables -A INPUT -j TOR_INPUT + # Outgoing Firewall /sbin/iptables -A FORWARD -j OUTGOINGFWMAC
diff --git a/src/initscripts/init.d/tor b/src/initscripts/init.d/tor new file mode 100644 index 0000000..d376178 --- /dev/null +++ b/src/initscripts/init.d/tor @@ -0,0 +1,82 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/tor +# +# Description : Anonymizing overlay network for TCP +# +######################################################################## + +. /etc/sysconfig/rc +. ${rc_functions} + +function setup_firewall() { + eval $(readhash /var/ipfire/tor/settings) + + # Flush all rules. + flush_firewall + + if [ "${TOR_RELAY_ENABLED}" = "on" -a -n "${TOR_RELAY_PORT}" ]; then + iptables -A TOR_INPUT -p tcp --dport "${TOR_RELAY_PORT}" -j ACCEPT + fi +} + +function flush_firewall() { + # Flush all rules. + iptables -F TOR_INPUT +} + +case "${1}" in + start) + # Setup firewall. + setup_firewall + + boot_mesg "Starting tor..." + loadproc /usr/bin/tor \ + --runasdaemon 1 \ + --defaults-torrc /usr/share/tor/defaults-torrc \ + -f /etc/tor/torrc \ + --quiet + ;; + + stop) + # Flush firewall. + flush_firewall + + boot_mesg "Stopping tor..." + killproc /usr/bin/tor + ;; + + reload) + # Setup firewall. + setup_firewall + + boot_mesg "Reloading tor..." + reloadproc /usr/bin/tor + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + reload-or-restart) + # Reload the process if it is already running. Otherwise, restart. + if pidofproc -s /usr/bin/tor; then + $0 reload + else + $0 restart + fi + ;; + + status) + statusproc /usr/bin/tor + ;; + + *) + echo "Usage: ${0} {start|stop|reload|restart|reload-or-restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/tor diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index 2ec7878..4d09fbf 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -33,7 +33,7 @@ SUID_PROGS = setdmzholes setportfw setxtaccess \ redctrl syslogdctrl extrahdctrl sambactrl upnpctrl tripwirectrl \ smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \ setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \ - getconntracktable wirelessclient dnsmasqctrl + getconntracktable wirelessclient dnsmasqctrl torctrl SUID_UPDX = updxsetperms
install : all @@ -164,3 +164,6 @@ wirelessclient: wirelessclient.c setuid.o ../install+setup/libsmooth/varval.o
dnsmasqctrl: dnsmasqctrl.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ dnsmasqctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@ + +torctrl: torctrl.c setuid.o ../install+setup/libsmooth/varval.o + $(COMPILE) -I../install+setup/libsmooth/ torctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@ diff --git a/src/misc-progs/torctrl.c b/src/misc-progs/torctrl.c new file mode 100644 index 0000000..39d4956 --- /dev/null +++ b/src/misc-progs/torctrl.c @@ -0,0 +1,36 @@ +/* This file is part of the IPFire Firewall. + * + * This program is distributed under the terms of the GNU General Public + * Licence. See the file COPYING for details. + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <sys/types.h> +#include "setuid.h" + +int main(int argc, char *argv[]) { + if (!(initsetuid())) + exit(1); + + if (argc < 2) { + fprintf(stderr, "\nNo argument given.\n\ntorctrl (restart|stop)\n\n"); + exit(1); + } + + if (strcmp(argv[1], "restart") == 0) { + safe_system("/etc/rc.d/init.d/tor reload-or-restart"); + + } else if (strcmp(argv[1], "stop") == 0) { + safe_system("/etc/rc.d/init.d/tor stop"); + + } else { + fprintf(stderr, "\nBad argument given.\n\ntorctrl (restart|stop)\n\n"); + exit(1); + } + + return 0; +} diff --git a/src/patches/arm-dont-require-distutils.patch b/src/patches/arm-dont-require-distutils.patch new file mode 100644 index 0000000..1fe2b8a --- /dev/null +++ b/src/patches/arm-dont-require-distutils.patch @@ -0,0 +1,20 @@ +diff -Nur arm.vanilla/src/util/hostnames.py arm/src/util/hostnames.py +--- arm.vanilla/src/util/hostnames.py 2012-04-29 05:59:24.000000000 +0200 ++++ arm/src/util/hostnames.py 2013-07-31 17:59:19.245591564 +0200 +@@ -30,7 +30,6 @@ + import threading + import itertools + import Queue +-import distutils.sysconfig + + from util import log, sysTools + +@@ -264,7 +263,7 @@ + # 'socket.gethostbyaddr'. The following checks if the system has the + # gethostbyname_r function, which determines if python resolutions can be + # done in parallel or not. If so, this is preferable. +- isSocketResolutionParallel = distutils.sysconfig.get_config_var("HAVE_GETHOSTBYNAME_R") ++ isSocketResolutionParallel = True #distutils.sysconfig.get_config_var("HAVE_GETHOSTBYNAME_R") + self.useSocketResolution = CONFIG["queries.hostnames.useSocketModule"] and isSocketResolutionParallel + + for _ in range(CONFIG["queries.hostnames.poolSize"]):
hooks/post-receive -- IPFire 2.x development tree