Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # The Unlicense
- # firewall.sh version 0.14.1
- # https://en.wikipedia.org/wiki/IPv4
- [ $EUID != 0 ] && echo run as root ! && exit
- PATH='usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
- SPUA='255.255.255.255/32 240.0.0.0/4 233.252.0.0/24 224.0.0.0/4 203.0.113.0/24 198.51.100.0/24 198.18.0.0/15 192.168.0.0/16 192.88.99.0/24 192.0.2.0/24 192.0.0.0/24 172.16.0.0/12 169.254.0.0/16 127.0.0.0/8 100.64.0.0/10 10.0.0.0/8 0.0.0.0/8'
- stop() {
- iptables -t nat -F
- }
- start() {
- iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-port 9053
- iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 --syn -j REDIRECT --to-port 9040
- iptables -t nat -A OUTPUT -m owner --uid-owner debian-tor -j RETURN
- iptables -t nat -A OUTPUT -o lo -j RETURN
- for spua in $SPUA; do
- iptables -t nat -A OUTPUT -d $spua -j RETURN
- done
- iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-port 9040
- iptables -t nat -nvL
- {
- echo DNSPort 9053
- echo AutomapHostsOnResolve 1
- echo AutomapHostsSuffixes .onion
- echo
- echo TransPort 9040
- echo VirtualAddrNetwork 10.192.0.0/10
- } > /etc/tor/torrc && /etc/init.d/tor restart
- }
- [ "$1" == "stop" ] && stop; [ "$1" == "start" ] && start; [ "$1" == "help" ] && echo $0 stop && echo $0 start
Add Comment
Please, Sign In to add comment
