From 4cbf68f2aac40945c8cf52a9f53629963aabc8ad Mon Sep 17 00:00:00 2001
From: Jonathan Cobb <jonathan@kyuss.org>
Date: Thu, 16 Jul 2020 02:01:54 -0400
Subject: [PATCH] mitm memory tuning

---
 .../packer/roles/mitmproxy/files/mitmdump_monitor.sh       | 7 ++++---
 .../resources/packer/roles/mitmproxy/files/run_mitmdump.sh | 4 ++--
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/bubble-server/src/main/resources/packer/roles/mitmproxy/files/mitmdump_monitor.sh b/bubble-server/src/main/resources/packer/roles/mitmproxy/files/mitmdump_monitor.sh
index 5174032a..1b7587d3 100644
--- a/bubble-server/src/main/resources/packer/roles/mitmproxy/files/mitmdump_monitor.sh
+++ b/bubble-server/src/main/resources/packer/roles/mitmproxy/files/mitmdump_monitor.sh
@@ -17,7 +17,7 @@ function log {
 BUBBLE_MITM_MARKER=/home/bubble/.mitmdump_monitor
 ROOT_KEY_MARKER=/usr/share/bubble/mitmdump_monitor
 MITMDUMP_PID_FILE=/home/mitmproxy/mitmdump.pid
-MAX_MITM_PCT_MEM=18
+MIN_PCT_FREE=3
 
 # Start with MITM proxy turned on, or refresh value
 if [[ ! -f ${BUBBLE_MITM_MARKER} ]] ; then
@@ -63,11 +63,12 @@ while : ; do
   # Check process memory usage, restart mitmdump if memory goes above max % allowed
   if [[ -f ${MITMDUMP_PID_FILE} && -s ${MITMDUMP_PID_FILE} ]] ; then
     MITM_PID="$(cat ${MITMDUMP_PID_FILE})"
+    PCT_FREE=$(expr $(free | grep -m 1 Mem: | awk '{print $7"00 / "$2}'))
     PCT_MEM="$(ps q ${MITM_PID} -o %mem --no-headers | tr -d [[:space:]] | cut -f1 -d. | sed 's/[^0-9]*//g')"
     # log "Info: mitmdump pid ${MITM_PID} using ${PCT_MEM}% of memory"
     if [[ ! -z "${PCT_MEM}" ]] ; then
-      if [[ ${PCT_MEM} -ge ${MAX_MITM_PCT_MEM} ]] ; then
-        log "Warn: mitmdump: pid=$(cat ${MITMDUMP_PID_FILE}) memory used > max, restarting: ${PCT_MEM}% >= ${MAX_MITM_PCT_MEM}%"
+      if [[ ${PCT_FREE} -lt ${MIN_PCT_FREE} ]] ; then
+        log "Warn: mitmdump: less than ${MIN_PCT_FREE}% mem available, restarting: mitm used ${PCT_MEM}%, ${PCT_FREE}% free"
         supervisorctl restart mitmdump
       fi
     else
diff --git a/bubble-server/src/main/resources/packer/roles/mitmproxy/files/run_mitmdump.sh b/bubble-server/src/main/resources/packer/roles/mitmproxy/files/run_mitmdump.sh
index 0f4bc1e6..0a3d4f2c 100644
--- a/bubble-server/src/main/resources/packer/roles/mitmproxy/files/run_mitmdump.sh
+++ b/bubble-server/src/main/resources/packer/roles/mitmproxy/files/run_mitmdump.sh
@@ -11,8 +11,8 @@ mitmdump \
   --no-http2 \
   --set block_global=false \
   --set block_private=false \
-  --set termlog_verbosity=debug \
-  --set flow_detail=3 \
+  --set termlog_verbosity=warn \
+  --set flow_detail=0 \
   --set stream_large_bodies=5m \
   --set keep_host_header \
   -s ./dns_spoofing.py \