API tools faq
paste
Guest User

install.sh

a guest
May 2nd, 2021
168
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.68 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2.  
  3. chattr -i /etc/resolv.conf
  4. {
  5.   echo nameserver 127.0.0.1
  6. } > /etc/resolv.conf
  7. chattr +i /etc/resolv.conf
  8.  
  9. {
  10.   echo DNSPort 127.0.0.1:9053
  11.   echo AutomapHostsOnResolve 1
  12.   echo AutomapHostsSuffixes .onion
  13.   echo
  14.   echo TransPort 127.0.0.1:9040
  15.   echo VirtualAddrNetwork 10.192.0.0/10
  16. } > /etc/tor/torrc
  17.  
  18. {
  19.   echo high-priority = yes
  20.   echo nice-level = -10
  21.   echo
  22.   echo realtime-scheduling = yes
  23.   echo realtime-priority = 6
  24.   echo
  25.   echo default-sample-format = float32le
  26.   echo default-sample-rate = 192000
  27.   echo alternate-sample-rate = 192000
  28. } > /etc/pulse/daemon.conf
  29. chmod 0644 /etc/pulse/daemon.conf
  30. chown root:root /etc/pulse/daemon.conf
  31.  
  32. chattr -i /etc/hosts.allow
  33. {
  34.   echo
  35. } > /etc/hosts.allow
  36. chattr +i /etc/hosts.allow
  37.  
  38. chattr -i /etc/hosts.deny
  39. {
  40.   echo ALL:ALL
  41. } > /etc/hosts.deny
  42. chattr +i /etc/hosts.deny
  43.  
  44. {
  45.   echo 127.0.0.1  localhost
  46.   echo 127.0.1.1  d
  47. } > /etc/hosts
  48.  
  49. {
  50.   echo \#!/bin/sh
  51.   echo
  52.   echo iptables -F
  53.   echo iptables -P INPUT DROP\; iptables -P FORWARD DROP\; iptables -P OUTPUT DROP
  54.   echo
  55.   echo iptables -A INPUT -m state --state INVALID -j DROP
  56.   echo iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
  57.   echo iptables -A INPUT -i lo -j ACCEPT
  58.   echo iptables -A INPUT -j DROP
  59.   echo
  60.   echo iptables -A FORWARD -j DROP
  61.   echo
  62.   echo iptables -A OUTPUT -m state --state INVALID -j DROP
  63.   echo iptables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
  64.   echo
  65.   echo iptables -A OUTPUT -p udp -d 127.0.0.1 --dport 9053 -j ACCEPT
  66.   echo iptables -A OUTPUT -o lo -j ACCEPT
  67.   echo
  68.   echo iptables -A OUTPUT -p tcp --dport 443 --syn -m state --state NEW -j ACCEPT
  69.   echo iptables -A OUTPUT -j DROP
  70.   echo
  71.   echo iptables -t nat -F
  72.   echo iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination='127.0.0.1:9053'
  73.   echo
  74.   echo ip6tables -F
  75.   echo ip6tables -P INPUT DROP\; ip6tables -P FORWARD DROP\; ip6tables -P OUTPUT DROP
  76.   echo
  77.   echo ip6tables -A INPUT -j DROP
  78.   echo
  79.   echo ip6tables -A FORWARD -j DROP
  80.   echo
  81.   echo ip6tables -A OUTPUT -j DROP
  82.   echo
  83.   echo sysctl -w net.ipv6.conf.all.disable_ipv6=1
  84.   echo sysctl -w net.ipv6.conf.default.disable_ipv6=1
  85. } > /etc/network/if-pre-up.d/firewall
  86. chmod 0755 /etc/network/if-pre-up.d/firewall
  87. chown root:root /etc/network/if-pre-up.d/firewall
  88.  
  89. {
  90.   echo deb http://deb.debian.org/debian/ buster-backports main
  91.   echo deb-src http://deb.debian.org/debian/ buster-backports main
  92. } > /etc/apt/sources.list.d/backports.list
  93.  
  94. echo apt update
  95. echo apt install -t buster-backports mpv tor
  96. echo apt install k3b htop xfburn neovim liferea gparted engrampa fcitx-mozc fonts-ipafont arc-theme papirus-icon-theme breeze-cursor-theme firefox-esr-l10n-ja
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!