spior 0.1.2 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/CHANGELOG.md +27 -0
- data/README.md +24 -15
- data/Rakefile +20 -0
- data/bin/spior +2 -3
- data/{conf → ext}/ipt_mod.conf +0 -0
- data/{conf → ext}/iptables.service +0 -0
- data/lib/spior/clear.rb +13 -19
- data/lib/spior/copy.rb +54 -77
- data/lib/spior/dep.rb +37 -0
- data/lib/spior/helpers.rb +106 -7
- data/lib/spior/iptables/default.rb +38 -0
- data/lib/spior/iptables/root.rb +88 -0
- data/lib/spior/iptables/tor.rb +59 -0
- data/lib/spior/iptables.rb +5 -183
- data/lib/spior/menu.rb +15 -34
- data/lib/spior/msg.rb +7 -9
- data/lib/spior/options.rb +9 -20
- data/lib/spior/persist.rb +33 -29
- data/lib/spior/service/restart.rb +21 -0
- data/lib/spior/service/start.rb +26 -0
- data/lib/spior/service.rb +7 -0
- data/lib/spior/status.rb +30 -12
- data/lib/spior/tor/info.rb +96 -0
- data/lib/spior/tor.rb +3 -65
- data/lib/spior/version.rb +3 -0
- data/lib/spior.rb +44 -0
- data/man/spior.1 +53 -0
- data/man/spior.1.html +122 -0
- data/man/spior.1.ronn +46 -0
- data/spior.gemspec +7 -5
- data.tar.gz.sig +2 -1
- metadata +39 -36
- metadata.gz.sig +0 -0
- data/conf/resolv.conf +0 -1
- data/conf/ssh.conf +0 -29
- data/conf/sshd.conf +0 -46
- data/conf/sshuttle.service +0 -11
- data/conf/torrc/torrc_archlinux +0 -18
- data/conf/torrc/torrc_default +0 -20
- data/lib/spior/install.rb +0 -88
- data/lib/spior/mac.rb +0 -11
- data/lib/spior/network.rb +0 -46
- data/lib/spior/reload.rb +0 -14
- data/lib/spior/runner.rb +0 -46
@@ -0,0 +1,59 @@
|
|
1
|
+
module Spior
|
2
|
+
module Iptables
|
3
|
+
class Tor < Iptables::Root
|
4
|
+
def initialize
|
5
|
+
super
|
6
|
+
@tor = Spior::Tor::Info.new
|
7
|
+
@non_tor = ["#{@lo_addr}/8", "192.168.0.0/16", "172.16.0.0/12", "10.0.0.0/8"]
|
8
|
+
@tables = ["nat", "filter"]
|
9
|
+
end
|
10
|
+
|
11
|
+
private
|
12
|
+
|
13
|
+
def redirect
|
14
|
+
@tables.each { |table|
|
15
|
+
target = "ACCEPT"
|
16
|
+
target = "RETURN" if table == "nat"
|
17
|
+
|
18
|
+
ipt "-t #{table} -F OUTPUT"
|
19
|
+
ipt "-t #{table} -A OUTPUT -m state --state ESTABLISHED -j #{target}"
|
20
|
+
ipt "-t #{table} -A OUTPUT -m owner --uid #{@tor.uid} -j #{target}"
|
21
|
+
|
22
|
+
match_dns_port = @tor.dns
|
23
|
+
if table == "nat"
|
24
|
+
target = "REDIRECT --to-ports #{@tor.dns}"
|
25
|
+
match_dns_port = "53"
|
26
|
+
end
|
27
|
+
|
28
|
+
ipt "-t #{table} -A OUTPUT -p udp --dport #{match_dns_port} -j #{target}"
|
29
|
+
ipt "-t #{table} -A OUTPUT -p tcp --dport #{match_dns_port} -j #{target}"
|
30
|
+
|
31
|
+
target = "REDIRECT --to-ports #{@tor.trans_port}" if table == "nat"
|
32
|
+
ipt "-t #{table} -A OUTPUT -d #{@tor.virt_addr} -p tcp -j #{target}"
|
33
|
+
|
34
|
+
target = "RETURN" if table == "nat"
|
35
|
+
@non_tor.each { |ip|
|
36
|
+
ipt "-t #{table} -A OUTPUT -d #{ip} -j #{target}"
|
37
|
+
}
|
38
|
+
|
39
|
+
target = "REDIRECT --to-ports #{@tor.trans_port}" if table == "nat"
|
40
|
+
ipt "-t #{table} -A OUTPUT -p tcp -j #{target}"
|
41
|
+
}
|
42
|
+
end
|
43
|
+
|
44
|
+
def input
|
45
|
+
# SSH
|
46
|
+
ipt "-A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT"
|
47
|
+
# Allow loopback
|
48
|
+
ipt "-A INPUT -i #{@lo} -j ACCEPT"
|
49
|
+
# Accept related
|
50
|
+
ipt "-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT"
|
51
|
+
end
|
52
|
+
|
53
|
+
def all
|
54
|
+
ipt "-t filter -A OUTPUT -p udp -j REJECT"
|
55
|
+
ipt "-t filter -A OUTPUT -p icmp -j REJECT"
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
data/lib/spior/iptables.rb
CHANGED
@@ -1,186 +1,8 @@
|
|
1
|
-
require 'interfacez'
|
2
|
-
require_relative 'tor'
|
3
|
-
require_relative 'msg'
|
4
|
-
require_relative 'helpers'
|
5
|
-
|
6
1
|
module Spior
|
7
|
-
|
8
|
-
|
9
|
-
def self.tor(interface = false)
|
10
|
-
initialize(interface)
|
11
|
-
flush_rules
|
12
|
-
bogus_tcp_flags
|
13
|
-
bad_packets
|
14
|
-
spoofing
|
15
|
-
icmp
|
16
|
-
dns
|
17
|
-
nat
|
18
|
-
input
|
19
|
-
forward
|
20
|
-
output
|
21
|
-
drop_all
|
22
|
-
end
|
23
|
-
|
24
|
-
def self.flush_rules
|
25
|
-
@i = Helpers::Exec.new("iptables")
|
26
|
-
ipt "-F"
|
27
|
-
ipt "-X"
|
28
|
-
ipt "-t nat -F"
|
29
|
-
ipt "-t nat -X"
|
30
|
-
ipt "-t mangle -F"
|
31
|
-
ipt "-t mangle -X"
|
32
|
-
end
|
33
|
-
|
34
|
-
private
|
35
|
-
|
36
|
-
def self.initialize(interface)
|
37
|
-
@lo = Interfacez.loopback
|
38
|
-
@lo_addr = Interfacez.ipv4_address_of(@lo)
|
39
|
-
@tor = Spior::Tor.new
|
40
|
-
@non_tor = ["#{@lo_addr}/8", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]
|
41
|
-
@incoming = interface
|
42
|
-
@incoming_addr = Interfacez.ipv4_address_of(@incoming)
|
43
|
-
end
|
44
|
-
|
45
|
-
def self.check_dep
|
46
|
-
Spior::Copy::config_files
|
47
|
-
end
|
48
|
-
|
49
|
-
def self.ipt(line)
|
50
|
-
@i.run("#{line}")
|
51
|
-
#puts "added - #{@i} #{line}"
|
52
|
-
end
|
53
|
-
|
54
|
-
def self.drop_all
|
55
|
-
ipt "-P INPUT DROP"
|
56
|
-
ipt "-P FORWARD DROP"
|
57
|
-
ipt "-P OUTPUT DROP"
|
58
|
-
end
|
59
|
-
|
60
|
-
def self.bogus_tcp_flags
|
61
|
-
puts "bogus"
|
62
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP"
|
63
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP"
|
64
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags SYN,RST SYN,RST -j DROP"
|
65
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags FIN,RST FIN,RST -j DROP"
|
66
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags FIN,ACK FIN -j DROP"
|
67
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ACK,URG URG -j DROP"
|
68
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ACK,FIN FIN -j DROP"
|
69
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ACK,PSH PSH -j DROP"
|
70
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ALL ALL -j DROP"
|
71
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP"
|
72
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP"
|
73
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ALL SYN,FIN,PSH,URG -j DROP"
|
74
|
-
ipt "-t mangle -A PREROUTING -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP"
|
75
|
-
end
|
76
|
-
|
77
|
-
def self.bad_packets
|
78
|
-
puts "bad_packets"
|
79
|
-
# new packet not syn
|
80
|
-
ipt "-t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP"
|
81
|
-
# fragment packet
|
82
|
-
ipt "-A INPUT -f -j DROP"
|
83
|
-
# XMAS
|
84
|
-
ipt "-A INPUT -p tcp --tcp-flags ALL ALL -j DROP"
|
85
|
-
# null packet
|
86
|
-
ipt "-A INPUT -p tcp --tcp-flags ALL NONE -j DROP"
|
87
|
-
end
|
88
|
-
|
89
|
-
def self.spoofing
|
90
|
-
subs=["224.0.0.0/3", "169.254.0.0/16", "172.16.0.0/12", "192.0.2.0/24", "0.0.0.0/8", "240.0.0.0/5"]
|
91
|
-
subs.each do |sub|
|
92
|
-
ipt "-t mangle -A PREROUTING -s #{sub} -j DROP"
|
93
|
-
end
|
94
|
-
ipt "-t mangle -A PREROUTING -s #{@lo_addr}/8 ! -i #{@lo} -j DROP"
|
95
|
-
end
|
96
|
-
|
97
|
-
def self.icmp
|
98
|
-
puts "icmp"
|
99
|
-
ipt "-N port-scanning"
|
100
|
-
ipt "-A port-scanning -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s --limit-burst 2 -j RETURN"
|
101
|
-
ipt "-A port-scanning -j DROP"
|
102
|
-
|
103
|
-
ipt "-N syn_flood"
|
104
|
-
ipt "-A INPUT -p tcp --syn -j syn_flood"
|
105
|
-
ipt "-A syn_flood -m limit --limit 1/s --limit-burst 3 -j RETURN"
|
106
|
-
ipt "-A syn_flood -j DROP"
|
107
|
-
|
108
|
-
ipt "-A INPUT -p icmp -m limit --limit 1/s --limit-burst 1 -j ACCEPT"
|
109
|
-
ipt "-A INPUT -p icmp -m limit --limit 1/s --limit-burst 1 -j LOG --log-prefix PING-DROP:"
|
110
|
-
ipt "-A INPUT -p icmp -j DROP"
|
111
|
-
ipt "-A OUTPUT -p icmp -j ACCEPT"
|
112
|
-
end
|
113
|
-
|
114
|
-
def self.dns
|
115
|
-
puts "dns"
|
116
|
-
ipt "-t nat -A PREROUTING ! -i #{@lo} -p udp -m udp --dport 53 -j REDIRECT --to-ports #{@tor.dns}"
|
117
|
-
ipt "-t nat -A OUTPUT -p udp -m udp --dport 53 -j REDIRECT --to-ports #{@tor.dns}"
|
118
|
-
ipt "-t nat -A OUTPUT -p tcp -m tcp --dport 53 -j REDIRECT --to-ports #{@tor.dns}"
|
119
|
-
end
|
120
|
-
|
121
|
-
def self.nat
|
122
|
-
puts "nat"
|
123
|
-
# nat .onion addresses
|
124
|
-
ipt "-t nat -A OUTPUT -d #{@tor.virt_addr} -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports #{@tor.trans_port}"
|
125
|
-
|
126
|
-
# Don't nat the Tor process, the loopback, or the local network
|
127
|
-
ipt "-t nat -A OUTPUT -m owner --uid-owner #{@tor.uid} -j RETURN"
|
128
|
-
ipt "-t nat -A OUTPUT -o #{@lo} -j RETURN"
|
129
|
-
|
130
|
-
# Allow lan access for hosts in $non_tor
|
131
|
-
@non_tor.each do |lan|
|
132
|
-
ipt "-t nat -A OUTPUT -d #{lan} -j RETURN"
|
133
|
-
end
|
134
|
-
|
135
|
-
# Redirects all other pre-routing and output to Tor's TransPort
|
136
|
-
ipt "-t nat -A OUTPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports #{@tor.trans_port}"
|
137
|
-
|
138
|
-
# Redirects all other pre-routing and output to Tor's TransPort
|
139
|
-
ipt "-t nat -A OUTPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports #{@tor.trans_port}"
|
140
|
-
end
|
141
|
-
|
142
|
-
def self.input
|
143
|
-
puts "input"
|
144
|
-
ipt "-A INPUT -i #{@incoming} -p tcp -s #{@incoming_addr} --dport 22 -m conntrack --ctstate NEW -j ACCEPT"
|
145
|
-
|
146
|
-
# Allow loopback, rules
|
147
|
-
ipt "-A INPUT -m state --state ESTABLISHED -j ACCEPT"
|
148
|
-
ipt "-A INPUT -i #{@lo} -j ACCEPT"
|
149
|
-
|
150
|
-
# Allow DNS lookups from connected clients and internet access through tor.
|
151
|
-
ipt "-A INPUT -d #{@incoming_addr} -i #{@incoming} -p udp -m udp --dport #{@tor.dns} -j ACCEPT"
|
152
|
-
ipt "-A INPUT -d #{@incoming_addr} -i #{@incoming} -p tcp -m tcp --dport #{@tor.trans_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT"
|
153
|
-
|
154
|
-
# Default
|
155
|
-
ipt "-A INPUT -j DROP"
|
156
|
-
end
|
157
|
-
|
158
|
-
def self.output
|
159
|
-
puts "output"
|
160
|
-
ipt "-A OUTPUT -m conntrack --ctstate INVALID -j LOG --log-prefix \"DROP INVALID \" --log-ip-options --log-tcp-options"
|
161
|
-
ipt "-A OUTPUT -m conntrack --ctstate INVALID -j DROP"
|
162
|
-
ipt "-A OUTPUT -m state --state ESTABLISHED -j ACCEPT"
|
163
|
-
|
164
|
-
# output
|
165
|
-
ipt "-A OUTPUT -m owner --uid-owner #{@tor.uid} -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j ACCEPT"
|
166
|
-
|
167
|
-
# Accept, allow loopback output
|
168
|
-
ipt "-A OUTPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT"
|
169
|
-
ipt "-A OUTPUT -d #{@lo_addr}/32 -o #{@lo} -j ACCEPT"
|
170
|
-
|
171
|
-
# tor transparent magic
|
172
|
-
ipt "-A OUTPUT -d #{@lo_addr}/32 -p tcp -m tcp --dport #{@tor.trans_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT"
|
173
|
-
|
174
|
-
ipt "-A OUTPUT -j DROP"
|
175
|
-
end
|
176
|
-
|
177
|
-
def self.forward
|
178
|
-
puts "forward"
|
179
|
-
ipt "-A FORWARD -m conntrack --ctstate INVALID -j LOG --log-prefix \"DROP INVALID \" --log-ip-options --log-tcp-options"
|
180
|
-
ipt "-A FORWARD -m conntrack --ctstate INVALID -j DROP"
|
181
|
-
ipt "-A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT"
|
182
|
-
ipt "-A FORWARD -i #{@incoming} ! -s #{@incoming_addr} -j LOG --log-prefix \"SPOOFED PKT \""
|
183
|
-
ipt "-A FORWARD -i #{@incoming} ! -s #{@incoming_addr} -j DROP"
|
184
|
-
end
|
2
|
+
module Iptables
|
185
3
|
end
|
186
4
|
end
|
5
|
+
|
6
|
+
require_relative 'iptables/root'
|
7
|
+
require_relative 'iptables/tor'
|
8
|
+
require_relative 'iptables/default'
|
data/lib/spior/menu.rb
CHANGED
@@ -1,11 +1,3 @@
|
|
1
|
-
require_relative 'msg'
|
2
|
-
require_relative 'mac'
|
3
|
-
require_relative 'iptables'
|
4
|
-
require_relative 'network'
|
5
|
-
require_relative 'reload'
|
6
|
-
require_relative 'clear'
|
7
|
-
require_relative 'status'
|
8
|
-
|
9
1
|
module Spior
|
10
2
|
module Menu
|
11
3
|
extend self
|
@@ -16,30 +8,25 @@ module Spior
|
|
16
8
|
Msg.head
|
17
9
|
puts %q{Please select an option:
|
18
10
|
|
19
|
-
1.
|
20
|
-
2.
|
21
|
-
3.
|
22
|
-
4.
|
23
|
-
5.
|
24
|
-
6. Quit}
|
11
|
+
1. Redirect traffic through tor
|
12
|
+
2. Reload tor and change your ip
|
13
|
+
3. Clear and restore your files
|
14
|
+
4. Check info on your current ip
|
15
|
+
5. Quit}
|
25
16
|
|
26
17
|
puts
|
27
18
|
print ">> "
|
28
19
|
case gets.chomp
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
when '5'
|
40
|
-
Spior::Status::info
|
41
|
-
when '6'
|
42
|
-
exit
|
20
|
+
when '1'
|
21
|
+
Spior::Iptables::Tor.new.run!
|
22
|
+
when '2'
|
23
|
+
Spior::Serice.restart
|
24
|
+
when '3'
|
25
|
+
Spior::Clear.all
|
26
|
+
when '4'
|
27
|
+
Spior::Status.info
|
28
|
+
when '5'
|
29
|
+
exit
|
43
30
|
end
|
44
31
|
end
|
45
32
|
end
|
@@ -52,11 +39,5 @@ module Spior
|
|
52
39
|
puts "┗━┛╹ ╹┗━┛╹┗╸"
|
53
40
|
# generated with toilet -F crop -f future spior
|
54
41
|
end
|
55
|
-
|
56
|
-
def check_network
|
57
|
-
if not @network
|
58
|
-
@network = Spior::Network.new
|
59
|
-
end
|
60
|
-
end
|
61
42
|
end
|
62
43
|
end
|
data/lib/spior/msg.rb
CHANGED
@@ -1,30 +1,28 @@
|
|
1
1
|
require 'rainbow'
|
2
2
|
|
3
3
|
module Msg
|
4
|
-
|
4
|
+
extend self
|
5
|
+
|
6
|
+
def head
|
5
7
|
puts Rainbow("------------------------------------------------").cyan
|
6
8
|
end
|
7
9
|
|
8
|
-
def
|
10
|
+
def p(text)
|
9
11
|
puts Rainbow("[").cyan + Rainbow("+").white + Rainbow("]").cyan + " " + text
|
10
12
|
end
|
11
13
|
|
12
|
-
def
|
14
|
+
def err(text)
|
13
15
|
puts Rainbow("[").red + Rainbow("-").white + Rainbow("]").red + " " + text
|
14
16
|
end
|
15
17
|
|
16
|
-
def
|
18
|
+
def info(text)
|
17
19
|
puts Rainbow("-").blue + Rainbow("-").white + Rainbow("-").blue + " " + text + " " + Rainbow("-").blue + Rainbow("-").white + Rainbow("-").blue
|
18
20
|
end
|
19
21
|
|
20
|
-
def
|
22
|
+
def report(text)
|
21
23
|
puts ""
|
22
24
|
info text
|
23
25
|
puts "Please, report this issue at https://github.com/szorfein/spior/issues"
|
24
26
|
puts ""
|
25
27
|
end
|
26
|
-
|
27
|
-
def self.for_no_systemd
|
28
|
-
puts "Init system is not yet supported. You can contribute to add it."
|
29
|
-
end
|
30
28
|
end
|
data/lib/spior/options.rb
CHANGED
@@ -1,16 +1,11 @@
|
|
1
1
|
require 'optparse'
|
2
|
-
require_relative 'reload'
|
3
|
-
require_relative 'status'
|
4
|
-
require_relative 'clear'
|
5
|
-
require_relative 'menu'
|
6
2
|
|
7
3
|
module Spior
|
8
4
|
class Options
|
9
|
-
attr_reader :install , :
|
5
|
+
attr_reader :install , :tor , :persist
|
10
6
|
|
11
7
|
def initialize(argv)
|
12
8
|
@install = false
|
13
|
-
@mac = false
|
14
9
|
@tor = false
|
15
10
|
@persist = false
|
16
11
|
parse(argv)
|
@@ -20,32 +15,26 @@ module Spior
|
|
20
15
|
|
21
16
|
def parse(argv)
|
22
17
|
OptionParser.new do |opts|
|
23
|
-
opts.on("-i", "--install", "Install
|
18
|
+
opts.on("-i", "--install", "Install the dependencies") do
|
24
19
|
@install = true
|
25
20
|
end
|
26
21
|
|
27
|
-
opts.on("-n", "--net-card NAME", "The name of the target network card") do |net|
|
28
|
-
@interface = net
|
29
|
-
end
|
30
|
-
|
31
|
-
opts.on("-m", "--mac", "Change your mac") do
|
32
|
-
@mac = true
|
33
|
-
end
|
34
|
-
|
35
22
|
opts.on("-t", "--tor", "Redirect traffic through TOR") do
|
36
23
|
@tor = true
|
37
24
|
end
|
38
25
|
|
39
26
|
opts.on("-r", "--reload", "Reload TOR to change your ip") do
|
40
|
-
Spior::
|
27
|
+
Spior::Service.restart
|
28
|
+
exit
|
41
29
|
end
|
42
30
|
|
43
|
-
opts.on("-c", "--
|
44
|
-
Spior::Clear
|
31
|
+
opts.on("-c", "--clearnet", "Reset iptables and return to clearnet navigation") do
|
32
|
+
Spior::Clear.all
|
45
33
|
end
|
46
34
|
|
47
35
|
opts.on("-s", "--status", "Look infos about your current ip") do
|
48
|
-
Spior::Status
|
36
|
+
Spior::Status.info
|
37
|
+
exit
|
49
38
|
end
|
50
39
|
|
51
40
|
opts.on("-p", "--persist", "Active Spior at every boot.") do
|
@@ -53,7 +42,7 @@ module Spior
|
|
53
42
|
end
|
54
43
|
|
55
44
|
opts.on("-m", "--menu", "Display an interactive menu") do
|
56
|
-
Spior::Menu
|
45
|
+
Spior::Menu.run
|
57
46
|
end
|
58
47
|
|
59
48
|
opts.on("-h", "--help", "Show this message") do
|
data/lib/spior/persist.rb
CHANGED
@@ -1,46 +1,50 @@
|
|
1
1
|
require 'nomansland'
|
2
2
|
require 'tty-which'
|
3
|
-
require_relative 'copy'
|
4
|
-
require_relative 'msg'
|
5
|
-
require_relative 'helpers'
|
6
3
|
|
7
4
|
module Spior
|
8
5
|
module Persist
|
9
6
|
extend self
|
10
7
|
|
11
|
-
def
|
12
|
-
|
13
|
-
|
14
|
-
|
8
|
+
def enable
|
9
|
+
case Nomansland::distro?
|
10
|
+
when :gentoo
|
11
|
+
for_gentoo
|
12
|
+
else
|
13
|
+
Msg.p "Your distro is not yet supported."
|
14
|
+
end
|
15
15
|
end
|
16
16
|
|
17
17
|
private
|
18
18
|
|
19
|
-
def
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
19
|
+
def for_gentoo
|
20
|
+
if TTY::Which.exist?('systemctl')
|
21
|
+
systemd_start("iptables-store")
|
22
|
+
systemd_enable("iptables-restore")
|
23
|
+
systemd_enable("tor")
|
24
|
+
else
|
25
|
+
system("sudo /etc/init.d/iptables save")
|
26
|
+
rc_upd = Helpers::Exec.new("rc-update")
|
27
|
+
rc_upd.run("rc-update add iptables boot")
|
28
|
+
rc_upd.run("rc-update add tor")
|
29
|
+
rc_upd.run("rc-update add tor default")
|
30
30
|
end
|
31
|
-
iptables_systemd
|
32
31
|
end
|
33
32
|
|
34
|
-
def
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
33
|
+
def systemd_enable(service)
|
34
|
+
systemctl = Helpers::Exec.new("systemctl")
|
35
|
+
Msg.p "Search for service #{service}..."
|
36
|
+
`systemctl is-enabled #{service}`
|
37
|
+
if not $?.success? then
|
38
|
+
systemctl.run("enable #{service}")
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def systemd_start(service)
|
43
|
+
systemctl = Helpers::Exec.new("systemctl")
|
44
|
+
Msg.p "Search for service #{service}..."
|
45
|
+
`systemctl is-active #{service}`
|
46
|
+
if not $?.success? then
|
47
|
+
systemctl.run("start #{service}")
|
44
48
|
end
|
45
49
|
end
|
46
50
|
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'tty-which'
|
2
|
+
|
3
|
+
module Spior
|
4
|
+
module Service
|
5
|
+
module_function
|
6
|
+
|
7
|
+
def restart
|
8
|
+
if TTY::Which.exist?('systemctl')
|
9
|
+
Helpers::Exec.new("systemctl").run("restart tor")
|
10
|
+
Msg.p "ip changed."
|
11
|
+
elsif TTY::Which.exist? 'sv'
|
12
|
+
Helpers::Exec.new('sv').run('restart tor')
|
13
|
+
Msg.p 'ip changed.'
|
14
|
+
elsif File.exist? '/etc/init.d/tor'
|
15
|
+
Helpers::Exec.new('/etc/init.d/tor').run('restart')
|
16
|
+
else
|
17
|
+
Msg.report "Don't known yet how to restart Tor for your system."
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
require 'tty-which'
|
2
|
+
|
3
|
+
module Spior
|
4
|
+
module Service
|
5
|
+
module_function
|
6
|
+
|
7
|
+
def start
|
8
|
+
if TTY::Which.exist?('systemctl')
|
9
|
+
state = `systemctl is-active tor`.chomp
|
10
|
+
unless state == 'active'
|
11
|
+
Helpers::Exec.new("systemctl").run("start tor")
|
12
|
+
Msg.p "TOR started."
|
13
|
+
end
|
14
|
+
elsif TTY::Which.exist? 'sv'
|
15
|
+
unless File.exist? '/var/service/tor'
|
16
|
+
Helpers::Exec.new('ln').run('-s /etc/sv/tor /var/service/tor')
|
17
|
+
Msg.p "TOR started."
|
18
|
+
end
|
19
|
+
elsif File.exist? '/etc/init.d/tor'
|
20
|
+
Helpers::Exec.new('/etc/init.d/tor').run('start')
|
21
|
+
else
|
22
|
+
Msg.report "Don't known yet how to start Tor for your system."
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
data/lib/spior/status.rb
CHANGED
@@ -1,20 +1,38 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
|
3
1
|
require 'open-uri'
|
2
|
+
require 'json'
|
4
3
|
|
5
4
|
module Spior
|
6
|
-
|
5
|
+
module Status
|
6
|
+
def self.enable
|
7
|
+
begin
|
8
|
+
status = "Disable"
|
9
|
+
api_check = "https://check.torproject.org/api/ip"
|
10
|
+
URI.open(api_check) do |l|
|
11
|
+
hash = JSON.parse l.read
|
12
|
+
status = "Enable" if hash["IsTor"] == true
|
13
|
+
end
|
14
|
+
status
|
15
|
+
rescue OpenURI::HTTPError => error
|
16
|
+
res = error.io
|
17
|
+
puts "Fail to join server #{res.status}"
|
18
|
+
end
|
19
|
+
end
|
7
20
|
|
8
|
-
# TODO: if someone want help, i have trouble to make JSON.parse() work here
|
9
|
-
# the output is very very ugly !
|
10
21
|
def self.info
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
22
|
+
begin
|
23
|
+
api_check = "https://ipleak.net/json"
|
24
|
+
URI.open(api_check) do |l|
|
25
|
+
hash = JSON.parse l.read
|
26
|
+
puts
|
27
|
+
puts " Current ip ===> #{hash["ip"]}"
|
28
|
+
puts " Continent ===> #{hash["continent_name"]}"
|
29
|
+
puts " Timezone ===> #{hash["time_zone"]}"
|
30
|
+
end
|
31
|
+
puts " Status ===> #{enable}"
|
32
|
+
rescue OpenURI::HTTPError => error
|
33
|
+
res = error.io
|
34
|
+
puts "Fail to join server #{res.status}"
|
35
|
+
end
|
17
36
|
end
|
18
|
-
|
19
37
|
end
|
20
38
|
end
|