Tor hotspot

This commit is contained in:
Bob Mottram 2014-12-27 16:29:28 +00:00
parent 25a282c1bd
commit ff53f9010c
1 changed files with 31 additions and 36 deletions

View File

@ -340,8 +340,8 @@ WIFI_IP_RANGE_END="192.168.4.20"
# Broadcast address for wifi hotspot # Broadcast address for wifi hotspot
WIFI_BROADCAST_ADDRESS="192.168.4.255" WIFI_BROADCAST_ADDRESS="192.168.4.255"
# Comma separated list of DNS servers for wifi hotspot # space separated list of DNS servers for wifi hotspot
WIFI_DNS_SERVERS="213.73.91.35, 85.214.20.141" WIFI_DNS_SERVERS="213.73.91.35 85.214.20.141"
# message if something fails to install # message if something fails to install
CHECK_MESSAGE="Check your internet connection, /etc/network/interfaces and /etc/resolv.conf, then delete $COMPLETION_FILE, run 'rm -fR /var/lib/apt/lists/* && apt-get update --fix-missing' and run this script again. If hash sum mismatches persist then try setting $DEBIAN_REPO to a different mirror and also change /etc/apt/sources.list." CHECK_MESSAGE="Check your internet connection, /etc/network/interfaces and /etc/resolv.conf, then delete $COMPLETION_FILE, run 'rm -fR /var/lib/apt/lists/* && apt-get update --fix-missing' and run this script again. If hash sum mismatches persist then try setting $DEBIAN_REPO to a different mirror and also change /etc/apt/sources.list."
@ -590,7 +590,7 @@ function install_not_on_BBB {
echo " address $LOCAL_NETWORK_STATIC_IP_ADDRESS" >> /etc/network/interfaces echo " address $LOCAL_NETWORK_STATIC_IP_ADDRESS" >> /etc/network/interfaces
echo ' netmask 255.255.255.0' >> /etc/network/interfaces echo ' netmask 255.255.255.0' >> /etc/network/interfaces
echo " gateway $ROUTER_IP_ADDRESS" >> /etc/network/interfaces echo " gateway $ROUTER_IP_ADDRESS" >> /etc/network/interfaces
echo ' dns-nameservers 213.73.91.35 85.214.20.141' >> /etc/network/interfaces echo " dns-nameservers $WIFI_DNS_SERVERS" >> /etc/network/interfaces
echo '# Example to keep MAC address between reboots' >> /etc/network/interfaces echo '# Example to keep MAC address between reboots' >> /etc/network/interfaces
echo '#hwaddress ether DE:AD:BE:EF:CA:FE' >> /etc/network/interfaces echo '#hwaddress ether DE:AD:BE:EF:CA:FE' >> /etc/network/interfaces
echo '' >> /etc/network/interfaces echo '' >> /etc/network/interfaces
@ -6982,7 +6982,7 @@ function route_outgoing_traffic_through_tor {
### set variables ### set variables
# Destinations you don't want routed through Tor # Destinations you don't want routed through Tor
_non_tor="192.168.1.0/24 192.168.0.0/24" _non_tor="192.168.4.0/24 192.168.1.0/24 192.168.0.0/24"
# The user that Tor runs as # The user that Tor runs as
_tor_uid="debian-tor" _tor_uid="debian-tor"
@ -6993,6 +6993,19 @@ function route_outgoing_traffic_through_tor {
# Your internal interface # Your internal interface
_int_if="eth0" _int_if="eth0"
# Ensure that redirects are possible
sed -i "s/net.ipv4.conf.all.accept_redirects = 0/net.ipv4.conf.all.accept_redirects = 1/g" /etc/sysctl.conf
sed -i "s/net.ipv4.conf.all.send_redirects = 0/net.ipv4.conf.all.send_redirects = 1/g" /etc/sysctl.conf
sed -i "s/net.ipv4.conf.all.accept_source_route = 0/net.ipv4.conf.all.accept_source_route = 1/g" /etc/sysctl.conf
sed -i "s/net.ipv4.conf.default.rp_filter=1/#net.ipv4.conf.default.rp_filter=1/g" /etc/sysctl.conf
sed -i "s/net.ipv4.conf.all.rp_filter=1/#net.ipv4.conf.all.rp_filter=1/g" /etc/sysctl.conf
#sed -i 's/net.ipv4.icmp_echo_ignore_all = 1/net.ipv4.icmp_echo_ignore_all = 0/g' /etc/sysctl.conf
#iptables --flush
#iptables --table nat --flush
#iptables --delete-chain
#iptables --table nat --delete-chain
### Set iptables *nat ### Set iptables *nat
iptables -t nat -A OUTPUT -o lo -j RETURN iptables -t nat -A OUTPUT -o lo -j RETURN
iptables -t nat -A OUTPUT -m owner --uid-owner $_tor_uid -j RETURN iptables -t nat -A OUTPUT -m owner --uid-owner $_tor_uid -j RETURN
@ -7065,6 +7078,14 @@ function route_outgoing_traffic_through_tor {
fi fi
echo 'route_outgoing_traffic_through_tor' >> $COMPLETION_FILE echo 'route_outgoing_traffic_through_tor' >> $COMPLETION_FILE
if [[ $ENABLE_WIFI_HOTSPOT == "yes" ]]; then
echo ''
echo ' *** Freedombone Tor Wifi access point installation is complete. Rebooting... ***'
echo ''
cat /home/$MY_USERNAME/README
reboot
fi
} }
# A command to create a git repository for a project # A command to create a git repository for a project
@ -7237,27 +7258,6 @@ function enable_wifi_hotspot {
echo " dns-nameservers $ROUTER_IP_ADDRESS" >> /etc/network/interfaces echo " dns-nameservers $ROUTER_IP_ADDRESS" >> /etc/network/interfaces
fi fi
#sed -i 's/#net.ipv4.ip_forward/net.ipv4.ip_forward/g' /etc/sysctl.conf
#sed -i 's/net.ipv4.ip_forward=.*/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
#echo 1 > /proc/sys/net/ipv4/ip_forward
#sed -i "s/net.ipv4.conf.all.accept_redirects = 0/net.ipv4.conf.all.accept_redirects = 1/g" /etc/sysctl.conf
#sed -i "s/net.ipv4.conf.all.send_redirects = 0/net.ipv4.conf.all.send_redirects = 1/g" /etc/sysctl.conf
#sed -i "s/net.ipv4.conf.all.accept_source_route = 0/net.ipv4.conf.all.accept_source_route = 1/g" /etc/sysctl.conf
#sed -i "s/net.ipv4.conf.default.rp_filter=1/#net.ipv4.conf.default.rp_filter=1/g" /etc/sysctl.conf
#sed -i "s/net.ipv4.conf.all.rp_filter=1/#net.ipv4.conf.all.rp_filter=1/g" /etc/sysctl.conf
#sed -i "s/net.ipv4.ip_forward=0/#net.ipv4.ip_forward=1/g" /etc/sysctl.conf
#sed -i 's/net.ipv4.icmp_echo_ignore_all = 1/net.ipv4.icmp_echo_ignore_all = 0/g' /etc/sysctl.conf
#iptables --flush
#iptables --table nat --flush
#iptables --delete-chain
#iptables --table nat --delete-chain
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#iptables -A FORWARD -i eth0 -o $WIFI_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
#iptables -A FORWARD -i $WIFI_INTERFACE -o eth0 -j ACCEPT
#save_firewall_settings
sed -i 's/option domain-name "example.org";/#option domain-name "example.org";/g' /etc/dhcp/dhcpd.conf sed -i 's/option domain-name "example.org";/#option domain-name "example.org";/g' /etc/dhcp/dhcpd.conf
sed -i 's/option domain-name-servers ns1.example.org, ns2.example.org;/#option domain-name-servers ns1.example.org, ns2.example.org;/g' /etc/dhcp/dhcpd.conf sed -i 's/option domain-name-servers ns1.example.org, ns2.example.org;/#option domain-name-servers ns1.example.org, ns2.example.org;/g' /etc/dhcp/dhcpd.conf
sed -i 's/#authoritative;/authoritative;/g' /etc/dhcp/dhcpd.conf sed -i 's/#authoritative;/authoritative;/g' /etc/dhcp/dhcpd.conf
@ -7276,11 +7276,6 @@ function enable_wifi_hotspot {
sed -i "s/INTERFACES=.*/INTERFACES='$WIFI_INTERFACE'/g" /etc/default/isc-dhcp-server sed -i "s/INTERFACES=.*/INTERFACES='$WIFI_INTERFACE'/g" /etc/default/isc-dhcp-server
service networking restart
service hostapd restart
systemctl daemon-reload
service isc-dhcp-server restart
# Add details to the README file # Add details to the README file
if ! grep -q "Wifi Hotspot" /home/$MY_USERNAME/README; then if ! grep -q "Wifi Hotspot" /home/$MY_USERNAME/README; then
echo '' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README
@ -7338,12 +7333,6 @@ function enable_wifi {
sed -i "s/wifipassword/$WIFI_PASSWORD/g" /etc/network/interfaces sed -i "s/wifipassword/$WIFI_PASSWORD/g" /etc/network/interfaces
fi fi
service networking restart
if [ ! "$?" = "0" ]; then
echo 'Unable to restart networking'
exit 855
fi
# Add details to the README file # Add details to the README file
if [[ ENABLE_WIFI != "yes" ]]; then if [[ ENABLE_WIFI != "yes" ]]; then
if ! grep -q "Wifi Settings" /home/$MY_USERNAME/README; then if ! grep -q "Wifi Settings" /home/$MY_USERNAME/README; then
@ -7361,6 +7350,12 @@ function enable_wifi {
fi fi
fi fi
service networking restart
if [ ! "$?" = "0" ]; then
echo 'Unable to restart networking'
exit 855
fi
echo 'enable_wifi' >> $COMPLETION_FILE echo 'enable_wifi' >> $COMPLETION_FILE
} }