ss-tor.sh v0.2

1. #! /bin/bash
2. # Author twfcc@twitter
3. # $PROG: ss-tor.sh
4. # discriotion: intall shadowsocks + TOR for anonymity surfing
5. # Public domain use as your own risk!
6. # target on debian7/8 , ubuntu 1404/1504 , openvz vps [nat|standard]
7. msg1="$0 {-n|-s}"
8. msg2="-n install ss+tor on ovz nat ipv4 share vps"
9. msg3="-s install ss+tor on ovz standard vps"
10.  
11. [ $UID -ne 0 ] && {
12.     echo "Execute this script must be root." >&2 ;
13.     exit 1 ;
14. }
15.  
16. case "$1" in
17.     -n) flag=0 ;;
18.     -s) flag=1 ;;
19.      *) echo "$msg1" >&2 ;
20.         echo "$msg2" >&2 ;
21.         echo "$msg3" >&2 ;
22.         exit 1
23.         ;;
24. esac
25.  
26. if [ $flag -eq 0 ]
27.     then
28.          internal_ip=$(ifconfig venet0:0 \
29.          | awk -F: '$2 ~ /[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/{print $2}' \
30.          | cut -d" " -f1)
31.          port=$(echo -e ${internal_ip##*.})01
32. else
33.          pick=($(for i in {19800..19899} ;do echo $i ;done))
34.          count=${#pick[@]}
35.          port=${pick[$((RANDOM%count-1))]}
36. fi
37.  
38. myip=$(wget -qO - v4.ifconfig.co)
39. source_list="/etc/apt/sources.list"
40. os_version=$(lsb_release -c | awk '{print $2}')
41. if [[ $os_version =~ jessie ]] || \
42.    [[ $os_version =~ wheezy ]] || \
43.    [[ $os_version =~ [Vv]ivid ]] || \
44.    [[ $os_version =~ trusty ]] ; then
45.     :
46. else
47.     echo "Sorry,work on debian base os only." >&2
48.     exit 1
49. fi
50.  
51. case "$os_version" in
52.     trusty) echo "deb http://deb.torproject.org/torproject.org trusty main" \
53.             >> "$source_list" ;
54.             echo "deb-src http://deb.torproject.org/torproject.org trusty main" \
55.             >> "$source_list" ;
56.             gpg --keyserver keys.gnupg.net --recv 886DDD89 ;
57.             gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add - ;
58.             ;;
59.     wheezy) echo "deb http://ftp.debian.org/debian wheezy-backports main" \
60.             >> "$source_list"
61.             ;;
62.     jessie) echo "deb http://ftp.debian.org/debian jessie-backports main" \
63.             >> "$source_list"
64.             ;;
65.          *) :
66.             ;;
67. esac
68.  
69. apt-get update && apt-get upgrade -y
70. apt-get install python -y
71. apt-get install git build-essential autoconf libtool libssl-dev \
72.     gawk debhelper dh-systemd init-system-helpers pkg-config -y
73. pw=$(head -c 512 /dev/urandom | md5sum | base64 | cut -c4-19)
74.  
75. git clone https://github.com/shadowsocks/shadowsocks-libev.git
76. rt_status=$?
77. if [ $rt_status -ne 0 ]
78.     then
79.         echo "Fail to clone shadowsocks" >&2
80.         exit $rt_status
81. fi
82.  
83. unset rt_status
84.  
85. git clone https://github.com/ruped24/toriptables2.git
86. rt_status=$?
87. if [ $rt_status -ne 0 ]
88.     then
89.         echo "Fail to clone toriptables2" >&2
90.         exit $rt_status
91. fi
92.  
93. if [ "$os_version" = "trusty" ]
94.     then
95.         apt-get install tor deb.torproject.org-keyring -y
96.     else
97.         apt-get install tor -y
98. fi
99.  
100. tor_config="/etc/tor/torrc"
101. if [ -e "$tor_config" ]
102.     then
103.         echo "ClientOnly 0" >> "$tor_config"
104.         echo "StrictNodes 1" >> "$tor_config"
105.         echo "ExcludeNodes {hk},{cn},{mo},{ru}" >> "$tor_config"
106.         echo "ExitNodes {us},{jp},{sg},{kp},{gb},{nz},{au},{tw}" >> "$tor_config"
107. else
108.     echo "$tor_config not found." >&2
109.     exit 1
110. fi
111.  
112. [ -d shadowsocks-libev ] && {
113.     cd shadowsocks-libev ;
114.     dpkg-buildpackage -us -uc -i ; wait ;
115.     cd .. ;
116.     dpkg -i shadowsocks-libev*.deb ;
117. }
118.  
119. ss_config="/etc/shadowsocks-libev/config.json"
120. if [ $flag -eq 0 ]
121.     then
122.         echo "{" > "$ss_config"
123.         echo -e "\t\"server\":\"${internal_ip}\"," >> "$ss_config"
124.         echo -e "\t\"server_port\":${port},"  >> "$ss_config"
125.         echo -e "\t\"local_port\":1080," >> "$ss_config"
126.         echo -e "\t\"password\":\"${pw}\"," >> "$ss_config"
127.         echo -e "\t\"timeout\":300," >> "$ss_config"
128.         echo -e "\t\"method\":\"chacha20\"" >> "$ss_config"
129.         echo "}" >> "$ss_config"
130.     else
131.         echo "{" > "$ss_config"
132.         echo -e "\t\"server\":\"0.0.0.0\"," >> "$ss_config"
133.         echo -e "\t\"server_port\":${port},"  >> "$ss_config"
134.         echo -e "\t\"local_port\":1080," >> "$ss_config"
135.         echo -e "\t\"password\":\"${pw}\"," >> "$ss_config"
136.         echo -e "\t\"timeout\":300," >> "$ss_config"
137.         echo -e "\t\"method\":\"chacha20\"" >> "$ss_config"
138.         echo "}" >> "$ss_config"
139. fi
140.  
141. /etc/init.d/shadowsocks-libev restart ; wait
142.  
143. if [ $flag -eq 0 ]
144.     then
145.         netstat -nlp | grep -q "${internal_ip}:${port}"
146.         [ $? -eq 0 ] && echo "Shadowsocks server is running." || \
147.         {
148.             echo "Fail to install shadowsocks." >&2 ;
149.             exit 1 ;
150.         }
151.     else
152.         netstat -nlp | grep -q "0.0.0.0:${port}"
153.         [ $? -eq 0 ] && echo "Shadowsocks server is running." || \
154.         {
155.             echo "Fail to install shadowsocks." >&2 ;
156.             exit 1 ;
157.         }
158. fi
159.  
160. [ -d toriptables2 ] && {
161.     cd toriptables2
162.     chmod +x toriptables2.py
163.     ./toriptables2.py -l
164. }
165. echo ""
166. echo "Now all incoming traffic is redirected to TOR."
167. echo "To stop redirecting traffic to TOR,"
168. echo "goto toriptables2 directory by input: ./toriptables2.py -f"
169. echo "To start redirecting traffic by input: ./toriptables2.py -l"
170. echo ""
171. echo "Shadowsocks client infomation as below."
172. echo ""
173. echo -e "Public IP:\t${myip}"
174. echo -e "Port:\t\t${port}"
175. echo -e "Password:\t${pw}"
176. echo -e "Method:\t\tchacha20"
177. echo ""
178. echo "Enjoy."
179. exit 0