Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- if [ "$(id -u)" -ne 0 ]; then
- echo "[!] This script must run as root" >&2
- exit 1
- fi
- /bin/echo "RaspTor - configure your Raspberry Pi into a TOR proxy."
- /bin/echo "This script will auto-setup a Tor proxy for you. It is recommend that you
- run this script on a fresh installation of Raspbian."
- read -p "Press [Enter] key to begin.." pause
- DEFAULT_IP_ADDRESS="192.168.42.1"
- DEFAULT_IP_ADDRESS="vpn_ap_rpi"
- DEFAULT_WPA2="raspberry_pi_vpn"
- DEFAULT_CHANNEL="6"
- ETHERNET="enxb827eb9ae5d5"
- WIFI="wlxbcf685007b86"
- VPN="tun0"
- # read -p "Enter the IP Address you wish to assign to your RaspTor <${IP_ADDRESS}> :" IP_ADDRESS
- read -p "Enter your desired WLAN SSID [${DEFAULT_SSID}] :" SSID
- read -p "Enter your desired WPA2 key [${DEFAULT_WPA2}] :" WPA2
- read -p "Enter your desired WLAN radio channel [${DEFAULT_CHANNEL}] :" CHANNEL
- # Set up default variables
- IP_ADDRESS=$DEFAULT_IP_ADDRESS
- SSID="${SSID:-$DEFAULT_SSID}"
- WPA2="${WPA2:-$DEFAULT_WPA2}"
- CHANNEL="${CHANNEL:-$DEFAULT_CHANNEL}"
- # DHCP
- /bin/echo "Configuring DHCP.."
- cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.sample
- /bin/cat /dev/null > /etc/dhcp/dhcpd.conf
- /bin/cat <<dhcp_configuration >> /etc/dhcp/dhcpd.conf
- ddns-update-style none;
- authoritative;
- log-facility local7;
- subnet 192.168.42.0 netmask 255.255.255.0 {
- range 192.168.42.10 192.168.42.50;
- option broadcast-address 192.168.42.255;
- option routers 192.168.42.1;
- default-lease-time 600;
- max-lease-time 2592000;
- option domain-name "local";
- option domain-name-servers 1.1.1.1, 1.0.0.1;
- }
- dhcp_configuration
- cp /etc/default/isc-dhcp-server /etc/default/isc-dhcp-server.sample
- /bin/cat /dev/null > /etc/default/isc-dhcp-server
- /bin/cat <<isc_dhcp_configuration >> /etc/default/isc-dhcp-server
- INTERFACES="${WIFI}"
- isc_dhcp_configuration
- /bin/echo "Configuring Interfaces.."
- cp /etc/network/interfaces /etc/network/interfaces.sample
- /bin/cat /dev/null > /etc/network/interfaces
- /bin/cat <<interfaces_configuration >> /etc/network/interfaces
- auto lo
- iface lo inet loopback
- iface eth0 inet dhcp
- allow-hotplug ${WIFI}
- iface ${WIFI} inet static
- address ${IP_ADDRESS}
- netmask 255.255.255.0
- up iptables-restore < /etc/iptables.ipv4.nat
- interfaces_configuration
- sudo ifconfig ${WIFI} $IP_ADDRESS
- /bin/echo "Configuring hostapd.."
- touch /etc/hostapd/hostapd.conf
- cp /etc/hostapd/hostapd.conf /etc/hostapd/hostapd.conf.sample
- /bin/cat /dev/null > /etc/hostapd/hostapd.conf
- /bin/cat <<hostapd_configuration >> /etc/hostapd/hostapd.conf
- interface=${WIFI}
- driver=nl80211
- ssid=${SSID}
- hw_mode=g
- channel=${CHANNEL}
- macaddr_acl=0
- auth_algs=1
- ignore_broadcast_ssid=0
- wpa=2
- wpa_passphrase=${WPA2}
- wpa_key_mgmt=WPA-PSK
- wpa_pairwise=TKIP
- rsn_pairwise=CCMP
- hostapd_configuration
- cp /etc/default/hostapd /etc/default/hostapd.sample
- /bin/cat /dev/null > /etc/default/hostapd
- /bin/cat <<hostapd_default >> /etc/default/hostapd
- DAEMON_CONF="/etc/hostapd/hostapd.conf"
- hostapd_default
- /bin/echo "Configuring NAT and Routing.."
- cp /etc/sysctl.conf /etc/sysctl.conf.sample
- /bin/cat /dev/null > /etc/sysctl.conf
- /bin/cat <<sysctl_configuration >> /etc/sysctl.conf
- vm.swappiness=1
- vm.min_free_kbytes = 8192
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.accept_redirects = 0
- sysctl_configuration
- /bin/echo "Set up routing tables.."
- iptables -P INPUT ACCEPT
- iptables -P FORWARD ACCEPT
- iptables -P OUTPUT ACCEPT
- iptables -F
- iptables -X
- iptables -t nat -F
- iptables -t nat -X
- iptables -t mangle -F
- iptables -t mangle -X
- iptables -t raw -F
- iptables -t raw -X
- sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
- iptables -t nat -A POSTROUTING -o ${VPN} -j MASQUERADE
- iptables -A FORWARD -o ${WIFI} -m state --state RELATED,ESTABLISHED -j ACCEPT
- iptables -A FORWARD -i ${WIFI} -o ${VPN} -j ACCEPT
- iptables -A FORWARD -s 192.168.42.0/24 -i ${WIFI} -o ${ETHERNET} -m conntrack --ctstate NEW -j REJECT
- iptables -A FORWARD -s 192.168.42.0/24 -i ${WIFI} -o ${VPN} -m conntrack --ctstate NEW -j ACCEPT
- sh -c "iptables-save > /etc/iptables.ipv4.nat"
- /bin/echo "Registering daemons as a service.."
- sudo service hostapd start
- sudo service isc-dhcp-server start
- sudo update-rc.d hostapd enable
- sudo update-rc.d isc-dhcp-server enable
- /bin/echo "Installation complete! Restarting Raspberry Pi.."
- sudo shutdown -r now
- exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement