laforca

1. /usr/bin/backbox-anonymous
2. ~ [ cat $(which backbox-anonymous)                                                                                                                                ] 1:23
3. #!/bin/sh
4.  
5. # Copyright(c) 2011-2013 BackBox Developers
6. # http://www.backbox.org/
7. #
8. # This file is part of backbox-default-settings
9. #
10. # backbox-anonymous is free software: you can redistribute it and/or
11. # modify it under the terms of the GNU General Public License as
12. # published by the Free Software Foundation, either version 3 of the
13. # License, or (at your option) any later version.
14. #
15. # backbox-anonymous is distributed in the hope that it will be
16. # useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
17. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18. # General Public License for more details.
19. #
20. # You should have received a copy of the GNU General Public License
21. # along with backbox-anonymous. If not, see <http://www.gnu.org/licenses/>.
22.  
23. export BLUE='\033[1;94m'
24. export GREEN='\033[1;92m'
25. export RED='\033[1;91m'
26. export ENDC='\033[1;00m'
27.  
28. # Destinations you don't want routed through Tor
29. NON_TOR="192.168.0.0/16 172.16.0.0/12 10.0.0.0/8"
30.  
31. # The UID Tor runs as
32. TOR_UID="debian-tor"
33.  
34. # Tor's TransPort
35. TRANS_PORT="9040"
36.  
37. case "$1" in
38.     start)
39.         # Make sure only root can run this script
40.         if [ $(id -u) -ne 0 ]; then
41.           echo "\n$RED[!] This script must be run as root$ENDC\n" >&2
42.           exit 1
43.         fi
44.        
45.         # Check defaults for Tor
46.         grep -q -x 'RUN_DAEMON="yes"' /etc/default/tor
47.         if [ $? -ne 0 ]; then
48.             echo "\n$RED[!] Please add the following to your /etc/default/tor and restart service:$ENDC\n" >&2
49.             echo "$BLUE#----------------------------------------------------------------------#$ENDC"
50.             echo 'RUN_DAEMON="yes"'
51.             echo "$BLUE#----------------------------------------------------------------------#$ENDC\n"
52.             exit 1
53.         fi     
54.        
55.         # Check torrc config file
56.         grep -q -x 'VirtualAddrNetwork 10.192.0.0/10' /etc/tor/torrc
57.         if [ $? -ne 0 ]; then
58.             echo "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$ENDC\n" >&2
59.             echo "$BLUE#----------------------------------------------------------------------#$ENDC"
60.             echo 'VirtualAddrNetwork 10.192.0.0/10'
61.             echo 'AutomapHostsOnResolve 1'
62.             echo 'TransPort 9040'
63.             echo 'DNSPort 53'
64.             echo "$BLUE#----------------------------------------------------------------------#$ENDC\n"
65.             exit 1
66.         fi
67.         grep -q -x 'AutomapHostsOnResolve 1' /etc/tor/torrc
68.         if [ $? -ne 0 ]; then
69.             echo "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$ENDC\n" >&2
70.             echo "$BLUE#----------------------------------------------------------------------#$ENDC"
71.             echo 'VirtualAddrNetwork 10.192.0.0/10'
72.             echo 'AutomapHostsOnResolve 1'
73.             echo 'TransPort 9040'
74.             echo 'DNSPort 53'
75.             echo "$BLUE#----------------------------------------------------------------------#$ENDC\n"
76.             exit 1
77.         fi
78.         grep -q -x 'TransPort 9040' /etc/tor/torrc
79.         if [ $? -ne 0 ]; then
80.             echo "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$ENDC\n" >&2
81.             echo "$BLUE#----------------------------------------------------------------------#$ENDC"
82.             echo 'VirtualAddrNetwork 10.192.0.0/10'
83.             echo 'AutomapHostsOnResolve 1'
84.             echo 'TransPort 9040'
85.             echo 'DNSPort 53'
86.             echo "$BLUE#----------------------------------------------------------------------#$ENDC\n"
87.             exit 1
88.         fi
89.         grep -q -x 'DNSPort 53' /etc/tor/torrc
90.         if [ $? -ne 0 ]; then
91.             echo "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$ENDC\n" >&2
92.             echo "$BLUE#----------------------------------------------------------------------#$ENDC"
93.             echo 'VirtualAddrNetwork 10.192.0.0/10'
94.             echo 'AutomapHostsOnResolve 1'
95.             echo 'TransPort 9040'
96.             echo 'DNSPort 53'
97.             echo "$BLUE#----------------------------------------------------------------------#$ENDC\n"
98.             exit 1
99.         fi
100.  
101.         echo "\n$BLUE[i] Starting anonymous mode:$ENDC\n"
102.        
103.         if [ ! -e /var/run/tor/tor.pid ]; then
104.             echo " $RED*$ENDC Tor is not running! Quitting...\n" >&2
105.             exit 1
106.         fi
107.        
108.         if ! [ -f /etc/network/iptables.rules ]; then
109.             iptables-save > /etc/network/iptables.rules
110.             echo " $GREEN*$ENDC Saved iptables rules"
111.         fi
112.  
113.         iptables -F
114.         iptables -t nat -F
115.         echo " $GREEN*$ENDC Deleted all iptables rules"
116.    
117.         echo -n " $GREEN*$ENDC Service "
118.         service resolvconf stop 2>/dev/null || echo "resolvconf already stopped"
119.  
120.         echo 'nameserver 127.0.0.1' > /etc/resolv.conf
121.         echo " $GREEN*$ENDC Modified resolv.conf to use Tor"
122.  
123.         iptables -t nat -A OUTPUT -m owner --uid-owner $TOR_UID -j RETURN
124.         iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 53
125.         for NET in $NON_TOR 127.0.0.0/9 127.128.0.0/10; do
126.             iptables -t nat -A OUTPUT -d $NET -j RETURN
127.         done
128.         iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT
129.         iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
130.         for NET in $NON_TOR 127.0.0.0/8; do
131.                 iptables -A OUTPUT -d $NET -j ACCEPT
132.         done
133.         iptables -A OUTPUT -m owner --uid-owner $TOR_UID -j ACCEPT
134.         iptables -A OUTPUT -j REJECT
135.         echo "$GREEN *$ENDC Redirected all traffic throught Tor\n"
136.  
137.         echo "$BLUE[i] Are you using Tor?$ENDC\n"
138.         echo "$GREEN *$ENDC Please refer to https://check.torproject.org\n"
139.     ;;
140.     stop)
141.         # Make sure only root can run our script
142.         if [ $(id -u) -ne 0 ]; then
143.           echo "\n$RED[!] This script must be run as root$ENDC\n" >&2
144.           exit 1
145.         fi
146.        
147.         echo "\n$BLUE[i] Stopping anonymous mode:$ENDC\n"
148.        
149.         iptables -F
150.         iptables -t nat -F
151.         echo " $GREEN*$ENDC Deleted all iptables rules"
152.        
153.         if [ -f /etc/network/iptables.rules ]; then
154.             iptables-restore < /etc/network/iptables.rules
155.             rm /etc/network/iptables.rules
156.             echo " $GREEN*$ENDC Restored iptables rules"
157.         fi
158.        
159.         echo -n " $GREEN*$ENDC Service "
160.         service resolvconf start 2>/dev/null || echo "resolvconf already started"
161.        
162.         echo " $GREEN*$ENDC Stopped anonymous mode\n"
163.     ;;
164.     restart)
165.         $0 stop
166.         $0 start
167.     ;;
168.     *)
169.     echo "Usage: $0 {start|stop|restart}"
170.     exit 1
171.     ;;
172. esac
173.  
174. exit 0