Guest User

install.sh

a guest
Apr 30th, 2021
75
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2.  
  3. apt install tor mpv k3b htop xfburn neovim gparted fcitx-mozc fonts-ipafont
  4.  
  5. {
  6.   echo high-priority = yes
  7.   echo nice-level = -10
  8.   echo
  9.   echo realtime-scheduling = yes
  10.   echo realtime-priority = 6
  11.   echo
  12.   echo default-sample-format = float32le
  13.   echo default-sample-rate = 192000
  14.   echo alternate-sample-rate = 192000
  15. } > /etc/pulse/daemon.conf
  16. chmod 0644 /etc/pulse/daemon.conf
  17. chown root:root /etc/pulse/daemon.conf
  18.  
  19. chattr -i /etc/hosts.allow
  20. {
  21.   echo
  22. } > /etc/hosts.allow
  23. chattr +i /etc/hosts.allow
  24.  
  25. chattr -i /etc/hosts.deny
  26. {
  27.   echo ALL:ALL
  28. } > /etc/hosts.deny
  29. chattr +i /etc/hosts.deny
  30.  
  31. chattr -i /etc/resolv.conf
  32. {
  33.   echo nameserver 1.1.1.1
  34. } > /etc/resolv.conf
  35. chattr +i /etc/resolv.conf
  36.  
  37. {
  38.   echo \#!/bin/sh
  39.   echo
  40.   echo iptables -F
  41.   echo iptables -P INPUT DROP\; iptables -P FORWARD DROP\; iptables -P OUTPUT DROP
  42.   echo
  43.   echo iptables -A INPUT -m state --state INVALID -j DROP
  44.   echo iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
  45.   echo iptables -A INPUT -i lo -j ACCEPT
  46.   echo iptables -A INPUT -j DROP
  47.   echo
  48.   echo iptables -A FORWARD -j DROP
  49.   echo
  50.   echo iptables -A OUTPUT -m state --state INVALID -j DROP
  51.   echo iptables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
  52.   echo
  53.   echo iptables -A OUTPUT -p udp -d 1.1.1.1 --dport 53 -j ACCEPT
  54.   echo
  55.   echo iptables -A OUTPUT -p tcp --syn -m owner --uid-owner debian-tor -m state --state NEW -j ACCEPT
  56.   echo iptables -A OUTPUT -o lo -j ACCEPT
  57.   echo
  58.   echo iptables -A OUTPUT -p tcp --syn --dport 443 -j ACCEPT
  59.   echo iptables -A OUTPUT -p tcp --syn --dport 80 -j ACCEPT
  60.   echo iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
  61.   echo
  62.   echo iptables -A OUTPUT -j DROP
  63. } > /etc/network/if-pre-up.d/firewall
  64. chmod 0755 /etc/network/if-pre-up.d/firewall
  65. chown root:root /etc/network/if-pre-up.d/firewall
RAW Paste Data