5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
22 # Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 # Use is subject to license terms.
25 #ident "@(#)tor.sh 1.1 09/05/14 SMI"
28 .
/lib
/svc
/share
/smf_include.sh
30 # SMF_FMRI is the name of the target service. This allows multiple instances
31 # to use the same script.
33 if [ -z "$SMF_FMRI" ]; then
34 echo "SMF framework variables are not initialized."
39 # Raise the number of file descriptors
40 /usr
/bin
/ulimit -n 1024 2>&1 > /dev
/null
41 /usr
/lib
/tor
2>&1 > /dev
/null
45 /usr
/bin
/pkill
-x tor
2>&1 > /dev
/null
49 # Parse the various "*Port" and "*ListenAddress" parameters
50 # from the Tor config file (/etc/torrc) and create IPF rules.
57 # If this is non-zero, it is in use.
58 p
=`grep "^$port" /etc/torrc 2>/dev/null | \
61 if [ ! -z "$p" ]; then
62 echo "# Tor $port rules" >> ipf_file
66 generate_rules
$FMRI $policy "tcp" "any" $i $ipf_file
69 # Alternate *Address parameter may specify another port
70 a
=`grep "^$addr" /etc/torrc 2>/dev/null | \
73 if [ ! -z "$a" ]; then
74 echo "# Tor $addr rules" >> $ipf_file
78 p
=`echo "$i" | sed -e 's/.*://'`
79 ip
=`echo "$i" | sed -e 's/:.*//'`
81 # We don't need to add 0.0.0.0 IP
83 if [ "$ip" = "0.0.0.0" ]; then
86 if [ ! -z "$p" ]; then
87 generate_rules
$FMRI $policy "tcp" "any" $ip $p $ipf_file
98 # If Tor is not configured, there are no rules to add
100 if [ ! -f /etc
/torrc
]; then
104 ipf_file
=`fmri_to_file ${FMRI} $IPF_SUFFIX`
105 policy
=`get_policy ${FMRI}`
107 echo "# $FMRI" >$ipf_file
110 # Tor may be configured to listen on a specific Port or
111 # it may be configured to a specific interface:port combination
112 # so we look for both parameters for the various Tor ports in the
115 find_ports SocksPort SocksListenAddress
117 find_ports ORPort ORListenAddress
119 find_ports DirPort DirListenAddress
121 find_ports HiddenServicePort __no_addr_param__
123 find_ports ControlPort __no_addr_param__
140 echo "Usage: $0 {start|stop|ipfilter}"