[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Arm Release 1.4.0

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Arm Release 1.4.0
From: Damian Johnson <atagar1@xxxxxxxxx>
Date: Fri, 10 Dec 2010 10:32:08 -0800
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Fri, 10 Dec 2010 13:32:17 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=uZ75QqZ/eG1TLspMAOARbSw6GH5taj6ZNO3AuUfezlA=; b=N+14qBCGqmg9dqFux2n2EahMkfB/SS4tnGmq3zk56nzRm4WME5f0PpXrKMoo+GSNjq uMCVNROWTF7zzPxogINw31B41osSgL5ihl49+F6JOuTkmXc2oVTdvCP6N/VbxVUuz89F 1kaMmNtSzKQYi1CtSDoTDWCBQvl+x7yy0zFrc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=k5aMTU0mzkGHZQ3X0vjX4PDCpyybZsrJ7EsDbys8oTgq/aTiD6dz3hvmTA6mSD4vHw fOwFFw2txuwZPdN4tpsl0ksYm+rIFiecViye+yUg6ioQxQ/BkhE7gt12L0e31JWnbzAw 7mA08uQrV7jd49eGmMyEHEyFe23D0GSlas0R4=
In-reply-to: <20101210153245.5450d679@xxxxxxxxxx>
References: <AANLkTimMSOv-_DpNuU65XLqsVBgo0G+owYSzrDqzB5nM@xxxxxxxxxxxxxx> <Pine.NEB.4.64.1012020605411.24297@xxxxxxxxxxxxxxxxxxx> <AANLkTi=4yDCFM0XpiQgDL-uhPsODuk=9hu2PR=0Mfxwm@xxxxxxxxxxxxxx> <20101203203446.4154ad23@xxxxxxxxxx> <20101203210511.GA20728@tabulara> <Pine.NEB.4.64.1012032132550.24297@xxxxxxxxxxxxxxxxxxx> <20101203220452.GA24593@tabulara> <Pine.NEB.4.64.1012032221500.24297@xxxxxxxxxxxxxxxxxxx> <AANLkTinkt42cABUekNncb18Fn+qR=AdnswmyC5DaJrBv@xxxxxxxxxxxxxx> <20101205130216.61664526@xxxxxxxxxx> <20101205135401.GA3515@tabulara> <20101205160007.488f310c@xxxxxxxxxx> <AANLkTimY74fOkkQPRvdA6FJpV3G-2U+puOh8rU=BAm6Q@xxxxxxxxxxxxxx> <20101210153245.5450d679@xxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Fantastic - thanks Fabian! The patch looks perfect. I'll apply it
either after work today or tomorrow morning.

> but I think the same should be done with connections on the SocksPort

Yup, sounds like a bug. Until recently arm had just been for relay
usage so I probably missed this when writing the connection panel.
I'll change it when applying the patch.

> The connection doesn't leave the system because its a socks
> connection with both the source and the destination address
> located on the same system.

Makes sense. So if both the source and destination are private IPs
(10.*, 172.16.* - 172.31.*, 192.168.*) then skip the private ->
external translation for the display, right?

I'm still trying to get my head around the rest of this bit. From an
UI perspective doing location1 -> location2 -> location3 entries will
be pretty difficult. Also, I've never run into this use case so I'm
not quite sure what you're describing. Oh well, maybe things will be
clearer after a bit more coffee.

> Maybe it should be mentioning in the log message when the torrc
> can't be found?

Good point. I'll change that too.

> I missed procstat, though.

Actually, neither of the BSD resolvers were added (that was the Linux
sockstat entry). I'll add them both.


The psutil library [1] uses lsof as its default connection resolver
for FreeBSD so I'd like to get a working fallback for it. However,
from Hans' feedback earlier it sounds like there's issues with jails
so I'll use it as a last resort.

The command I'm now using for Linux is:
lsof -nPi -p <pid> | grep "<process>.*(ESTABLISHED)"

However, like sockstat it probably omits the ESTABLISHED tags from
results. If so, this will need a workaround. On Linux the following
looks right:
lsof -nPi -sTCP:ESTABLISHED -p <pid> | grep "<process>" | grep TCP

Does this to the trick? For some reason there was a UDP connection
included despite the -sTCP part, hence the extra grep. The lsof man
warns that "State  names  vary with UNIX dialects" so it might expect
a different keyword.

If there aren't any concerns between the resolvers then we should
default to whatever performs the best. When you run at the debug level
(arm -e 1) it provides the runtime for system calls (sockstat,
procstat, lsof, etc) so they should be easy to compare.

Cheers! -Damian

[1] https://code.google.com/p/psutil/
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Follow-Ups:
- Re: Arm Release 1.4.0
  - From: Fabian Keil

References:
- Re: Arm Release 1.4.0
  - From: Damian Johnson
- Re: Arm Release 1.4.0
  - From: John Case
- Re: Arm Release 1.4.0
  - From: Damian Johnson
- Re: Arm Release 1.4.0
  - From: Fabian Keil
- Re: Arm Release 1.4.0
  - From: Hans Schnehl
- Re: Arm Release 1.4.0
  - From: John Case
- Re: Arm Release 1.4.0
  - From: Hans Schnehl
- Re: Arm Release 1.4.0
  - From: John Case
- Re: Arm Release 1.4.0
  - From: Damian Johnson
- Re: Arm Release 1.4.0
  - From: Fabian Keil
- Re: Arm Release 1.4.0
  - From: Hans Schnehl
- Re: Arm Release 1.4.0
  - From: Fabian Keil
- Re: Arm Release 1.4.0
  - From: Damian Johnson
- Re: Arm Release 1.4.0
  - From: Fabian Keil

Prev by Author: Re: Arm Release 1.4.0
Next by Author: Re: Arm Release 1.4.0
Previous by thread: Re: Arm Release 1.4.0
Next by thread: Re: Arm Release 1.4.0
Index(es):
- Author
- Thread