Hi, I've uploaded a new tarball to: http://www.atagar.com/transfer/tmp/arm_bsdTest3.tar.bz2 http://www.atagar.com/transfer/tmp/arm_bsdTest3.tar.bz2.asc
Besides a modified version of Febian's patch to autodetect FreeBSD jails it most notably includes... - A replacement for the connection test function (which was a pita in my humble opinion). The new script [1] provides the resolver runtimes, a check if all the resolvers match, and a better method of dumping the connection results. If you modify the bsd resolvers then this should provide a nice sanity check that it's working as expected. - I forgot to account for the dns resolution exits do on behalf of the clients. The resolvers need to include UDP connections so, on *nix, they're now: - netstat -np | grep "ESTABLISHED <pid>/<process>" - sockstat | egrep "<process>\s*<pid>.*ESTABLISHED" - lsof -nPi | egrep "^<process>\s*<pid>.*((UDP.*)|(\(ESTABLISHED\)))" - ss -nptu | grep "ESTAB.*\"<process>\",<pid>" I'm guessing, for the FreeBSD resolvers, that sockstats already works and procstat just needs the 'grep TCP' to be removed (or maybe replaced with 'egrep "(TCP|UDP)"'). Is that right? > The connection doesn't leave the system because its a socks > connection with both the source and the destination address > located on the same system. Hm. Sounds like basic client connections (ie, things like firefox connecting to tor via the SocksPort). However, I tried running TBB and arm didn't list any of those connections. This is what I'd expect since the connection resolution is only fetching tor connections. Am I missing something here? Regardless, I made a couple changes to address issues that have been brought up (socks connections and listing external addresses for private ip range connections - see lines 332-334 and 363-364 in src/interface/connPanel.py [2]). But without a working repro case I can't promises that this'll do the trick. > With ^ added to the pattern it seems to work Great, it's happy with that on Linux as well so I'm now using: lsof -nPi | egrep "^<process>\s*<pid>.*((UDP.*)|(\(ESTABLISHED\)))" and including it among FreeBSD resolvers as the last fallback. > lsof also seems to be rather slow (on FreeBSD): Yikes, that's quite the difference. It's pretty bad on Linux too (ss is worse, but netstat and sockstat tend to run around 20% faster). > I intend to look into creating a FreeBSD port around Christmas. Awesome, thank you! Cheers! -Damian [1] https://svn.torproject.org/svn/arm/trunk/src/test.py [2] https://svn.torproject.org/svn/arm/trunk/src/interface/connPanel.py *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/