[tor-commits] [arm/master] Splitting settings.cfg into individual configs

commit 3c45b2e032c4a7c0c9566599288b703ce821e8c4 Author: Damian Johnson atagar@torproject.org Date: Thu Dec 26 09:53:50 2013 -0800

Splitting settings.cfg into individual configs

Dividing our now-massive settings.cfg into individual configuration files concerning their particular topic. --- arm/config/dedup.cfg | 107 +++++++ arm/config/ports.cfg | 312 ++++++++++++++++++ arm/config/strings.cfg | 122 +++++++ arm/config/torrc.cfg | 313 ++++++++++++++++++ arm/logPanel.py | 2 +- arm/settings.cfg | 826 ------------------------------------------------ arm/starter.py | 4 +- arm/util/__init__.py | 23 ++ arm/util/torConfig.py | 38 +-- run_tests.py | 6 +- 10 files changed, 901 insertions(+), 852 deletions(-)

diff --git a/arm/config/dedup.cfg b/arm/config/dedup.cfg new file mode 100644 index 0000000..ce8afcb --- /dev/null +++ b/arm/config/dedup.cfg @@ -0,0 +1,107 @@ +################################################################################ +# +# Snippets from common log messages. These are used to determine when entries +# with dynamic content (hostnames, numbers, etc) are the same. If this matches +# the start of both messages then the entries are flagged as duplicates. If the +# entry begins with an asterisk (*) then it checks if the substrings exist +# anywhere in the messages. +# +# Examples for the complete messages: +# +# [BW] READ: 0, WRITTEN: 0 +# [DEBUG] connection_handle_write(): After TLS write of 512: 0 read, 586 written +# [DEBUG] flush_chunk_tls(): flushed 512 bytes, 0 ready to flush, 0 remain. +# [DEBUG] conn_read_callback(): socket 7 wants to read. +# [DEBUG] conn_write_callback(): socket 51 wants to write. +# [DEBUG] connection_remove(): removing socket -1 (type OR), n_conns now 50 +# [DEBUG] connection_or_process_cells_from_inbuf(): 7: starting, inbuf_datalen +# 0 (0 pending in tls object). +# [DEBUG] connection_read_to_buf(): 38: starting, inbuf_datalen 0 (0 pending in +# tls object). at_most 12800. +# [DEBUG] connection_read_to_buf(): TLS connection closed on read. Closing. +# (Nickname moria1, address 128.31.0.34) +# [INFO] run_connection_housekeeping(): Expiring non-open OR connection to fd +# 16 (79.193.61.171:443). +# [INFO] rep_hist_downrate_old_runs(): Discounting all old stability info by a +# factor of 0.950000 +# [NOTICE] Circuit build timeout of 96803ms is beyond the maximum build time we +# have ever observed. Capping it to 96107ms. +# The above NOTICE changes to an INFO message in maint-0.2.2 +# [NOTICE] Based on 1000 circuit times, it looks like we don't need to wait so +# long for circuits to finish. We will now assume a circuit is too slow +# to use after waiting 65 seconds. +# [NOTICE] We stalled too much while trying to write 150 bytes to address +# [scrubbed]. If this happens a lot, either something is wrong with +# your network connection, or something is wrong with theirs. (fd 238, +# type Directory, state 1, marked at main.c:702). +# [NOTICE] I learned some more directory information, but not enough to build a +# circuit: We have only 469/2027 usable descriptors. +# [NOTICE] Attempt by %s to open a stream from unknown relay. Closing. +# [NOTICE] Bootstrapped 72%: Loading relay descriptors. +# [WARN] You specified a server "Amunet8" by name, but this name is not +# registered +# [WARN] I have no descriptor for the router named "Amunet8" in my declared +# family; I'll use the nickname as is, but this may confuse clients. +# [WARN] Controller gave us config lines that didn't validate: Value +# 'BandwidthRate ' is malformed or out of bounds. +# [WARN] Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. +# (Network is unreachable; NOROUTE; count 47; recommendation warn) +# [WARN] 4 unknown, 1 missing key, 3 good, 0 bad, 1 no signature, 4 required +# [ARM_DEBUG] refresh rate: 0.001 seconds +# [ARM_DEBUG] proc call (process connections): /proc/net/[tcp|udp] (runtime: 0.0018) +# [ARM_DEBUG] system call: ps -p 2354 -o %cpu,rss,%mem,etime (runtime: 0.02) +# [ARM_DEBUG] system call: netstat -npt | grep 2354/tor (runtime: 0.02) +# [ARM_DEBUG] recreating panel 'graph' with the dimensions of 14/124 +# [ARM_DEBUG] redrawing the log panel with the corrected content height (estimat was off by 4) +# [ARM_DEBUG] GETINFO accounting/bytes-left (runtime: 0.0006) +# [ARM_DEBUG] GETINFO traffic/read (runtime: 0.0004) +# [ARM_DEBUG] GETINFO traffic/written (runtime: 0.0002) +# [ARM_DEBUG] GETCONF MyFamily (runtime: 0.0007) +# [ARM_DEBUG] Unable to query process resource usage from ps, waiting 6.25 seconds (unrecognized output from ps: ...) +# +################################################################################ + +dedup.BW READ: +dedup.DEBUG connection_handle_write(): After TLS write of +dedup.DEBUG flush_chunk_tls(): flushed +dedup.DEBUG conn_read_callback(): socket +dedup.DEBUG conn_write_callback(): socket +dedup.DEBUG connection_remove(): removing socket +dedup.DEBUG connection_or_process_cells_from_inbuf(): +dedup.DEBUG *pending in tls object). at_most +dedup.DEBUG connection_read_to_buf(): TLS connection closed on read. Closing. +dedup.INFO run_connection_housekeeping(): Expiring +dedup.INFO rep_hist_downrate_old_runs(): Discounting all old stability info by a factor of +dedup.INFO *build time we have ever observed. Capping it to +dedup.NOTICE *build time we have ever observed. Capping it to +dedup.NOTICE *We will now assume a circuit is too slow to use after waiting +dedup.NOTICE We stalled too much while trying to write +dedup.NOTICE I learned some more directory information, but not enough to build a circuit +dedup.NOTICE Attempt by +dedup.NOTICE *Loading relay descriptors. +dedup.WARN You specified a server +dedup.WARN I have no descriptor for the router named +dedup.WARN Controller gave us config lines that didn't validate +dedup.WARN Problem bootstrapping. Stuck at +dedup.WARN *missing key, +dedup.ARM_DEBUG refresh rate: +dedup.ARM_DEBUG proc call (cwd): +dedup.ARM_DEBUG proc call (memory usage): +dedup.ARM_DEBUG proc call (process command +dedup.ARM_DEBUG proc call (process utime +dedup.ARM_DEBUG proc call (process stime +dedup.ARM_DEBUG proc call (process start time +dedup.ARM_DEBUG proc call (process connections): +dedup.ARM_DEBUG system call: ps +dedup.ARM_DEBUG system call: netstat +dedup.ARM_DEBUG recreating panel ' +dedup.ARM_DEBUG redrawing the log panel with the corrected content height ( +dedup.ARM_DEBUG GETINFO accounting/bytes +dedup.ARM_DEBUG GETINFO accounting/bytes-left +dedup.ARM_DEBUG GETINFO accounting/interval-end +dedup.ARM_DEBUG GETINFO accounting/hibernating +dedup.ARM_DEBUG GETINFO traffic/read +dedup.ARM_DEBUG GETINFO traffic/written +dedup.ARM_DEBUG GETCONF +dedup.ARM_DEBUG Unable to query process resource usage from ps + diff --git a/arm/config/ports.cfg b/arm/config/ports.cfg new file mode 100644 index 0000000..b82edd3 --- /dev/null +++ b/arm/config/ports.cfg @@ -0,0 +1,312 @@ +################################################################################ +# +# Common usages for ports. This is based on... +# +# https://secure.wikimedia.org/wikipedia/en/wiki/List_of_TCP_and_UDP_port_numb... +# http://isc.sans.edu/services.html +# +################################################################################ + +port.label.1 TCPMUX +port.label.2 CompressNET +port.label.3 CompressNET +port.label.5 RJE +port.label.7 Echo +port.label.9 Discard +port.label.11 SYSTAT +port.label.13 Daytime +port.label.15 netstat +port.label.17 QOTD +port.label.18 MSP +port.label.19 CHARGEN +port.label.20 FTP +port.label.21 FTP +port.label.22 SSH +port.label.23 Telnet +port.label.24 Priv-mail +port.label.25 SMTP +port.label.34 RF +port.label.35 Printer +port.label.37 TIME +port.label.39 RLP +port.label.41 Graphics +port.label.42 WINS +port.label.43 WHOIS +port.label.47 NI FTP +port.label.49 TACACS +port.label.50 Remote Mail +port.label.51 IMP +port.label.52 XNS +port.label.53 DNS +port.label.54 XNS +port.label.55 ISI-GL +port.label.56 RAP +port.label.57 MTP +port.label.58 XNS +port.label.67 BOOTP +port.label.68 BOOTP +port.label.69 TFTP +port.label.70 Gopher +port.label.79 Finger +port.label.80 HTTP +port.label.81 HTTP Alternate +port.label.82 Torpark +port.label.83 MIT ML +port.label.88 Kerberos +port.label.90 dnsix +port.label.99 WIP +port.label.101 NIC +port.label.102 ISO-TSAP +port.label.104 ACR/NEMA +port.label.105 CCSO +port.label.107 Telnet +port.label.108 SNA +port.label.109 POP2 +port.label.110 POP3 +port.label.111 ONC RPC +port.label.113 ident +port.label.115 SFTP +port.label.117 UUCP +port.label.118 SQL +port.label.119 NNTP +port.label.123 NTP +port.label.135 DCE +port.label.137 NetBIOS +port.label.138 NetBIOS +port.label.139 NetBIOS +port.label.143 IMAP +port.label.152 BFTP +port.label.153 SGMP +port.label.156 SQL +port.label.158 DMSP +port.label.161 SNMP +port.label.162 SNMPTRAP +port.label.170 Print-srv +port.label.177 XDMCP +port.label.179 BGP +port.label.194 IRC +port.label.199 SMUX +port.label.201 AppleTalk +port.label.209 QMTP +port.label.210 ANSI +port.label.213 IPX +port.label.218 MPP +port.label.220 IMAP +port.label.256 2DEV +port.label.259 ESRO +port.label.264 BGMP +port.label.308 Novastor +port.label.311 OSX Admin +port.label.318 PKIX TSP +port.label.319 PTP +port.label.320 PTP +port.label.323 IMMP +port.label.350 MATIP +port.label.351 MATIP +port.label.366 ODMR +port.label.369 Rpc2portmap +port.label.370 codaauth2 +port.label.371 ClearCase +port.label.383 HP Alarm Mgr +port.label.384 ARNS +port.label.387 AURP +port.label.389 LDAP +port.label.401 UPS +port.label.402 Altiris +port.label.427 SLP +port.label.443 HTTPS +port.label.444 SNPP +port.label.445 SMB +port.label.464 Kerberos (kpasswd) +port.label.465 SMTP +port.label.475 tcpnethaspsrv +port.label.497 Retrospect +port.label.500 ISAKMP +port.label.501 STMF +port.label.502 Modbus +port.label.504 Citadel +port.label.510 FirstClass +port.label.512 Rexec +port.label.513 rlogin +port.label.514 rsh +port.label.515 LPD +port.label.517 Talk +port.label.518 NTalk +port.label.520 efs +port.label.524 NCP +port.label.530 RPC +port.label.531 AIM/IRC +port.label.532 netnews +port.label.533 netwall +port.label.540 UUCP +port.label.542 commerce +port.label.543 Kerberos (klogin) +port.label.544 Kerberos (kshell) +port.label.545 OSISoft PI +port.label.546 DHCPv6 +port.label.547 DHCPv6 +port.label.548 AFP +port.label.550 new-who +port.label.554 RTSP +port.label.556 RFS +port.label.560 rmonitor +port.label.561 monitor +port.label.563 NNTPS +port.label.587 SMTP +port.label.591 FileMaker +port.label.593 HTTP RPC +port.label.604 TUNNEL +port.label.623 ASF-RMCP +port.label.631 CUPS +port.label.635 RLZ DBase +port.label.636 LDAPS +port.label.639 MSDP +port.label.641 SupportSoft +port.label.646 LDP +port.label.647 DHCP +port.label.648 RRP +port.label.651 IEEE-MMS +port.label.652 DTCP +port.label.653 SupportSoft +port.label.654 MMS/MMP +port.label.657 RMC +port.label.660 OSX Admin +port.label.665 sun-dr +port.label.666 Doom +port.label.674 ACAP +port.label.691 MS Exchange +port.label.692 Hyperwave-ISP +port.label.694 Linux-HA +port.label.695 IEEE-MMS-SSL +port.label.698 OLSR +port.label.699 Access Network +port.label.700 EPP +port.label.701 LMP +port.label.702 IRIS +port.label.706 SILC +port.label.711 MPLS +port.label.712 TBRPF +port.label.720 SMQP +port.label.749 Kerberos (admin) +port.label.750 rfile +port.label.751 pump +port.label.752 qrh +port.label.753 rrh +port.label.754 tell send +port.label.760 ns +port.label.782 Conserver +port.label.783 spamd +port.label.829 CMP +port.label.843 Flash +port.label.847 DHCP +port.label.860 iSCSI +port.label.873 rsync +port.label.888 CDDB +port.label.901 SWAT +port.label.902-904 VMware +port.label.911 NCA +port.label.953 DNS RNDC +port.label.981 SofaWare Firewall +port.label.989 FTPS +port.label.990 FTPS +port.label.991 NAS +port.label.992 Telnet +port.label.993 IMAPS +port.label.994 IRC +port.label.995 POP3S +port.label.999 ScimoreDB +port.label.1001 JtoMB +port.label.1002 cogbot + +port.label.1080 SOCKS +port.label.1085 WebObjects +port.label.1109 KPOP +port.label.1169 Tripwire +port.label.1194 OpenVPN +port.label.1214 Kazaa +port.label.1220 QuickTime +port.label.1234 VLC +port.label.1241 Nessus +port.label.1270 SCOM +port.label.1293 IPSec +port.label.1433 MSSQL +port.label.1434 MSSQL +port.label.1500 NetGuard +port.label.1503 MSN +port.label.1512 WINS +port.label.1521 Oracle +port.label.1526 Oracle +port.label.1533 Sametime +port.label.1666 Perforce +port.label.1677 GroupWise +port.label.1723 PPTP +port.label.1725 Steam +port.label.1863 MSNP +port.label.2049 NFS +port.label.2082 Infowave +port.label.2083 radsec +port.label.2086 GNUnet +port.label.2087 ELI +port.label.2095 NBX SER +port.label.2096 NBX DIR +port.label.2102-2104 Zephyr +port.label.2401 CVS +port.label.2525 SMTP +port.label.2710 BitTorrent +port.label.3074 XBox LIVE +port.label.3101 BlackBerry +port.label.3128 SQUID +port.label.3306 MySQL +port.label.3389 WBT +port.label.3690 SVN +port.label.3723 Battle.net +port.label.3724 WoW +port.label.4321 RWHOIS +port.label.4643 Virtuozzo +port.label.4662 eMule +port.label.5003 FileMaker +port.label.5050 Yahoo IM +port.label.5060 SIP +port.label.5061 SIP +port.label.5190 AIM/ICQ +port.label.5222 Jabber +port.label.5223 Jabber +port.label.5228 Android Market +port.label.5269 Jabber +port.label.5298 Jabber +port.label.5432 PostgreSQL +port.label.5500 VNC +port.label.5556 Freeciv +port.label.5666 NRPE +port.label.5667 NSCA +port.label.5800 VNC +port.label.5900 VNC +port.label.6346 gnutella +port.label.6347 gnutella +port.label.6660-6669 IRC +port.label.6679 IRC +port.label.6697 IRC +port.label.6881-6999 BitTorrent +port.label.8000 iRDMI +port.label.8008 HTTP Alternate +port.label.8010 XMPP +port.label.8074 Gadu-Gadu +port.label.8080 HTTP Proxy +port.label.8087 SPP +port.label.8088 Radan HTTP +port.label.8118 Privoxy +port.label.8123 Polipo +port.label.8443 PCsync HTTPS +port.label.8888 NewsEDGE +port.label.9030 Tor +port.label.9050 Tor +port.label.9051 Tor +port.label.9418 Git +port.label.9999 distinct +port.label.10000 Webmin +port.label.19294 Google Voice +port.label.19638 Ensim +port.label.23399 Skype +port.label.30301 BitTorrent +port.label.33434 traceroute + diff --git a/arm/config/strings.cfg b/arm/config/strings.cfg new file mode 100644 index 0000000..cb1f7cf --- /dev/null +++ b/arm/config/strings.cfg @@ -0,0 +1,122 @@ +################################################################################ +# +# User facing strings. These are sorted into the following namespaces... +# +# * config parsing or handling configuration options +# * connect connection and authentication to tor +# * debug concerns the --debug argument +# * misc anything that doesn't fit into a present namespace +# * setup notificaitons or issues arising while starting arm +# * tracker related to tracking resource usage or connections +# * usage usage information about starting and running arm +# +################################################################################ + +msg.config.unable_to_load_settings Unable to load arm's internal configuration ({path}): {error} +msg.config.unable_to_read_file Failed to load configuration (using defaults): "{error}" +msg.config.nothing_loaded No armrc loaded, using defaults. You can customize arm by placing a configuration file at {path} (see the armrc.sample for its options). + +msg.connect.general_auth_failure Unable to authenticate: {error} +msg.connect.incorrect_password Incorrect password +msg.connect.no_control_port Unable to connect to tor. Maybe it's running without a ControlPort? +msg.connect.password_prompt Tor controller password: +msg.connect.socket_doesnt_exist The socket file you specified ({path}) doesn't exist +msg.connect.tor_isnt_running Unable to connect to tor. Are you sure it's running? +msg.connect.unable_to_use_port Unable to connect to {address}:{port}: {error} +msg.connect.unable_to_use_socket Unable to connect to '{path}': {error} + +msg.debug.saving_to_path Saving a debug log to {path}, please check it for sensitive information before sharing it. +msg.debug.unable_to_write_file Unable to write to our debug log file ({path}): {error} + +msg.setup.arm_is_running_as_root Arm is currently running with root permissions. This isn't a good idea, nor should it be necessary. Try starting arm with "sudo -u {tor_user} arm" instead. +msg.setup.chroot_doesnt_exist The chroot path set in your config ({path}) doesn't exist. +msg.setup.set_freebsd_chroot Adjusting paths to account for Tor running in a FreeBSD jail at: {path} +msg.setup.tor_is_running_as_root Tor is currently running with root permissions. This isn't a good idea, nor should it be necessary. See the 'User UID' option on Tor's man page for an easy method of reducing its permissions after startup. +msg.setup.unable_to_determine_pid Unable to determine Tor's pid. Some information, like its resource usage will be unavailable. +msg.setup.unknown_event_types arm doesn't recognize the following event types: {event_types} (log 'UNKNOWN' events to see them) + +msg.tracker.abort_getting_resources Failed three attempts to get process resource usage from {resolver}, {response} ({exc}) +msg.tracker.unable_to_get_resources Unable to query process resource usage from {resolver} ({exc}) +msg.tracker.unable_to_use_all_resolvers We were unable to use any of your system's resolvers to get tor's connections. This is fine, but means that the connections page will be empty. This is usually permissions related so if you would like to fix this then run arm with the same user as tor (ie, "sudo -u <tor user> arm"). +msg.tracker.unable_to_use_resolver Unable to query connections with {old_resolver}, trying {new_resolver} + +msg.usage.invalid_arguments {error} (for usage provide --help) +msg.usage.unrecognized_log_flag Unrecognized event flag: {flag} + +msg.connect.missing_password_bug +|BUG: You provided a password but despite this stem reported that it was +|missing. This shouldn't happen - please let us know about it! +| +| http://bugs.torproject.org + +msg.connect.unreadable_cookie_file +|We were unable to read tor's authentication cookie... +| +| Path: {path} +| Issue: {issue} + +msg.connect.wrong_port_type +|Please check in your torrc that {port} is the ControlPort. Maybe you +|configured it to be the ORPort or SocksPort instead? + +msg.connect.wrong_socket_type +|Unable to connect to tor. Are you sure the interface you specified belongs to +|tor? + +msg.debug.header +|Arm {arm_version} Debug Dump +|Stem Version: {stem_version} +|Python Version: {python_version} +|Platform: {system} ({platform}) +|-------------------------------------------------------------------------------- +|Arm Configuration ({armrc_path}): +|{armrc_content} +|-------------------------------------------------------------------------------- + +msg.misc.event_types +| d DEBUG a ADDRMAP k DESCCHANGED s STREAM +| i INFO f AUTHDIR_NEWDESCS g GUARD r STREAM_BW +| n NOTICE h BUILDTIMEOUT_SET l NEWCONSENSUS t STATUS_CLIENT +| w WARN b BW m NEWDESC u STATUS_GENERAL +| e ERR c CIRC p NS v STATUS_SERVER +| j CLIENTS_SEEN q ORCONN +| DINWE tor runlevel+ A All Events +| 12345 arm runlevel+ X No Events +| U Unknown Events + +msg.setup.unknown_term +|Unknown $TERM: ({term}) +|Either update your terminfo database or run arm using "TERM=xterm arm". +| + +msg.uncrcognized_auth_type +|Tor is using a type of authentication we do not recognize... +| +| {auth_methods} +| +|Please check that arm is up to date and if there is an existing issue on +|'http://bugs.torproject.org'. If there isn't one then let us know! + +msg.usage.help_output +|Usage arm [OPTION] +|Terminal status monitor for Tor relays. +| +| -i, --interface [ADDRESS:]PORT change control interface from {address}:{port} +| -s, --socket SOCKET_PATH attach using unix domain socket if present, +| SOCKET_PATH defaults to: {socket} +| -c, --config CONFIG_PATH loaded configuration options, CONFIG_PATH +| defaults to: {config} +| -d, --debug LOG_PATH writes all arm logs to the given location +| -e, --event EVENT_FLAGS event types in message log (default: {events}) +|{event_flags} +| -v, --version provides version information +| -h, --help presents this help +| +|Example: +|arm -i 1643 attach to control port 1643 +|arm -e we -c /tmp/cfg use this configuration file with 'WARN'/'ERR' events + +msg.usage.version_output +|arm version {version} (released {date}) +| + diff --git a/arm/config/torrc.cfg b/arm/config/torrc.cfg new file mode 100644 index 0000000..8e761eb --- /dev/null +++ b/arm/config/torrc.cfg @@ -0,0 +1,313 @@ +################################################################################ +# +# Information related to tor configuration options. This has two sections... +# +# * torrc.alias Aliases for configuration options tor will accept. +# * torrc.units Labels accepted by tor for various units. +# * torrc.important Important configuration options which are shown by default. +# * torrc.summary Short summary describing the option. +# +################################################################################ + +# Torrc aliases from the _option_abbrevs struct of 'src/or/config.c'. These +# couldn't be requested via GETCONF as of 0.2.1.19, but this might have been +# fixed. Discussion is in... +# +# https://trac.torproject.org/projects/tor/ticket/1802 +# +# TODO: Check if this workaround can be dropped later. + +torrc.alias l => Log +torrc.alias AllowUnverifiedNodes => AllowInvalidNodes +torrc.alias AutomapHostSuffixes => AutomapHostsSuffixes +torrc.alias AutomapHostOnResolve => AutomapHostsOnResolve +torrc.alias BandwidthRateBytes => BandwidthRate +torrc.alias BandwidthBurstBytes => BandwidthBurst +torrc.alias DirFetchPostPeriod => StatusFetchPeriod +torrc.alias MaxConn => ConnLimit +torrc.alias ORBindAddress => ORListenAddress +torrc.alias DirBindAddress => DirListenAddress +torrc.alias SocksBindAddress => SocksListenAddress +torrc.alias UseHelperNodes => UseEntryGuards +torrc.alias NumHelperNodes => NumEntryGuards +torrc.alias UseEntryNodes => UseEntryGuards +torrc.alias NumEntryNodes => NumEntryGuards +torrc.alias ResolvConf => ServerDNSResolvConfFile +torrc.alias SearchDomains => ServerDNSSearchDomains +torrc.alias ServerDNSAllowBrokenResolvConf => ServerDNSAllowBrokenConfig +torrc.alias PreferTunnelledDirConns => PreferTunneledDirConns +torrc.alias BridgeAuthoritativeDirectory => BridgeAuthoritativeDir +torrc.alias StrictEntryNodes => StrictNodes +torrc.alias StrictExitNodes => StrictNodes + +# Size and time modifiers allowed by 'src/or/config.c'. + +torrc.units.size.b b, byte, bytes +torrc.units.size.kb kb, kbyte, kbytes, kilobyte, kilobytes +torrc.units.size.mb m, mb, mbyte, mbytes, megabyte, megabytes +torrc.units.size.gb gb, gbyte, gbytes, gigabyte, gigabytes +torrc.units.size.tb tb, terabyte, terabytes + +torrc.units.time.sec second, seconds +torrc.units.time.min minute, minutes +torrc.units.time.hour hour, hours +torrc.units.time.day day, days +torrc.units.time.week week, weeks + +# Especially important tor configuration options. + +torrc.important BandwidthRate +torrc.important BandwidthBurst +torrc.important RelayBandwidthRate +torrc.important RelayBandwidthBurst +torrc.important ControlPort +torrc.important HashedControlPassword +torrc.important CookieAuthentication +torrc.important DataDirectory +torrc.important Log +torrc.important RunAsDaemon +torrc.important User + +torrc.important Bridge +torrc.important ExcludeNodes +torrc.important MaxCircuitDirtiness +torrc.important SocksPort +torrc.important UseBridges + +torrc.important BridgeRelay +torrc.important ContactInfo +torrc.important ExitPolicy +torrc.important MyFamily +torrc.important Nickname +torrc.important ORPort +torrc.important PortForwarding +torrc.important AccountingMax +torrc.important AccountingStart + +torrc.important DirPortFrontPage +torrc.important DirPort + +torrc.important HiddenServiceDir +torrc.important HiddenServicePort + +# General Config Options + +torrc.summary.BandwidthRate Average bandwidth usage limit +torrc.summary.BandwidthBurst Maximum bandwidth usage limit +torrc.summary.MaxAdvertisedBandwidth Limit for the bandwidth we advertise as being available for relaying +torrc.summary.RelayBandwidthRate Average bandwidth usage limit for relaying +torrc.summary.RelayBandwidthBurst Maximum bandwidth usage limit for relaying +torrc.summary.PerConnBWRate Average relayed bandwidth limit per connection +torrc.summary.PerConnBWBurst Maximum relayed bandwidth limit per connection +torrc.summary.ConnLimit Minimum number of file descriptors for Tor to start +torrc.summary.ConstrainedSockets Shrinks sockets to ConstrainedSockSize +torrc.summary.ConstrainedSockSize Limit for the received and transmit buffers of sockets +torrc.summary.ControlPort Port providing access to tor controllers (arm, vidalia, etc) +torrc.summary.ControlListenAddress Address providing controller access +torrc.summary.ControlSocket Socket providing controller access +torrc.summary.HashedControlPassword Hash of the password for authenticating to the control port +torrc.summary.CookieAuthentication If set, authenticates controllers via a cookie +torrc.summary.CookieAuthFile Location of the authentication cookie +torrc.summary.CookieAuthFileGroupReadable Group read permissions for the authentication cookie +torrc.summary.ControlPortWriteToFile Path for a file tor writes containing its control port +torrc.summary.ControlPortFileGroupReadable Group read permissions for the control port file +torrc.summary.DataDirectory Location for storing runtime data (state, keys, etc) +torrc.summary.DirServer Alternative directory authorities +torrc.summary.AlternateDirAuthority Alternative directory authorities (consensus only) +torrc.summary.AlternateHSAuthority Alternative directory authorities (hidden services only) +torrc.summary.AlternateBridgeAuthority Alternative directory authorities (bridges only) +torrc.summary.DisableAllSwap Locks all allocated memory so they can't be paged out +torrc.summary.FetchDirInfoEarly Keeps consensus information up to date, even if unnecessary +torrc.summary.FetchDirInfoExtraEarly Updates consensus information when it's first available +torrc.summary.FetchHidServDescriptors Toggles if hidden service descriptors are fetched automatically or not +torrc.summary.FetchServerDescriptors Toggles if the consensus is fetched automatically or not +torrc.summary.FetchUselessDescriptors Toggles if relay descriptors are fetched when they aren't strictly necessary +torrc.summary.Group GID for the process when started +torrc.summary.HttpProxy HTTP proxy for connecting to tor +torrc.summary.HttpProxyAuthenticator Authentication credentials for HttpProxy +torrc.summary.HttpsProxy SSL proxy for connecting to tor +torrc.summary.HttpsProxyAuthenticator Authentication credentials for HttpsProxy +torrc.summary.Socks4Proxy SOCKS 4 proxy for connecting to tor +torrc.summary.Socks5Proxy SOCKS 5 for connecting to tor +torrc.summary.Socks5ProxyUsername Username for connecting to the Socks5Proxy +torrc.summary.Socks5ProxyPassword Password for connecting to the Socks5Proxy +torrc.summary.KeepalivePeriod Rate at which to send keepalive packets +torrc.summary.Log Runlevels and location for tor logging +torrc.summary.LogMessageDomains Includes a domain when logging messages +torrc.summary.OutboundBindAddress Sets the IP used for connecting to tor +torrc.summary.PidFile Path for a file tor writes containing its process id +torrc.summary.ProtocolWarnings Toggles if protocol errors give warnings or not +torrc.summary.RunAsDaemon Toggles if tor runs as a daemon process +torrc.summary.LogTimeGranularity limits granularity of log message timestamps +torrc.summary.SafeLogging Toggles if logs are scrubbed of sensitive information +torrc.summary.User UID for the process when started +torrc.summary.HardwareAccel Toggles if tor attempts to use hardware acceleration +torrc.summary.AccelName OpenSSL engine name for crypto acceleration +torrc.summary.AccelDir Crypto acceleration library path +torrc.summary.AvoidDiskWrites Toggles if tor avoids frequently writing to disk +torrc.summary.TunnelDirConns Toggles if directory requests can be made over the ORPort +torrc.summary.PreferTunneledDirConns Avoids directory requests that can't be made over the ORPort if set +torrc.summary.CircuitPriorityHalflife Overwrite method for prioritizing traffic among relayed connections +torrc.summary.DisableIOCP Disables use of the Windows IOCP networking API +torrc.summary.CountPrivateBandwidth Applies rate limiting to private IP addresses + +# Client Config Options + +torrc.summary.AllowInvalidNodes Permits use of relays flagged as invalid by authorities +torrc.summary.ExcludeSingleHopRelays Permits use of relays that allow single hop connections +torrc.summary.Bridge Available bridges +torrc.summary.LearnCircuitBuildTimeout Toggles adaptive timeouts for circuit creation +torrc.summary.CircuitBuildTimeout Initial timeout for circuit creation +torrc.summary.CircuitIdleTimeout Timeout for closing circuits that have never been used +torrc.summary.CircuitStreamTimeout Timeout for shifting streams among circuits +torrc.summary.ClientOnly Ensures that we aren't used as a relay or directory mirror +torrc.summary.ExcludeNodes Relays or locales never to be used in circuits +torrc.summary.ExcludeExitNodes Relays or locales never to be used for exits +torrc.summary.ExitNodes Preferred final hop for circuits +torrc.summary.EntryNodes Preferred first hops for circuits +torrc.summary.StrictNodes Never uses notes outside of Entry/ExitNodes +torrc.summary.FascistFirewall Only make outbound connections on FirewallPorts +torrc.summary.FirewallPorts Ports used by FascistFirewall +torrc.summary.HidServAuth Authentication credentials for connecting to a hidden service +torrc.summary.ReachableAddresses Rules for bypassing the local firewall +torrc.summary.ReachableDirAddresses Rules for bypassing the local firewall (directory fetches) +torrc.summary.ReachableORAddresses Rules for bypassing the local firewall (OR connections) +torrc.summary.LongLivedPorts Ports requiring highly reliable relays +torrc.summary.MapAddress Alias mappings for address requests +torrc.summary.NewCircuitPeriod Period for considering the creation of new circuits +torrc.summary.MaxCircuitDirtiness Duration for reusing constructed circuits +torrc.summary.NodeFamily Define relays as belonging to a family +torrc.summary.EnforceDistinctSubnets Prevent use of multiple relays from the same subnet on a circuit +torrc.summary.SocksPort Port for using tor as a Socks proxy +torrc.summary.SocksListenAddress Address from which Socks connections can be made +torrc.summary.SocksPolicy Access policy for the pocks port +torrc.summary.SocksTimeout Time until idle or unestablished socks connections are closed +torrc.summary.TrackHostExits Maintains use of the same exit whenever connecting to this destination +torrc.summary.TrackHostExitsExpire Time until use of an exit for tracking expires +torrc.summary.UpdateBridgesFromAuthority Toggles fetching bridge descriptors from the authorities +torrc.summary.UseBridges Make use of configured bridges +torrc.summary.UseEntryGuards Use guard relays for first hop +torrc.summary.NumEntryGuards Pool size of guard relays we'll select from +torrc.summary.SafeSocks Toggles rejecting unsafe variants of the socks protocol +torrc.summary.TestSocks Provide notices for if socks connections are of the safe or unsafe variants +torrc.summary.WarnUnsafeSocks Toggle warning of unsafe socks connection +torrc.summary.VirtualAddrNetwork Address range used with MAPADDRESS +torrc.summary.AllowNonRFC953Hostnames Toggles blocking invalid characters in hostname resolution +torrc.summary.AllowDotExit Toggles allowing exit notation in addresses +torrc.summary.FastFirstHopPK Toggle public key usage for the first hop +torrc.summary.TransPort Port for transparent proxying if the OS supports it +torrc.summary.TransListenAddress Address from which transparent proxy connections can be made +torrc.summary.NATDPort Port for forwarding ipfw NATD connections +torrc.summary.NATDListenAddress Address from which NATD forwarded connections can be made +torrc.summary.AutomapHostsOnResolve Map addresses ending with special suffixes to virtual addresses +torrc.summary.AutomapHostsSuffixes Address suffixes recognized by AutomapHostsOnResolve +torrc.summary.DNSPort Port from which DNS responses are fetched instead of tor +torrc.summary.DNSListenAddress Address for performing DNS resolution +torrc.summary.ClientDNSRejectInternalAddresses Ignores DNS responses for internal addresses +torrc.summary.ClientRejectInternalAddresses Disables use of Tor for internal connections +torrc.summary.DownloadExtraInfo Toggles fetching of extra information about relays +torrc.summary.FallbackNetworkstatusFile Path for a fallback cache of the consensus +torrc.summary.WarnPlaintextPorts Toggles warnings for using risky ports +torrc.summary.RejectPlaintextPorts Prevents connections on risky ports +torrc.summary.AllowSingleHopCircuits Makes use of single hop exits if able + +# Server Config Options + +torrc.summary.Address Overwrites address others will use to reach this relay +torrc.summary.AllowSingleHopExits Toggles permitting use of this relay as a single hop proxy +torrc.summary.AssumeReachable Skips reachability test at startup +torrc.summary.BridgeRelay Act as a bridge +torrc.summary.ContactInfo Contact information for this relay +torrc.summary.ExitPolicy Traffic destinations that can exit from this relay +torrc.summary.ExitPolicyRejectPrivate Prevent exiting connection on the local network +torrc.summary.MaxOnionsPending Decryption queue size +torrc.summary.MyFamily Other relays this operator administers +torrc.summary.Nickname Identifier for this relay +torrc.summary.NumCPUs Number of processes spawned for decryption +torrc.summary.ORPort Port used to accept relay traffic +torrc.summary.ORListenAddress Address for relay connections +torrc.summary.PortForwarding Use UPnP or NAT-PMP if needed to relay +torrc.summary.PortForwardingHelper Executable for configuring port forwarding +torrc.summary.PublishServerDescriptor Types of descriptors published +torrc.summary.ShutdownWaitLength Delay before quitting after receiving a SIGINT signal +torrc.summary.HeartbeatPeriod Rate at which an INFO level heartbeat message is sent +torrc.summary.AccountingMax Amount of traffic before hibernating +torrc.summary.AccountingStart Duration of an accounting period +torrc.summary.RefuseUnknownExits Prevents relays not in the consensus from using us as an exit +torrc.summary.ServerDNSResolvConfFile Overriding resolver config for DNS queries we provide +torrc.summary.ServerDNSAllowBrokenConfig Toggles if we persist despite configuration parsing errors or not +torrc.summary.ServerDNSSearchDomains Toggles if our DNS queries search for addresses in the local domain +torrc.summary.ServerDNSDetectHijacking Toggles testing for DNS hijacking +torrc.summary.ServerDNSTestAddresses Addresses to test to see if valid DNS queries are being hijacked +torrc.summary.ServerDNSAllowNonRFC953Hostnames Toggles if we reject DNS queries with invalid characters +torrc.summary.BridgeRecordUsageByCountry Tracks geoip information on bridge usage +torrc.summary.ServerDNSRandomizeCase Toggles DNS query case randomization +torrc.summary.GeoIPFile Path to file containing geoip information +torrc.summary.CellStatistics Toggles storing circuit queue duration to disk +torrc.summary.DirReqStatistics Toggles storing network status counts and performance to disk +torrc.summary.EntryStatistics Toggles storing client connection counts to disk +torrc.summary.ExitPortStatistics Toggles storing traffic and port usage data to disk +torrc.summary.ConnDirectionStatistics Toggles storing connection use to disk +torrc.summary.ExtraInfoStatistics Publishes statistic data in the extra-info documents + +# Directory Server Options + +torrc.summary.AuthoritativeDirectory Act as a directory authority +torrc.summary.DirPortFrontPage Publish this html file on the DirPort +torrc.summary.V1AuthoritativeDirectory Generates a version 1 consensus +torrc.summary.V2AuthoritativeDirectory Generates a version 2 consensus +torrc.summary.V3AuthoritativeDirectory Generates a version 3 consensus +torrc.summary.VersioningAuthoritativeDirectory Provides opinions on recommended versions of tor +torrc.summary.NamingAuthoritativeDirectory Provides opinions on fingerprint to nickname bindings +torrc.summary.HSAuthoritativeDir Toggles accepting hidden service descriptors +torrc.summary.HidServDirectoryV2 Toggles accepting version 2 hidden service descriptors +torrc.summary.BridgeAuthoritativeDir Acts as a bridge authority +torrc.summary.MinUptimeHidServDirectoryV2 Required uptime before accepting hidden service directory +torrc.summary.DirPort Port for directory connections +torrc.summary.DirListenAddress Address the directory service is bound to +torrc.summary.DirPolicy Access policy for the DirPort +torrc.summary.FetchV2Networkstatus Get the obsolete V2 consensus + +# Directory Authority Server Options + +torrc.summary.RecommendedVersions Tor versions believed to be safe +torrc.summary.RecommendedClientVersions Tor versions believed to be safe for clients +torrc.summary.RecommendedServerVersions Tor versions believed to be safe for relays +torrc.summary.ConsensusParams Params entry of the networkstatus vote +torrc.summary.DirAllowPrivateAddresses Toggles allowing arbitrary input or non-public IPs in descriptors +torrc.summary.AuthDirBadDir Relays to be flagged as bad directory caches +torrc.summary.AuthDirBadExit Relays to be flagged as bad exits +torrc.summary.AuthDirInvalid Relays from which the valid flag is withheld +torrc.summary.AuthDirReject Relays to be dropped from the consensus +torrc.summary.AuthDirListBadDirs Toggles if we provide an opinion on bad directory caches +torrc.summary.AuthDirListBadExits Toggles if we provide an opinion on bad exits +torrc.summary.AuthDirRejectUnlisted Rejects further relay descriptors +torrc.summary.AuthDirMaxServersPerAddr Limit on the number of relays accepted per ip +torrc.summary.AuthDirMaxServersPerAuthAddr Limit on the number of relays accepted per an authority's ip +torrc.summary.BridgePassword Password for requesting bridge information +torrc.summary.V3AuthVotingInterval Consensus voting interval +torrc.summary.V3AuthVoteDelay Wait time to collect votes of other authorities +torrc.summary.V3AuthDistDelay Wait time to collect the signatures of other authorities +torrc.summary.V3AuthNIntervalsValid Number of voting intervals a consensus is valid for +torrc.summary.V3BandwidthsFile Path to a file containing measured relay bandwidths +torrc.summary.V3AuthUseLegacyKey Signs consensus with both the current and legacy keys +torrc.summary.RephistTrackTime Discards old, unchanged reliability informaition + +# Hidden Service Options + +torrc.summary.HiddenServiceDir Directory contents for the hidden service +torrc.summary.HiddenServicePort Port the hidden service is provided on +torrc.summary.PublishHidServDescriptors Toggles automated publishing of the hidden service to the rendezvous directory +torrc.summary.HiddenServiceVersion Version for published hidden service descriptors +torrc.summary.HiddenServiceAuthorizeClient Restricts access to the hidden service +torrc.summary.RendPostPeriod Period at which the rendezvous service descriptors are refreshed + +# Testing Network Options + +torrc.summary.TestingTorNetwork Overrides other options to be a testing network +torrc.summary.TestingV3AuthInitialVotingInterval Overrides V3AuthVotingInterval for the first consensus +torrc.summary.TestingV3AuthInitialVoteDelay Overrides TestingV3AuthInitialVoteDelay for the first consensus +torrc.summary.TestingV3AuthInitialDistDelay Overrides TestingV3AuthInitialDistDelay for the first consensus +torrc.summary.TestingAuthDirTimeToLearnReachability Delay until opinions are given about which relays are running or not +torrc.summary.TestingEstimatedDescriptorPropagationTime Delay before clients attempt to fetch descriptors from directory caches + diff --git a/arm/logPanel.py b/arm/logPanel.py index 9b877d0..ac1cb7f 100644 --- a/arm/logPanel.py +++ b/arm/logPanel.py @@ -176,7 +176,7 @@ def loadLogMessages():

COMMON_LOG_MESSAGES = {} for confKey in armConf.keys(): - if confKey.startswith("msg."): + if confKey.startswith("dedup."): eventType = confKey[4:].upper() messages = armConf.get(confKey, []) COMMON_LOG_MESSAGES[eventType] = messages diff --git a/arm/settings.cfg b/arm/settings.cfg deleted file mode 100644 index eac04e2..0000000 --- a/arm/settings.cfg +++ /dev/null @@ -1,826 +0,0 @@ -settings_loaded true - -################################################################################ -# -# User facing strings. These are sorted into the following namespaces... -# -# * config parsing or handling configuration options -# * connect connection and authentication to tor -# * debug concerns the --debug argument -# * misc anything that doesn't fit into a present namespace -# * setup notificaitons or issues arising while starting arm -# * tracker related to tracking resource usage or connections -# * usage usage information about starting and running arm -# -################################################################################ - -msg.config.unable_to_load_settings Unable to load arm's internal configuration ({path}): {error} -msg.config.unable_to_read_file Failed to load configuration (using defaults): "{error}" -msg.config.nothing_loaded No armrc loaded, using defaults. You can customize arm by placing a configuration file at {path} (see the armrc.sample for its options). -msg.connect.general_auth_failure Unable to authenticate: {error} -msg.connect.incorrect_password Incorrect password -msg.connect.no_control_port Unable to connect to tor. Maybe it's running without a ControlPort? -msg.connect.password_prompt Tor controller password: -msg.connect.socket_doesnt_exist The socket file you specified ({path}) doesn't exist -msg.connect.tor_isnt_running Unable to connect to tor. Are you sure it's running? -msg.connect.unable_to_use_port Unable to connect to {address}:{port}: {error} -msg.connect.unable_to_use_socket Unable to connect to '{path}': {error} -msg.debug.saving_to_path Saving a debug log to {path}, please check it for sensitive information before sharing it. -msg.debug.unable_to_write_file Unable to write to our debug log file ({path}): {error} -msg.setup.arm_is_running_as_root Arm is currently running with root permissions. This isn't a good idea, nor should it be necessary. Try starting arm with "sudo -u {tor_user} arm" instead. -msg.setup.chroot_doesnt_exist The chroot path set in your config ({path}) doesn't exist. -msg.setup.set_freebsd_chroot Adjusting paths to account for Tor running in a FreeBSD jail at: {path} -msg.setup.tor_is_running_as_root Tor is currently running with root permissions. This isn't a good idea, nor should it be necessary. See the 'User UID' option on Tor's man page for an easy method of reducing its permissions after startup. -msg.setup.unable_to_determine_pid Unable to determine Tor's pid. Some information, like its resource usage will be unavailable. -msg.setup.unknown_event_types arm doesn't recognize the following event types: {event_types} (log 'UNKNOWN' events to see them) -msg.tracker.abort_getting_resources Failed three attempts to get process resource usage from {resolver}, {response} ({exc}) -msg.tracker.unable_to_get_resources Unable to query process resource usage from {resolver} ({exc}) -msg.tracker.unable_to_use_all_resolvers We were unable to use any of your system's resolvers to get tor's connections. This is fine, but means that the connections page will be empty. This is usually permissions related so if you would like to fix this then run arm with the same user as tor (ie, "sudo -u <tor user> arm"). -msg.tracker.unable_to_use_resolver Unable to query connections with {old_resolver}, trying {new_resolver} -msg.usage.invalid_arguments {error} (for usage provide --help) -msg.usage.unrecognized_log_flag Unrecognized event flag: {flag} - -msg.connect.missing_password_bug -|BUG: You provided a password but despite this stem reported that it was -|missing. This shouldn't happen - please let us know about it! -| -| http://bugs.torproject.org - -msg.connect.unreadable_cookie_file -|We were unable to read tor's authentication cookie... -| -| Path: {path} -| Issue: {issue} - -msg.connect.wrong_port_type -|Please check in your torrc that {port} is the ControlPort. Maybe you -|configured it to be the ORPort or SocksPort instead? - -msg.connect.wrong_socket_type -|Unable to connect to tor. Are you sure the interface you specified belongs to -|tor? - -msg.debug.header -|Arm {arm_version} Debug Dump -|Stem Version: {stem_version} -|Python Version: {python_version} -|Platform: {system} ({platform}) -|-------------------------------------------------------------------------------- -|Arm Configuration ({armrc_path}): -|{armrc_content} -|-------------------------------------------------------------------------------- - -msg.misc.event_types -| d DEBUG a ADDRMAP k DESCCHANGED s STREAM -| i INFO f AUTHDIR_NEWDESCS g GUARD r STREAM_BW -| n NOTICE h BUILDTIMEOUT_SET l NEWCONSENSUS t STATUS_CLIENT -| w WARN b BW m NEWDESC u STATUS_GENERAL -| e ERR c CIRC p NS v STATUS_SERVER -| j CLIENTS_SEEN q ORCONN -| DINWE tor runlevel+ A All Events -| 12345 arm runlevel+ X No Events -| U Unknown Events - -msg.setup.unknown_term -|Unknown $TERM: ({term}) -|Either update your terminfo database or run arm using "TERM=xterm arm". -| - -msg.uncrcognized_auth_type -|Tor is using a type of authentication we do not recognize... -| -| {auth_methods} -| -|Please check that arm is up to date and if there is an existing issue on -|'http://bugs.torproject.org'. If there isn't one then let us know! - -msg.usage.help_output -|Usage arm [OPTION] -|Terminal status monitor for Tor relays. -| -| -i, --interface [ADDRESS:]PORT change control interface from {address}:{port} -| -s, --socket SOCKET_PATH attach using unix domain socket if present, -| SOCKET_PATH defaults to: {socket} -| -c, --config CONFIG_PATH loaded configuration options, CONFIG_PATH -| defaults to: {config} -| -d, --debug LOG_PATH writes all arm logs to the given location -| -e, --event EVENT_FLAGS event types in message log (default: {events}) -|{event_flags} -| -v, --version provides version information -| -h, --help presents this help -| -|Example: -|arm -i 1643 attach to control port 1643 -|arm -e we -c /tmp/cfg use this configuration file with 'WARN'/'ERR' events - -msg.usage.version_output -|arm version {version} (released {date}) -| - -# Important tor configuration options (shown by default) -config.important BandwidthRate -config.important BandwidthBurst -config.important RelayBandwidthRate -config.important RelayBandwidthBurst -config.important ControlPort -config.important HashedControlPassword -config.important CookieAuthentication -config.important DataDirectory -config.important Log -config.important RunAsDaemon -config.important User - -config.important Bridge -config.important ExcludeNodes -config.important MaxCircuitDirtiness -config.important SocksPort -config.important UseBridges - -config.important BridgeRelay -config.important ContactInfo -config.important ExitPolicy -config.important MyFamily -config.important Nickname -config.important ORPort -config.important PortForwarding -config.important AccountingMax -config.important AccountingStart - -config.important DirPortFrontPage -config.important DirPort - -config.important HiddenServiceDir -config.important HiddenServicePort - -# Summary descriptions for Tor configuration options -# General Config Options -config.summary.BandwidthRate Average bandwidth usage limit -config.summary.BandwidthBurst Maximum bandwidth usage limit -config.summary.MaxAdvertisedBandwidth Limit for the bandwidth we advertise as being available for relaying -config.summary.RelayBandwidthRate Average bandwidth usage limit for relaying -config.summary.RelayBandwidthBurst Maximum bandwidth usage limit for relaying -config.summary.PerConnBWRate Average relayed bandwidth limit per connection -config.summary.PerConnBWBurst Maximum relayed bandwidth limit per connection -config.summary.ConnLimit Minimum number of file descriptors for Tor to start -config.summary.ConstrainedSockets Shrinks sockets to ConstrainedSockSize -config.summary.ConstrainedSockSize Limit for the received and transmit buffers of sockets -config.summary.ControlPort Port providing access to tor controllers (arm, vidalia, etc) -config.summary.ControlListenAddress Address providing controller access -config.summary.ControlSocket Socket providing controller access -config.summary.HashedControlPassword Hash of the password for authenticating to the control port -config.summary.CookieAuthentication If set, authenticates controllers via a cookie -config.summary.CookieAuthFile Location of the authentication cookie -config.summary.CookieAuthFileGroupReadable Group read permissions for the authentication cookie -config.summary.ControlPortWriteToFile Path for a file tor writes containing its control port -config.summary.ControlPortFileGroupReadable Group read permissions for the control port file -config.summary.DataDirectory Location for storing runtime data (state, keys, etc) -config.summary.DirServer Alternative directory authorities -config.summary.AlternateDirAuthority Alternative directory authorities (consensus only) -config.summary.AlternateHSAuthority Alternative directory authorities (hidden services only) -config.summary.AlternateBridgeAuthority Alternative directory authorities (bridges only) -config.summary.DisableAllSwap Locks all allocated memory so they can't be paged out -config.summary.FetchDirInfoEarly Keeps consensus information up to date, even if unnecessary -config.summary.FetchDirInfoExtraEarly Updates consensus information when it's first available -config.summary.FetchHidServDescriptors Toggles if hidden service descriptors are fetched automatically or not -config.summary.FetchServerDescriptors Toggles if the consensus is fetched automatically or not -config.summary.FetchUselessDescriptors Toggles if relay descriptors are fetched when they aren't strictly necessary -config.summary.Group GID for the process when started -config.summary.HttpProxy HTTP proxy for connecting to tor -config.summary.HttpProxyAuthenticator Authentication credentials for HttpProxy -config.summary.HttpsProxy SSL proxy for connecting to tor -config.summary.HttpsProxyAuthenticator Authentication credentials for HttpsProxy -config.summary.Socks4Proxy SOCKS 4 proxy for connecting to tor -config.summary.Socks5Proxy SOCKS 5 for connecting to tor -config.summary.Socks5ProxyUsername Username for connecting to the Socks5Proxy -config.summary.Socks5ProxyPassword Password for connecting to the Socks5Proxy -config.summary.KeepalivePeriod Rate at which to send keepalive packets -config.summary.Log Runlevels and location for tor logging -config.summary.LogMessageDomains Includes a domain when logging messages -config.summary.OutboundBindAddress Sets the IP used for connecting to tor -config.summary.PidFile Path for a file tor writes containing its process id -config.summary.ProtocolWarnings Toggles if protocol errors give warnings or not -config.summary.RunAsDaemon Toggles if tor runs as a daemon process -config.summary.LogTimeGranularity limits granularity of log message timestamps -config.summary.SafeLogging Toggles if logs are scrubbed of sensitive information -config.summary.User UID for the process when started -config.summary.HardwareAccel Toggles if tor attempts to use hardware acceleration -config.summary.AccelName OpenSSL engine name for crypto acceleration -config.summary.AccelDir Crypto acceleration library path -config.summary.AvoidDiskWrites Toggles if tor avoids frequently writing to disk -config.summary.TunnelDirConns Toggles if directory requests can be made over the ORPort -config.summary.PreferTunneledDirConns Avoids directory requests that can't be made over the ORPort if set -config.summary.CircuitPriorityHalflife Overwrite method for prioritizing traffic among relayed connections -config.summary.DisableIOCP Disables use of the Windows IOCP networking API -config.summary.CountPrivateBandwidth Applies rate limiting to private IP addresses - -# Client Config Options -config.summary.AllowInvalidNodes Permits use of relays flagged as invalid by authorities -config.summary.ExcludeSingleHopRelays Permits use of relays that allow single hop connections -config.summary.Bridge Available bridges -config.summary.LearnCircuitBuildTimeout Toggles adaptive timeouts for circuit creation -config.summary.CircuitBuildTimeout Initial timeout for circuit creation -config.summary.CircuitIdleTimeout Timeout for closing circuits that have never been used -config.summary.CircuitStreamTimeout Timeout for shifting streams among circuits -config.summary.ClientOnly Ensures that we aren't used as a relay or directory mirror -config.summary.ExcludeNodes Relays or locales never to be used in circuits -config.summary.ExcludeExitNodes Relays or locales never to be used for exits -config.summary.ExitNodes Preferred final hop for circuits -config.summary.EntryNodes Preferred first hops for circuits -config.summary.StrictNodes Never uses notes outside of Entry/ExitNodes -config.summary.FascistFirewall Only make outbound connections on FirewallPorts -config.summary.FirewallPorts Ports used by FascistFirewall -config.summary.HidServAuth Authentication credentials for connecting to a hidden service -config.summary.ReachableAddresses Rules for bypassing the local firewall -config.summary.ReachableDirAddresses Rules for bypassing the local firewall (directory fetches) -config.summary.ReachableORAddresses Rules for bypassing the local firewall (OR connections) -config.summary.LongLivedPorts Ports requiring highly reliable relays -config.summary.MapAddress Alias mappings for address requests -config.summary.NewCircuitPeriod Period for considering the creation of new circuits -config.summary.MaxCircuitDirtiness Duration for reusing constructed circuits -config.summary.NodeFamily Define relays as belonging to a family -config.summary.EnforceDistinctSubnets Prevent use of multiple relays from the same subnet on a circuit -config.summary.SocksPort Port for using tor as a Socks proxy -config.summary.SocksListenAddress Address from which Socks connections can be made -config.summary.SocksPolicy Access policy for the pocks port -config.summary.SocksTimeout Time until idle or unestablished socks connections are closed -config.summary.TrackHostExits Maintains use of the same exit whenever connecting to this destination -config.summary.TrackHostExitsExpire Time until use of an exit for tracking expires -config.summary.UpdateBridgesFromAuthority Toggles fetching bridge descriptors from the authorities -config.summary.UseBridges Make use of configured bridges -config.summary.UseEntryGuards Use guard relays for first hop -config.summary.NumEntryGuards Pool size of guard relays we'll select from -config.summary.SafeSocks Toggles rejecting unsafe variants of the socks protocol -config.summary.TestSocks Provide notices for if socks connections are of the safe or unsafe variants -config.summary.WarnUnsafeSocks Toggle warning of unsafe socks connection -config.summary.VirtualAddrNetwork Address range used with MAPADDRESS -config.summary.AllowNonRFC953Hostnames Toggles blocking invalid characters in hostname resolution -config.summary.AllowDotExit Toggles allowing exit notation in addresses -config.summary.FastFirstHopPK Toggle public key usage for the first hop -config.summary.TransPort Port for transparent proxying if the OS supports it -config.summary.TransListenAddress Address from which transparent proxy connections can be made -config.summary.NATDPort Port for forwarding ipfw NATD connections -config.summary.NATDListenAddress Address from which NATD forwarded connections can be made -config.summary.AutomapHostsOnResolve Map addresses ending with special suffixes to virtual addresses -config.summary.AutomapHostsSuffixes Address suffixes recognized by AutomapHostsOnResolve -config.summary.DNSPort Port from which DNS responses are fetched instead of tor -config.summary.DNSListenAddress Address for performing DNS resolution -config.summary.ClientDNSRejectInternalAddresses Ignores DNS responses for internal addresses -config.summary.ClientRejectInternalAddresses Disables use of Tor for internal connections -config.summary.DownloadExtraInfo Toggles fetching of extra information about relays -config.summary.FallbackNetworkstatusFile Path for a fallback cache of the consensus -config.summary.WarnPlaintextPorts Toggles warnings for using risky ports -config.summary.RejectPlaintextPorts Prevents connections on risky ports -config.summary.AllowSingleHopCircuits Makes use of single hop exits if able - -# Server Config Options -config.summary.Address Overwrites address others will use to reach this relay -config.summary.AllowSingleHopExits Toggles permitting use of this relay as a single hop proxy -config.summary.AssumeReachable Skips reachability test at startup -config.summary.BridgeRelay Act as a bridge -config.summary.ContactInfo Contact information for this relay -config.summary.ExitPolicy Traffic destinations that can exit from this relay -config.summary.ExitPolicyRejectPrivate Prevent exiting connection on the local network -config.summary.MaxOnionsPending Decryption queue size -config.summary.MyFamily Other relays this operator administers -config.summary.Nickname Identifier for this relay -config.summary.NumCPUs Number of processes spawned for decryption -config.summary.ORPort Port used to accept relay traffic -config.summary.ORListenAddress Address for relay connections -config.summary.PortForwarding Use UPnP or NAT-PMP if needed to relay -config.summary.PortForwardingHelper Executable for configuring port forwarding -config.summary.PublishServerDescriptor Types of descriptors published -config.summary.ShutdownWaitLength Delay before quitting after receiving a SIGINT signal -config.summary.HeartbeatPeriod Rate at which an INFO level heartbeat message is sent -config.summary.AccountingMax Amount of traffic before hibernating -config.summary.AccountingStart Duration of an accounting period -config.summary.RefuseUnknownExits Prevents relays not in the consensus from using us as an exit -config.summary.ServerDNSResolvConfFile Overriding resolver config for DNS queries we provide -config.summary.ServerDNSAllowBrokenConfig Toggles if we persist despite configuration parsing errors or not -config.summary.ServerDNSSearchDomains Toggles if our DNS queries search for addresses in the local domain -config.summary.ServerDNSDetectHijacking Toggles testing for DNS hijacking -config.summary.ServerDNSTestAddresses Addresses to test to see if valid DNS queries are being hijacked -config.summary.ServerDNSAllowNonRFC953Hostnames Toggles if we reject DNS queries with invalid characters -config.summary.BridgeRecordUsageByCountry Tracks geoip information on bridge usage -config.summary.ServerDNSRandomizeCase Toggles DNS query case randomization -config.summary.GeoIPFile Path to file containing geoip information -config.summary.CellStatistics Toggles storing circuit queue duration to disk -config.summary.DirReqStatistics Toggles storing network status counts and performance to disk -config.summary.EntryStatistics Toggles storing client connection counts to disk -config.summary.ExitPortStatistics Toggles storing traffic and port usage data to disk -config.summary.ConnDirectionStatistics Toggles storing connection use to disk -config.summary.ExtraInfoStatistics Publishes statistic data in the extra-info documents - -# Directory Server Options -config.summary.AuthoritativeDirectory Act as a directory authority -config.summary.DirPortFrontPage Publish this html file on the DirPort -config.summary.V1AuthoritativeDirectory Generates a version 1 consensus -config.summary.V2AuthoritativeDirectory Generates a version 2 consensus -config.summary.V3AuthoritativeDirectory Generates a version 3 consensus -config.summary.VersioningAuthoritativeDirectory Provides opinions on recommended versions of tor -config.summary.NamingAuthoritativeDirectory Provides opinions on fingerprint to nickname bindings -config.summary.HSAuthoritativeDir Toggles accepting hidden service descriptors -config.summary.HidServDirectoryV2 Toggles accepting version 2 hidden service descriptors -config.summary.BridgeAuthoritativeDir Acts as a bridge authority -config.summary.MinUptimeHidServDirectoryV2 Required uptime before accepting hidden service directory -config.summary.DirPort Port for directory connections -config.summary.DirListenAddress Address the directory service is bound to -config.summary.DirPolicy Access policy for the DirPort -config.summary.FetchV2Networkstatus Get the obsolete V2 consensus - -# Directory Authority Server Options -config.summary.RecommendedVersions Tor versions believed to be safe -config.summary.RecommendedClientVersions Tor versions believed to be safe for clients -config.summary.RecommendedServerVersions Tor versions believed to be safe for relays -config.summary.ConsensusParams Params entry of the networkstatus vote -config.summary.DirAllowPrivateAddresses Toggles allowing arbitrary input or non-public IPs in descriptors -config.summary.AuthDirBadDir Relays to be flagged as bad directory caches -config.summary.AuthDirBadExit Relays to be flagged as bad exits -config.summary.AuthDirInvalid Relays from which the valid flag is withheld -config.summary.AuthDirReject Relays to be dropped from the consensus -config.summary.AuthDirListBadDirs Toggles if we provide an opinion on bad directory caches -config.summary.AuthDirListBadExits Toggles if we provide an opinion on bad exits -config.summary.AuthDirRejectUnlisted Rejects further relay descriptors -config.summary.AuthDirMaxServersPerAddr Limit on the number of relays accepted per ip -config.summary.AuthDirMaxServersPerAuthAddr Limit on the number of relays accepted per an authority's ip -config.summary.BridgePassword Password for requesting bridge information -config.summary.V3AuthVotingInterval Consensus voting interval -config.summary.V3AuthVoteDelay Wait time to collect votes of other authorities -config.summary.V3AuthDistDelay Wait time to collect the signatures of other authorities -config.summary.V3AuthNIntervalsValid Number of voting intervals a consensus is valid for -config.summary.V3BandwidthsFile Path to a file containing measured relay bandwidths -config.summary.V3AuthUseLegacyKey Signs consensus with both the current and legacy keys -config.summary.RephistTrackTime Discards old, unchanged reliability informaition - -# Hidden Service Options -config.summary.HiddenServiceDir Directory contents for the hidden service -config.summary.HiddenServicePort Port the hidden service is provided on -config.summary.PublishHidServDescriptors Toggles automated publishing of the hidden service to the rendezvous directory -config.summary.HiddenServiceVersion Version for published hidden service descriptors -config.summary.HiddenServiceAuthorizeClient Restricts access to the hidden service -config.summary.RendPostPeriod Period at which the rendezvous service descriptors are refreshed - -# Testing Network Options -config.summary.TestingTorNetwork Overrides other options to be a testing network -config.summary.TestingV3AuthInitialVotingInterval Overrides V3AuthVotingInterval for the first consensus -config.summary.TestingV3AuthInitialVoteDelay Overrides TestingV3AuthInitialVoteDelay for the first consensus -config.summary.TestingV3AuthInitialDistDelay Overrides TestingV3AuthInitialDistDelay for the first consensus -config.summary.TestingAuthDirTimeToLearnReachability Delay until opinions are given about which relays are running or not -config.summary.TestingEstimatedDescriptorPropagationTime Delay before clients attempt to fetch descriptors from directory caches - -# Snippets from common log messages -# These are static bits of log messages, used to determine when entries with -# dynamic content (hostnames, numbers, etc) are the same. If this matches the -# start of both messages then the entries are flagged as duplicates. If the -# entry begins with an asterisk (*) then it checks if the substrings exist -# anywhere in the messages. -# -# Examples for the complete messages: -# [BW] READ: 0, WRITTEN: 0 -# [DEBUG] connection_handle_write(): After TLS write of 512: 0 read, 586 written -# [DEBUG] flush_chunk_tls(): flushed 512 bytes, 0 ready to flush, 0 remain. -# [DEBUG] conn_read_callback(): socket 7 wants to read. -# [DEBUG] conn_write_callback(): socket 51 wants to write. -# [DEBUG] connection_remove(): removing socket -1 (type OR), n_conns now 50 -# [DEBUG] connection_or_process_cells_from_inbuf(): 7: starting, inbuf_datalen -# 0 (0 pending in tls object). -# [DEBUG] connection_read_to_buf(): 38: starting, inbuf_datalen 0 (0 pending in -# tls object). at_most 12800. -# [DEBUG] connection_read_to_buf(): TLS connection closed on read. Closing. -# (Nickname moria1, address 128.31.0.34) -# [INFO] run_connection_housekeeping(): Expiring non-open OR connection to fd -# 16 (79.193.61.171:443). -# [INFO] rep_hist_downrate_old_runs(): Discounting all old stability info by a -# factor of 0.950000 -# [NOTICE] Circuit build timeout of 96803ms is beyond the maximum build time we -# have ever observed. Capping it to 96107ms. -# The above NOTICE changes to an INFO message in maint-0.2.2 -# [NOTICE] Based on 1000 circuit times, it looks like we don't need to wait so -# long for circuits to finish. We will now assume a circuit is too slow -# to use after waiting 65 seconds. -# [NOTICE] We stalled too much while trying to write 150 bytes to address -# [scrubbed]. If this happens a lot, either something is wrong with -# your network connection, or something is wrong with theirs. (fd 238, -# type Directory, state 1, marked at main.c:702). -# [NOTICE] I learned some more directory information, but not enough to build a -# circuit: We have only 469/2027 usable descriptors. -# [NOTICE] Attempt by %s to open a stream from unknown relay. Closing. -# [NOTICE] Bootstrapped 72%: Loading relay descriptors. -# [WARN] You specified a server "Amunet8" by name, but this name is not -# registered -# [WARN] I have no descriptor for the router named "Amunet8" in my declared -# family; I'll use the nickname as is, but this may confuse clients. -# [WARN] Controller gave us config lines that didn't validate: Value -# 'BandwidthRate ' is malformed or out of bounds. -# [WARN] Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. -# (Network is unreachable; NOROUTE; count 47; recommendation warn) -# [WARN] 4 unknown, 1 missing key, 3 good, 0 bad, 1 no signature, 4 required -# [ARM_DEBUG] refresh rate: 0.001 seconds -# [ARM_DEBUG] proc call (process connections): /proc/net/[tcp|udp] (runtime: 0.0018) -# [ARM_DEBUG] system call: ps -p 2354 -o %cpu,rss,%mem,etime (runtime: 0.02) -# [ARM_DEBUG] system call: netstat -npt | grep 2354/tor (runtime: 0.02) -# [ARM_DEBUG] recreating panel 'graph' with the dimensions of 14/124 -# [ARM_DEBUG] redrawing the log panel with the corrected content height (estimat was off by 4) -# [ARM_DEBUG] GETINFO accounting/bytes-left (runtime: 0.0006) -# [ARM_DEBUG] GETINFO traffic/read (runtime: 0.0004) -# [ARM_DEBUG] GETINFO traffic/written (runtime: 0.0002) -# [ARM_DEBUG] GETCONF MyFamily (runtime: 0.0007) -# [ARM_DEBUG] Unable to query process resource usage from ps, waiting 6.25 seconds (unrecognized output from ps: ...) - -msg.BW READ: -msg.DEBUG connection_handle_write(): After TLS write of -msg.DEBUG flush_chunk_tls(): flushed -msg.DEBUG conn_read_callback(): socket -msg.DEBUG conn_write_callback(): socket -msg.DEBUG connection_remove(): removing socket -msg.DEBUG connection_or_process_cells_from_inbuf(): -msg.DEBUG *pending in tls object). at_most -msg.DEBUG connection_read_to_buf(): TLS connection closed on read. Closing. -msg.INFO run_connection_housekeeping(): Expiring -msg.INFO rep_hist_downrate_old_runs(): Discounting all old stability info by a factor of -msg.INFO *build time we have ever observed. Capping it to -msg.NOTICE *build time we have ever observed. Capping it to -msg.NOTICE *We will now assume a circuit is too slow to use after waiting -msg.NOTICE We stalled too much while trying to write -msg.NOTICE I learned some more directory information, but not enough to build a circuit -msg.NOTICE Attempt by -msg.NOTICE *Loading relay descriptors. -msg.WARN You specified a server -msg.WARN I have no descriptor for the router named -msg.WARN Controller gave us config lines that didn't validate -msg.WARN Problem bootstrapping. Stuck at -msg.WARN *missing key, -msg.ARM_DEBUG refresh rate: -msg.ARM_DEBUG proc call (cwd): -msg.ARM_DEBUG proc call (memory usage): -msg.ARM_DEBUG proc call (process command -msg.ARM_DEBUG proc call (process utime -msg.ARM_DEBUG proc call (process stime -msg.ARM_DEBUG proc call (process start time -msg.ARM_DEBUG proc call (process connections): -msg.ARM_DEBUG system call: ps -msg.ARM_DEBUG system call: netstat -msg.ARM_DEBUG recreating panel ' -msg.ARM_DEBUG redrawing the log panel with the corrected content height ( -msg.ARM_DEBUG GETINFO accounting/bytes -msg.ARM_DEBUG GETINFO accounting/bytes-left -msg.ARM_DEBUG GETINFO accounting/interval-end -msg.ARM_DEBUG GETINFO accounting/hibernating -msg.ARM_DEBUG GETINFO traffic/read -msg.ARM_DEBUG GETINFO traffic/written -msg.ARM_DEBUG GETCONF -msg.ARM_DEBUG Unable to query process resource usage from ps - -# valid torrc aliases from the _option_abbrevs struct of src/or/config.c -# These couldn't be requested via GETCONF (in 0.2.1.19), but I think this has -# been fixed. Discussion is in: -# https://trac.torproject.org/projects/tor/ticket/1802 -# -# TODO: This workaround should be dropped after a few releases. -torrc.alias l => Log -torrc.alias AllowUnverifiedNodes => AllowInvalidNodes -torrc.alias AutomapHostSuffixes => AutomapHostsSuffixes -torrc.alias AutomapHostOnResolve => AutomapHostsOnResolve -torrc.alias BandwidthRateBytes => BandwidthRate -torrc.alias BandwidthBurstBytes => BandwidthBurst -torrc.alias DirFetchPostPeriod => StatusFetchPeriod -torrc.alias MaxConn => ConnLimit -torrc.alias ORBindAddress => ORListenAddress -torrc.alias DirBindAddress => DirListenAddress -torrc.alias SocksBindAddress => SocksListenAddress -torrc.alias UseHelperNodes => UseEntryGuards -torrc.alias NumHelperNodes => NumEntryGuards -torrc.alias UseEntryNodes => UseEntryGuards -torrc.alias NumEntryNodes => NumEntryGuards -torrc.alias ResolvConf => ServerDNSResolvConfFile -torrc.alias SearchDomains => ServerDNSSearchDomains -torrc.alias ServerDNSAllowBrokenResolvConf => ServerDNSAllowBrokenConfig -torrc.alias PreferTunnelledDirConns => PreferTunneledDirConns -torrc.alias BridgeAuthoritativeDirectory => BridgeAuthoritativeDir -torrc.alias StrictEntryNodes => StrictNodes -torrc.alias StrictExitNodes => StrictNodes - -# using the following entry is problematic, despite being among the -# __option_abbrevs mappings -#torrc.alias HashedControlPassword => __HashedControlSessionPassword - -# size and time modifiers allowed by config.c -torrc.label.size.b b, byte, bytes -torrc.label.size.kb kb, kbyte, kbytes, kilobyte, kilobytes -torrc.label.size.mb m, mb, mbyte, mbytes, megabyte, megabytes -torrc.label.size.gb gb, gbyte, gbytes, gigabyte, gigabytes -torrc.label.size.tb tb, terabyte, terabytes -torrc.label.time.sec second, seconds -torrc.label.time.min minute, minutes -torrc.label.time.hour hour, hours -torrc.label.time.day day, days -torrc.label.time.week week, weeks - -# Common usages for ports based on: -# https://secure.wikimedia.org/wikipedia/en/wiki/List_of_TCP_and_UDP_port_numb... -# http://isc.sans.edu/services.html -# -# Including all the official low ports (< 1024), and higher ones I recognize. - -port.label.1 TCPMUX -port.label.2 CompressNET -port.label.3 CompressNET -port.label.5 RJE -port.label.7 Echo -port.label.9 Discard -port.label.11 SYSTAT -port.label.13 Daytime -port.label.15 netstat -port.label.17 QOTD -port.label.18 MSP -port.label.19 CHARGEN -port.label.20 FTP -port.label.21 FTP -port.label.22 SSH -port.label.23 Telnet -port.label.24 Priv-mail -port.label.25 SMTP -port.label.34 RF -port.label.35 Printer -port.label.37 TIME -port.label.39 RLP -port.label.41 Graphics -port.label.42 WINS -port.label.43 WHOIS -port.label.47 NI FTP -port.label.49 TACACS -port.label.50 Remote Mail -port.label.51 IMP -port.label.52 XNS -port.label.53 DNS -port.label.54 XNS -port.label.55 ISI-GL -port.label.56 RAP -port.label.57 MTP -port.label.58 XNS -port.label.67 BOOTP -port.label.68 BOOTP -port.label.69 TFTP -port.label.70 Gopher -port.label.79 Finger -port.label.80 HTTP -port.label.81 HTTP Alternate -port.label.82 Torpark -port.label.83 MIT ML -port.label.88 Kerberos -port.label.90 dnsix -port.label.99 WIP -port.label.101 NIC -port.label.102 ISO-TSAP -port.label.104 ACR/NEMA -port.label.105 CCSO -port.label.107 Telnet -port.label.108 SNA -port.label.109 POP2 -port.label.110 POP3 -port.label.111 ONC RPC -port.label.113 ident -port.label.115 SFTP -port.label.117 UUCP -port.label.118 SQL -port.label.119 NNTP -port.label.123 NTP -port.label.135 DCE -port.label.137 NetBIOS -port.label.138 NetBIOS -port.label.139 NetBIOS -port.label.143 IMAP -port.label.152 BFTP -port.label.153 SGMP -port.label.156 SQL -port.label.158 DMSP -port.label.161 SNMP -port.label.162 SNMPTRAP -port.label.170 Print-srv -port.label.177 XDMCP -port.label.179 BGP -port.label.194 IRC -port.label.199 SMUX -port.label.201 AppleTalk -port.label.209 QMTP -port.label.210 ANSI -port.label.213 IPX -port.label.218 MPP -port.label.220 IMAP -port.label.256 2DEV -port.label.259 ESRO -port.label.264 BGMP -port.label.308 Novastor -port.label.311 OSX Admin -port.label.318 PKIX TSP -port.label.319 PTP -port.label.320 PTP -port.label.323 IMMP -port.label.350 MATIP -port.label.351 MATIP -port.label.366 ODMR -port.label.369 Rpc2portmap -port.label.370 codaauth2 -port.label.371 ClearCase -port.label.383 HP Alarm Mgr -port.label.384 ARNS -port.label.387 AURP -port.label.389 LDAP -port.label.401 UPS -port.label.402 Altiris -port.label.427 SLP -port.label.443 HTTPS -port.label.444 SNPP -port.label.445 SMB -port.label.464 Kerberos (kpasswd) -port.label.465 SMTP -port.label.475 tcpnethaspsrv -port.label.497 Retrospect -port.label.500 ISAKMP -port.label.501 STMF -port.label.502 Modbus -port.label.504 Citadel -port.label.510 FirstClass -port.label.512 Rexec -port.label.513 rlogin -port.label.514 rsh -port.label.515 LPD -port.label.517 Talk -port.label.518 NTalk -port.label.520 efs -port.label.524 NCP -port.label.530 RPC -port.label.531 AIM/IRC -port.label.532 netnews -port.label.533 netwall -port.label.540 UUCP -port.label.542 commerce -port.label.543 Kerberos (klogin) -port.label.544 Kerberos (kshell) -port.label.545 OSISoft PI -port.label.546 DHCPv6 -port.label.547 DHCPv6 -port.label.548 AFP -port.label.550 new-who -port.label.554 RTSP -port.label.556 RFS -port.label.560 rmonitor -port.label.561 monitor -port.label.563 NNTPS -port.label.587 SMTP -port.label.591 FileMaker -port.label.593 HTTP RPC -port.label.604 TUNNEL -port.label.623 ASF-RMCP -port.label.631 CUPS -port.label.635 RLZ DBase -port.label.636 LDAPS -port.label.639 MSDP -port.label.641 SupportSoft -port.label.646 LDP -port.label.647 DHCP -port.label.648 RRP -port.label.651 IEEE-MMS -port.label.652 DTCP -port.label.653 SupportSoft -port.label.654 MMS/MMP -port.label.657 RMC -port.label.660 OSX Admin -port.label.665 sun-dr -port.label.666 Doom -port.label.674 ACAP -port.label.691 MS Exchange -port.label.692 Hyperwave-ISP -port.label.694 Linux-HA -port.label.695 IEEE-MMS-SSL -port.label.698 OLSR -port.label.699 Access Network -port.label.700 EPP -port.label.701 LMP -port.label.702 IRIS -port.label.706 SILC -port.label.711 MPLS -port.label.712 TBRPF -port.label.720 SMQP -port.label.749 Kerberos (admin) -port.label.750 rfile -port.label.751 pump -port.label.752 qrh -port.label.753 rrh -port.label.754 tell send -port.label.760 ns -port.label.782 Conserver -port.label.783 spamd -port.label.829 CMP -port.label.843 Flash -port.label.847 DHCP -port.label.860 iSCSI -port.label.873 rsync -port.label.888 CDDB -port.label.901 SWAT -port.label.902-904 VMware -port.label.911 NCA -port.label.953 DNS RNDC -port.label.981 SofaWare Firewall -port.label.989 FTPS -port.label.990 FTPS -port.label.991 NAS -port.label.992 Telnet -port.label.993 IMAPS -port.label.994 IRC -port.label.995 POP3S -port.label.999 ScimoreDB -port.label.1001 JtoMB -port.label.1002 cogbot - -port.label.1080 SOCKS -port.label.1085 WebObjects -port.label.1109 KPOP -port.label.1169 Tripwire -port.label.1194 OpenVPN -port.label.1214 Kazaa -port.label.1220 QuickTime -port.label.1234 VLC -port.label.1241 Nessus -port.label.1270 SCOM -port.label.1293 IPSec -port.label.1433 MSSQL -port.label.1434 MSSQL -port.label.1500 NetGuard -port.label.1503 MSN -port.label.1512 WINS -port.label.1521 Oracle -port.label.1526 Oracle -port.label.1533 Sametime -port.label.1666 Perforce -port.label.1677 GroupWise -port.label.1723 PPTP -port.label.1725 Steam -port.label.1863 MSNP -port.label.2049 NFS -port.label.2082 Infowave -port.label.2083 radsec -port.label.2086 GNUnet -port.label.2087 ELI -port.label.2095 NBX SER -port.label.2096 NBX DIR -port.label.2102-2104 Zephyr -port.label.2401 CVS -port.label.2525 SMTP -port.label.2710 BitTorrent -port.label.3074 XBox LIVE -port.label.3101 BlackBerry -port.label.3128 SQUID -port.label.3306 MySQL -port.label.3389 WBT -port.label.3690 SVN -port.label.3723 Battle.net -port.label.3724 WoW -port.label.4321 RWHOIS -port.label.4643 Virtuozzo -port.label.4662 eMule -port.label.5003 FileMaker -port.label.5050 Yahoo IM -port.label.5060 SIP -port.label.5061 SIP -port.label.5190 AIM/ICQ -port.label.5222 Jabber -port.label.5223 Jabber -port.label.5228 Android Market -port.label.5269 Jabber -port.label.5298 Jabber -port.label.5432 PostgreSQL -port.label.5500 VNC -port.label.5556 Freeciv -port.label.5666 NRPE -port.label.5667 NSCA -port.label.5800 VNC -port.label.5900 VNC -port.label.6346 gnutella -port.label.6347 gnutella -port.label.6660-6669 IRC -port.label.6679 IRC -port.label.6697 IRC -port.label.6881-6999 BitTorrent -port.label.8000 iRDMI -port.label.8008 HTTP Alternate -port.label.8010 XMPP -port.label.8074 Gadu-Gadu -port.label.8080 HTTP Proxy -port.label.8087 SPP -port.label.8088 Radan HTTP -port.label.8118 Privoxy -port.label.8123 Polipo -port.label.8443 PCsync HTTPS -port.label.8888 NewsEDGE -port.label.9030 Tor -port.label.9050 Tor -port.label.9051 Tor -port.label.9418 Git -port.label.9999 distinct -port.label.10000 Webmin -port.label.19294 Google Voice -port.label.19638 Ensim -port.label.23399 Skype -port.label.30301 BitTorrent -port.label.33434 traceroute - diff --git a/arm/starter.py b/arm/starter.py index bc139c5..a2a6d4d 100644 --- a/arm/starter.py +++ b/arm/starter.py @@ -33,7 +33,7 @@ import stem.util.connection import stem.util.log import stem.util.system

-from arm.util import msg, trace, notice, warn +from arm.util import msg, trace, notice, warn, load_settings

SETTINGS_PATH = os.path.join(os.path.dirname(__file__), 'settings.cfg')

@@ -48,7 +48,7 @@ def main(): config.set('start_time', str(int(time.time())))

try: - config.load(SETTINGS_PATH) + load_settings() except IOError as exc: print msg('config.unable_to_load_settings', path = SETTINGS_PATH, error = exc) sys.exit(1) diff --git a/arm/util/__init__.py b/arm/util/__init__.py index 2879f37..9106caa 100644 --- a/arm/util/__init__.py +++ b/arm/util/__init__.py @@ -6,9 +6,13 @@ and safely working with curses (hiding some of the gory details).

__all__ = ["connections", "panel", "sysTools", "textInput", "torConfig", "torTools", "tracker", "uiTools"]

+import os + import stem.util.conf import stem.util.log

+BASE_DIR = os.path.sep.join(__file__.split(os.path.sep)[:-2]) + def msg(message, **attr): """ Provides the given message. @@ -52,6 +56,25 @@ def error(msg, **attr): _log(stem.util.log.ERROR, msg, **attr)

+def load_settings(): + """ + Loads arms internal settings. This should be treated as a fatal failure if + unsuccessful. + + :raises: **IOError** if we're unable to read or parse our internal + configurations + """ + + config = stem.util.conf.get_config('arm') + + if not config.get('settings_loaded', False): + config_dir = os.path.join(BASE_DIR, 'config') + + for config_file in os.listdir(config_dir): + config.load(os.path.join(config_dir, config_file)) + + config.set('settings_loaded', 'true') + def _log(runlevel, message, **attr): """ Logs the given message, formatted with optional attributes. diff --git a/arm/util/torConfig.py b/arm/util/torConfig.py index e08fc40..2c89e37 100644 --- a/arm/util/torConfig.py +++ b/arm/util/torConfig.py @@ -27,24 +27,24 @@ DESC_SAVE_SUCCESS_MSG = "Saved configuration descriptions to '%s' (runtime: %0.3 DESC_SAVE_FAILED_MSG = "Unable to save configuration descriptions (%s)"

def conf_handler(key, value): - if key == "config.important": + if key == "torrc.important": # stores lowercase entries to drop case sensitivity return [entry.lower() for entry in value]

CONFIG = conf.config_dict("arm", { "features.torrc.validate": True, - "config.important": [], + "torrc.important": [], "torrc.alias": {}, - "torrc.label.size.b": [], - "torrc.label.size.kb": [], - "torrc.label.size.mb": [], - "torrc.label.size.gb": [], - "torrc.label.size.tb": [], - "torrc.label.time.sec": [], - "torrc.label.time.min": [], - "torrc.label.time.hour": [], - "torrc.label.time.day": [], - "torrc.label.time.week": [], + "torrc.units.size.b": [], + "torrc.units.size.kb": [], + "torrc.units.size.mb": [], + "torrc.units.size.gb": [], + "torrc.units.size.tb": [], + "torrc.units.time.sec": [], + "torrc.units.time.min": [], + "torrc.units.time.hour": [], + "torrc.units.time.day": [], + "torrc.units.time.week": [], "startup.dataDirectory": "~/.arm", "features.config.descriptions.enabled": True, "features.config.descriptions.persist": True, @@ -54,11 +54,11 @@ CONFIG = conf.config_dict("arm", { def general_conf_handler(config, key): value = config.get(key)

- if key.startswith("config.summary."): + if key.startswith("torrc.summary."): # we'll look for summary keys with a lowercase config name CONFIG[key.lower()] = value - elif key.startswith("torrc.label.") and value: - # all the torrc.label.* values are comma separated lists + elif key.startswith("torrc.units.") and value: + # all the torrc.units.* values are comma separated lists return [entry.strip() for entry in value[0].split(",")]

conf.get_config("arm").add_listener(general_conf_handler, backfill = True) @@ -306,7 +306,7 @@ def getConfigSummary(option): option - tor config option """

- return CONFIG.get("config.summary.%s" % option.lower()) + return CONFIG.get("torrc.summary.%s" % option.lower())

def isImportant(option): """ @@ -317,7 +317,7 @@ def isImportant(option): option - tor config option """

- return option.lower() in CONFIG["config.important"] + return option.lower() in CONFIG["torrc.important"]

def getConfigDescription(option): """ @@ -662,11 +662,11 @@ def _getUnitType(unit): """

for label in SIZE_MULT: - if unit in CONFIG["torrc.label.size." + label]: + if unit in CONFIG["torrc.units.size." + label]: return SIZE_MULT[label], ValueType.SIZE

for label in TIME_MULT: - if unit in CONFIG["torrc.label.time." + label]: + if unit in CONFIG["torrc.units.time." + label]: return TIME_MULT[label], ValueType.TIME

return None, ValueType.UNRECOGNIZED diff --git a/run_tests.py b/run_tests.py index 52b8fd7..894bc09 100755 --- a/run_tests.py +++ b/run_tests.py @@ -10,8 +10,7 @@ the test coverage we can achieve, but exercising what we can. import os import unittest

-import stem.util.conf - +from arm.util import load_settings

def clean_orphaned_pyc(): for root, _, files in os.walk(os.path.dirname(__file__)): @@ -28,8 +27,7 @@ def clean_orphaned_pyc():

def main(): - settings_path = os.path.join(os.path.dirname(__file__), 'arm', 'settings.cfg') - stem.util.conf.get_config('arm').load(settings_path) + load_settings()

clean_orphaned_pyc()