Merge pull request mattes#14 from milesrichardson/master

mattes · web-flow · commit 36a39e0971fd · 2016-12-20T15:31:57.000-08:00
optimized tor args, and force change circuits via tor control port
diff --git a/Dockerfile b/Dockerfile
@@ -21,8 +21,12 @@ RUN gem install excon -v 0.44.4
 ADD start.rb /usr/local/bin/start.rb
 RUN chmod +x /usr/local/bin/start.rb
 
+ADD newnym.sh /usr/local/bin/newnym.sh
+RUN chmod +x /usr/local/bin/newnym.sh
+
 ADD haproxy.cfg.erb /usr/local/etc/haproxy.cfg.erb
+ADD uncachable /etc/polipo/uncachable
 
-EXPOSE 5566 1936
+EXPOSE 5566 4444
 
-CMD /usr/local/bin/start.rb
+CMD /usr/local/bin/start.rb
diff --git a/haproxy.cfg.erb b/haproxy.cfg.erb
@@ -14,7 +14,7 @@ defaults
   timeout server 60s
 
 
-listen stats *:1936
+listen stats *:4444
   mode            http
   log             global
   maxconn 10
diff --git a/newnym.sh b/newnym.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+CONTROLPORT=$1
+
+cat <<'EOF' | nc localhost $CONTROLPORT
+authenticate ""
+signal newnym
+quit
+EOF
diff --git a/start.rb b/start.rb
@@ -83,6 +83,13 @@ def self.which(executable)
 
 
   class Tor < Base
+    attr_reader :port, :control_port
+
+    def initialize(port, control_port)
+        @port = port
+        @control_port = control_port
+    end
+
     def data_directory
       "#{super}/#{port}"
     end
@@ -91,13 +98,28 @@ def start
       super
       self.class.fire_and_forget(executable,
         "--SocksPort #{port}",
-        "--NewCircuitPeriod 120",
+	"--ControlPort #{control_port}",
+        "--NewCircuitPeriod 15",
+	"--MaxCircuitDirtiness 15",
+	"--UseEntryGuards 0",
+	"--UseEntryGuardsAsDirGuards 0",
+	"--CircuitBuildTimeout 5",
+	"--ExitRelay 0",
+	"--RefuseUnknownExits 0",
+	"--ClientOnly 1",
+	"--AllowSingleHopCircuits 1",
         "--DataDirectory #{data_directory}",
         "--PidFile #{pid_file}",
         "--Log \"warn syslog\"",
         '--RunAsDaemon 1',
         "| logger -t 'tor' 2>&1")
     end
+
+    def newnym
+        self.class.fire_and_forget('/usr/local/bin/newnym.sh',
+				   "#{control_port}",
+				   "| logger -t 'newnym'")
+    end
   end
 
   class Polipo < Base
@@ -142,7 +164,7 @@ class Proxy
 
     def initialize(id)
       @id = id
-      @tor = Tor.new(tor_port)
+      @tor = Tor.new(tor_port, tor_control_port)
       @polipo = Polipo.new(polipo_port, tor: tor)
     end
 
@@ -168,17 +190,21 @@ def tor_port
       10000 + id
     end
 
+    def tor_control_port
+      30000 + id
+    end
+
     def polipo_port
       tor_port + 10000
     end
     alias_method :port, :polipo_port
 
     def test_url
-      ENV['test_url'] || 'http://echoip.com'
+      ENV['test_url'] || 'http://icanhazip.com'
     end
 
     def working?
-      Excon.get(test_url, proxy: "http://127.0.0.1:#{port}").status == 200
+      Excon.get(test_url, proxy: "http://127.0.0.1:#{port}", :read_timeout => 10).status == 200
     rescue
       false
     end
@@ -221,7 +247,6 @@ def compile_config
   end
 end
 
-
 haproxy = Service::Haproxy.new
 proxies = []
 
@@ -238,12 +263,18 @@ def compile_config
 sleep 60
 
 loop do
+  $logger.info "resetting circuits"
+  proxies.each do |proxy|
+    $logger.info "reset nym for #{proxy.id} (port #{proxy.port})"
+    proxy.tor.newnym
+  end
+
   $logger.info "testing proxies"
   proxies.each do |proxy|
     $logger.info "testing proxy #{proxy.id} (port #{proxy.port})"
     proxy.restart unless proxy.working?
   end
 
-  $logger.info "sleeping for 1800 seconds"
-  sleep 1800
+  $logger.info "sleeping for 60 seconds"
+  sleep 60
 end
diff --git a/uncachable b/uncachable
@@ -0,0 +1,3 @@
+ipinfo.io
+icanhazip.com
+echoip.com

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+ipinfo.io`
	`2`	`+icanhazip.com`
	`3`	`+echoip.com`