From fac5423e4ef6ecee0c85e38dc95b47931aa9c96a Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Tue, 14 Dec 2010 23:24:01 +0100 Subject: [PATCH 1/8] Fix spelling in a comment --- src/test.py | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/test.py b/src/test.py index 94b1126..aad901c 100644 --- a/src/test.py +++ b/src/test.py @@ -98,7 +98,7 @@ while True: elif userInput == "3": uiTools.demoGlyphs() - # Switching to a curses context and back repetedy seems to screw up the + # Switching to a curses context and back repeatedly seems to screw up the # terminal. Just to be safe this ends the process after the demo. break else: -- 1.7.3.3 From 0b342d330b3430f7351e2b7b23ef2f6ac72a2204 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Wed, 15 Dec 2010 21:34:44 +0100 Subject: [PATCH 2/8] Factor ipAddressIsPrivate() out of reset() --- src/interface/connPanel.py | 12 ++++++++---- 1 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/interface/connPanel.py b/src/interface/connPanel.py index e9abe00..81f3f76 100644 --- a/src/interface/connPanel.py +++ b/src/interface/connPanel.py @@ -105,6 +105,13 @@ def getSortType(sortLabel): if sortLabel == label: return type raise ValueError(sortLabel) +def ipAddressIsPrivate(Ip): + # TODO: range should restrict to the following address ranges: + # 10.*, 172.16.* - 172.31.*, 192.168.* + # being lazy right now - fix the 172.* range when rewriting + isPrivateIp = Ip.startswith("10.") or Ip.startswith("192.168.") or Ip.startswith("172.") + return isPrivateIp + class ConnPanel(TorCtl.PostEventListener, panel.Panel): """ Lists tor related connection data. @@ -357,10 +364,7 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): # replace nat address with external version if available and the # external address isn't a private IP - # TODO: range should restrict to the following address ranges: - # 10.*, 172.16.* - 172.31.*, 192.168.* - # being lazy right now - fix the 172.* range when rewriting - isPrivateIp = fIp.startswith("10.") or fIp.startswith("192.168.") or fIp.startswith("172.") + isPrivateIp = ipAddressIsPrivate(fIp) if self.address and type != "control" and not isPrivateIp: lIp = self.address try: -- 1.7.3.3 From b3a491898b677c58dc24f2fbdef18da1de0ce222 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Fri, 17 Dec 2010 00:09:06 +0100 Subject: [PATCH 3/8] Treat addresses starting with '127.' as private, too. --- src/interface/connPanel.py | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/interface/connPanel.py b/src/interface/connPanel.py index 81f3f76..1703077 100644 --- a/src/interface/connPanel.py +++ b/src/interface/connPanel.py @@ -107,9 +107,9 @@ def getSortType(sortLabel): def ipAddressIsPrivate(Ip): # TODO: range should restrict to the following address ranges: - # 10.*, 172.16.* - 172.31.*, 192.168.* + # 10.*, 172.16.* - 172.31.*, 192.168.*, 127.* # being lazy right now - fix the 172.* range when rewriting - isPrivateIp = Ip.startswith("10.") or Ip.startswith("192.168.") or Ip.startswith("172.") + isPrivateIp = Ip.startswith("10.") or Ip.startswith("192.168.") or Ip.startswith("172.") or Ip.startswith("127.") return isPrivateIp class ConnPanel(TorCtl.PostEventListener, panel.Panel): -- 1.7.3.3 From e0e1f903272558610f509407c953b6d92265ccac Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Wed, 15 Dec 2010 22:20:02 +0100 Subject: [PATCH 4/8] Don't add the country code to private addresses. XXX: the duplicated code could be factored out. --- src/interface/connPanel.py | 21 +++++++++++++++++---- 1 files changed, 17 insertions(+), 4 deletions(-) diff --git a/src/interface/connPanel.py b/src/interface/connPanel.py index 1703077..78a8bab 100644 --- a/src/interface/connPanel.py +++ b/src/interface/connPanel.py @@ -550,7 +550,9 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): if self.listingType == LIST_IP: # base data requires 73 characters src = "%s:%s" % (entry[CONN_L_IP], entry[CONN_L_PORT]) - dst = "%s:%s %s" % (entry[CONN_F_IP], entry[CONN_F_PORT], "" if type == "control" else "(%s)" % entry[CONN_COUNTRY]) + dst = "%s:%s" % (entry[CONN_F_IP], entry[CONN_F_PORT]) + if not ipAddressIsPrivate(entry[CONN_F_IP]): + dst += " (%s)" % entry[CONN_COUNTRY] if isPrivate: dst = "" @@ -583,7 +585,11 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): foreignHostnameSpace -= 22 if isPrivate: ipEntry = "" - else: ipEntry = "%s %s" % (entry[CONN_F_IP], "" if type == "control" else "(%s)" % entry[CONN_COUNTRY]) + else: + ipEntry = "%s:%s" % (entry[CONN_F_IP], entry[CONN_F_PORT]) + if ipAddressIsPrivate(entry[CONN_F_IP]): + ipEntry += " (%s)" % entry[CONN_COUNTRY] + etc += "%-20s " % ipEntry if width > 134 + xOffset: @@ -631,7 +637,10 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): if width > 125 + xOffset: # shows ip/port/locale (column width: 28 characters) if isPrivate: ipEntry = "" - else: ipEntry = "%s:%s %s" % (entry[CONN_F_IP], entry[CONN_F_PORT], "" if type == "control" else "(%s)" % entry[CONN_COUNTRY]) + else: + ipEntry = "%s:%s" % (entry[CONN_F_IP], entry[CONN_F_PORT]) + if ipAddressIsPrivate(entry[CONN_F_IP]): + ipEntry += " (%s)" % entry[CONN_COUNTRY] etc += "%-26s " % ipEntry else: # base data uses whatever extra room's available (using minimun of 50 characters) @@ -653,7 +662,11 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): foreignNicknameSpace -= 28 if isPrivate: ipEntry = "" - else: ipEntry = "%s:%s %s" % (entry[CONN_F_IP], entry[CONN_F_PORT], "" if type == "control" else "(%s)" % entry[CONN_COUNTRY]) + else: + ipEntry = "%s:%s" % (entry[CONN_F_IP], entry[CONN_F_PORT]) + if ipAddressIsPrivate(entry[CONN_F_IP]): + ipEntry += " (%s)" % entry[CONN_COUNTRY] + etc += "%-26s " % ipEntry dst = ("%%-%is" % foreignNicknameSpace) % dst -- 1.7.3.3 From 7633ef1e9eb166c0c1c8517aa95802eeac6a4b8e Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Fri, 17 Dec 2010 19:03:56 +0100 Subject: [PATCH 5/8] If the fIp is private, don't bother trying to get a countryCode --- src/interface/connPanel.py | 20 ++++++++++++-------- 1 files changed, 12 insertions(+), 8 deletions(-) diff --git a/src/interface/connPanel.py b/src/interface/connPanel.py index 78a8bab..5e1b0d5 100644 --- a/src/interface/connPanel.py +++ b/src/interface/connPanel.py @@ -367,14 +367,18 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): isPrivateIp = ipAddressIsPrivate(fIp) if self.address and type != "control" and not isPrivateIp: lIp = self.address - try: - countryCodeQuery = "ip-to-country/%s" % fIp - countryCode = self.conn.get_info(countryCodeQuery)[countryCodeQuery] - except (socket.error, TorCtl.ErrorReply, TorCtl.TorCtlClosed): - countryCode = "??" - if not self.providedGeoipWarning: - log.log(log.WARN, "Tor geoip database is unavailable.") - self.providedGeoipWarning = True + if ipAddressIsPrivate(fIp): + # Should not be shown + countryCode = "???" + else: + try: + countryCodeQuery = "ip-to-country/%s" % fIp + countryCode = self.conn.get_info(countryCodeQuery)[countryCodeQuery] + except (socket.error, TorCtl.ErrorReply, TorCtl.TorCtlClosed): + countryCode = "??" + if not self.providedGeoipWarning: + log.log(log.WARN, "Tor geoip database is unavailable.") + self.providedGeoipWarning = True if (fIp, fPort) in connTimes: connTime = connTimes[(fIp, fPort)] else: connTime = time.time() -- 1.7.3.3 From 7e2ca00f19505859ec02fbfbff9f4edfb14bd00d Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Sat, 18 Dec 2010 14:45:09 +0100 Subject: [PATCH 6/8] Remove the replace the '\s' in RUN_LSOF with ' ' to get it working. --- src/util/connections.py | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/util/connections.py b/src/util/connections.py index abec3f6..d154288 100644 --- a/src/util/connections.py +++ b/src/util/connections.py @@ -60,7 +60,7 @@ RUN_SS = "ss -nptu | grep \"ESTAB.*\\\"%s\\\",%s\"" # oddly, using the -p flag via: # lsof lsof -nPi -p | grep "^.*(ESTABLISHED)" # is much slower (11-28% in tests I ran) -RUN_LSOF = "lsof -nPi | egrep \"^%s\\s*%s.*((UDP.*)|(\\(ESTABLISHED\\)))\"" +RUN_LSOF = "lsof -nPi | egrep \"^%s *%s.*((UDP.*)|(\\(ESTABLISHED\\)))\"" # output: # atagar tor 3475 tcp4 127.0.0.1:9051 127.0.0.1:38942 ESTABLISHED -- 1.7.3.3 From e420434b29a64887a396e016921d8408cbbc80f6 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Sat, 18 Dec 2010 15:09:06 +0100 Subject: [PATCH 7/8] Fix splitting of the CMD_LSOF results --- src/util/connections.py | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/util/connections.py b/src/util/connections.py index d154288..9ca32be 100644 --- a/src/util/connections.py +++ b/src/util/connections.py @@ -148,7 +148,7 @@ def getConnections(resolutionCmd, processName, processPid = ""): localIp, localPort = comp[4].split(":") foreignIp, foreignPort = comp[5].split(":") elif resolutionCmd == CMD_LSOF: - local, foreign = comp[8].split("->") + local, foreign = comp[7].split("->") localIp, localPort = local.split(":") foreignIp, foreignPort = foreign.split(":") elif resolutionCmd == CMD_SOCKSTAT: -- 1.7.3.3 From 91e0bb1208a010e9ab1fd73aec456b48ce321b48 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Sat, 11 Dec 2010 17:56:21 +0100 Subject: [PATCH 8/8] Hack to show the nat address behind the local address instead of showing it instead of the local address. --- src/interface/connPanel.py | 20 +++++++++++++++----- 1 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/interface/connPanel.py b/src/interface/connPanel.py index 5e1b0d5..aef5c75 100644 --- a/src/interface/connPanel.py +++ b/src/interface/connPanel.py @@ -362,11 +362,6 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): connectionCountTmp[1] += 1 if SCRUB_PRIVATE_DATA and fIp not in self.fingerprintMappings.keys(): isPrivate = isExitAllowed(fIp, fPort, self.exitPolicy, self.exitRejectPrivate) - # replace nat address with external version if available and the - # external address isn't a private IP - isPrivateIp = ipAddressIsPrivate(fIp) - if self.address and type != "control" and not isPrivateIp: lIp = self.address - if ipAddressIsPrivate(fIp): # Should not be shown countryCode = "???" @@ -558,6 +553,17 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): if not ipAddressIsPrivate(entry[CONN_F_IP]): dst += " (%s)" % entry[CONN_COUNTRY] + # Hack to include the external address if it differs from the local one + if entry[CONN_L_IP] != self.address: + if not ipAddressIsPrivate(entry[CONN_F_IP]): + if type == "inbound": + # XXX: untested + src = self.address + " <-- " + src + else: + src += " --> " + self.address + else: + src += " " + " " * (len(self.address) + 1) + if isPrivate: dst = "" src, dst = "%-21s" % src, "%-26s" % dst @@ -691,6 +697,10 @@ class ConnPanel(TorCtl.PostEventListener, panel.Panel): else: ipStart = etc.find("256") if ipStart > -1: etc = etc[:ipStart] + ("%%-%is" % len(etc[ipStart:])) % "UNKNOWN" + + if entry[CONN_L_IP] != self.address: + # Make room for the previously added external address + etc = etc.strip() padding = width - (len(src) + len(dst) + len(etc) + 27) - xOffset # padding needed to fill full line lineEntry = "<%s>%s --> %s %s%s%5s (%s)%s" % (color, src, dst, etc, " " * padding, timeLabel, type.upper(), " " * (9 - len(type)), color) -- 1.7.3.3