[or-cvs] r22646: {arm} Revision of the exit alert script (next gonna clean up the c (arm/trunk/init)

Damian Johnson atagar1 at gmail.com
Sun Jul 18 12:26:20 UTC 2010 

Author: atagar
Date: 2010-07-18 12:26:20 +0000 (Sun, 18 Jul 2010)
New Revision: 22646

Modified:
   arm/trunk/init/project113.py
Log:
Revision of the exit alert script (next gonna clean up the code and add bandwidth alerts).



Modified: arm/trunk/init/project113.py
===================================================================
--- arm/trunk/init/project113.py	2010-07-16 18:21:34 UTC (rev 22645)
+++ arm/trunk/init/project113.py	2010-07-18 12:26:20 UTC (rev 22646)
@@ -9,6 +9,8 @@
 # TODO: this whole script is experimental and should be rewritten once we
 # figure out what works best...
 
+# TODO: save fingerprints to file so it's preserved between runs... maybe logs too
+
 import sys
 import time
 import getpass
@@ -17,6 +19,7 @@
 
 sys.path[0] = sys.path[0][:-5]
 
+from TorCtl import TorCtl
 import util.torTools
 
 SAMPLING_INTERVAL = 7200 # two hours
@@ -27,10 +30,16 @@
 ALERT_HOURLY_DROP = False # sends alert for hourly network shrinking if true
 
 # size of change (+/-) at which an alert is sent
-BIHOURLY_THRESHOLD = 15
-DAILY_THRESHOLD = 50
-WEEKLY_THRESHOLD = 100
+BIHOURLY_THRESHOLD = 30
+DAILY_THRESHOLD = 75
+WEEKLY_THRESHOLD = 200
 
+# location from which to fetch newline separated listing of existing fingerprints
+FINGERPRINTS_PREPOPULATE = "./fingerprints_out"
+
+# location to which seen fingerprints are saved
+FINGERPRINTS_STORE = "./fingerprints_out"
+
 SEEN_FINGERPRINTS = set()
 
 def sendAlert(msg):
@@ -60,8 +69,12 @@
   exitEntries = []
   for nsEntry in conn.get_network_status():
     queryParam = "desc/id/%s" % nsEntry.idhex
-    descEntry = conn.get_info(queryParam)[queryParam]
     
+    try:
+      descEntry = conn.get_info(queryParam)[queryParam]
+    except TorCtl.ErrorReply:
+      descEntry = ""
+    
     isExit = False
     for line in descEntry.split("\n"):
       if line == "reject *:*": break # reject all before any accept entries
@@ -98,9 +111,23 @@
   counts = [] # has entries for up to the past week
   newCounts = [] # parallel listing for new entries added on each time period
   nsEntries = [] # parallel listing for exiting ns entries
+  newExitListings = []
   lastQuery = 0
   tick = 0
   
+  # prepopulates existing fingerprints
+  if FINGERPRINTS_PREPOPULATE:
+    prepopulateFile = open(FINGERPRINTS_PREPOPULATE, "r")
+    
+    for entry in prepopulateFile:
+      SEEN_FINGERPRINTS.add(entry.upper().strip())
+      #if fpFile and FINGERPRINTS_PREPOPULATE != FINGERPRINTS_STORE: fpFile.write(entry.upper())
+    
+    prepopulateFile.close()
+  
+  fpFile = None
+  if FINGERPRINTS_STORE: fpFile = open(FINGERPRINTS_STORE, "a")
+  
   while True:
     tick += 1
     
@@ -118,10 +145,12 @@
     counts.insert(0, count)
     newCounts.insert(0, newCount)
     nsEntries.insert(0, exitEntries)
+    newExitListings.insert(0, newExitEntries)
     if len(counts) > 84:
       counts.pop()
       newCounts.pop()
       nsEntries.pop()
+      newExitListings.pop()
     
     # check if we broke any thresholds (alert at the lowest increment)
     alarmHourly, alarmDaily, alarmWeekly = False, False, False
@@ -129,26 +158,32 @@
     if len(counts) >= 2:
       #if ALERT_HOURLY_DROP: alarmHourly = abs(count - counts[1]) >= BIHOURLY_THRESHOLD
       #else: alarmHourly = count - counts[1] >= BIHOURLY_THRESHOLD
-      alarmHourly = newCounts >= BIHOURLY_THRESHOLD
+      alarmHourly = newCount >= BIHOURLY_THRESHOLD
     
-    if len(counts) >= 3:
-      dayMin, dayMax = min(counts[:12]), max(counts[:12])
-      alarmDaily = (dayMax - dayMin) > DAILY_THRESHOLD
+    #if len(counts) >= 3:
+    #  dayMin, dayMax = min(counts[:12]), max(counts[:12])
+    #  alarmDaily = (dayMax - dayMin) > DAILY_THRESHOLD
     
-    if len(counts) >= 12:
-      weekMin, weekMax = min(counts), max(counts)
-      alarmWeekly = (weekMax - weekMin) > WEEKLY_THRESHOLD
+    #if len(counts) >= 12:
+    #  weekMin, weekMax = min(counts), max(counts)
+    #  alarmWeekly = (weekMax - weekMin) > WEEKLY_THRESHOLD
     
     # notes entry on terminal
     lastQuery = time.time()
     timeLabel = time.strftime("%H:%M %m/%d/%Y", time.localtime(lastQuery))
     print "%s - %s exits (%s new)" % (timeLabel, count, newCount)
     
+    # add all new fingerprints to seen set
+    for entry in nsEntries[0]:
+      SEEN_FINGERPRINTS.add(entry.idhex)
+      if fpFile: fpFile.write(entry.idhex + "\n")
+    
     # sends a notice with counts for the last week
-    if tick > 5 and (alarmHourly or alarmDaily or alarmWeekly):
+    if alarmHourly or alarmDaily or alarmWeekly or (tick % 12 == 0):
       if alarmHourly: threshold = "hourly"
       elif alarmDaily: threshold = "daily"
       elif alarmWeekly: threshold = "weekly"
+      else: threshold = "no"
       
       msg = "%s threshold broken\n" % threshold
       
@@ -167,26 +202,36 @@
       
       if len(counts) >= 12:
         msg += "\nnew exits (daily):\n"
-        entriesDiff = getExitsDiff(nsEntries[0], nsEntries[12])
-        for entry in entriesDiff:
-          msg += "%s (%s:%s)\n" % (entry.idhex, entry.ip, entry.orport)
-          msg += "    nickname: %s\n    flags: %s\n\n" % (entry.nickname, ", ".join(entry.flags))
+        
+        entryTime = lastQuery
+        for i in range(len(newExitListings)):
+          exitListing = newExitListings[i]
+          timeLabel = time.strftime("%H:%M %m/%d/%Y", time.localtime(entryTime))
+          msg += "entries for %s\n" % timeLabel
+          
+          for entry in exitListing:
+            msg += "%s (%s:%s)\n" % (entry.idhex, entry.ip, entry.orport)
+            msg += "    nickname: %s\n    flags: %s\n\n" % (entry.nickname, ", ".join(entry.flags))
+          
+          entryTime -= SAMPLING_INTERVAL
+        
+        #entriesDiff = getExitsDiff(nsEntries[0], nsEntries[11])
+        #for entry in entriesDiff:
+        #  msg += "%s (%s:%s)\n" % (entry.idhex, entry.ip, entry.orport)
+        #  msg += "    nickname: %s\n    flags: %s\n\n" % (entry.nickname, ", ".join(entry.flags))
       
-      if len(counts) >= 48:
-        # require at least four days of data
-        msg += "\nnew exits (weekly):\n"
-        entriesDiff = getExitsDiff(nsEntries[0], nsEntries[-1])
-        for entry in entriesDiff:
-          msg += "%s (%s:%s)\n" % (entry.idhex, entry.ip, entry.orport)
-          msg += "    nickname: %s\n    flags: %s\n\n" % (entry.nickname, ", ".join(entry.flags))
+      #if len(counts) >= 48:
+      #  # require at least four days of data
+      #  msg += "\nnew exits (weekly):\n"
+      #  entriesDiff = getExitsDiff(nsEntries[0], nsEntries[-1])
+      #  for entry in entriesDiff:
+      #    msg += "%s (%s:%s)\n" % (entry.idhex, entry.ip, entry.orport)
+      #    msg += "    nickname: %s\n    flags: %s\n\n" % (entry.nickname, ", ".join(entry.flags))
       
       sendAlert(msg)
       
-      # add all new fingerprints to seen set
-      for entry in nsEntries[0]:
-        SEEN_FINGERPRINTS.add(entry.idhex)
-      
       # clears entries so we don't repeatidly send alarms for the same event
       if alarmDaily: del counts[2:]
       elif alarmWeekly: del counts[12:]
+

More information about the tor-commits mailing list