spior 0.1.2 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/CHANGELOG.md +27 -0
- data/README.md +24 -15
- data/Rakefile +20 -0
- data/bin/spior +2 -3
- data/{conf → ext}/ipt_mod.conf +0 -0
- data/{conf → ext}/iptables.service +0 -0
- data/lib/spior/clear.rb +13 -19
- data/lib/spior/copy.rb +54 -77
- data/lib/spior/dep.rb +37 -0
- data/lib/spior/helpers.rb +106 -7
- data/lib/spior/iptables/default.rb +38 -0
- data/lib/spior/iptables/root.rb +88 -0
- data/lib/spior/iptables/tor.rb +59 -0
- data/lib/spior/iptables.rb +5 -183
- data/lib/spior/menu.rb +15 -34
- data/lib/spior/msg.rb +7 -9
- data/lib/spior/options.rb +9 -20
- data/lib/spior/persist.rb +33 -29
- data/lib/spior/service/restart.rb +21 -0
- data/lib/spior/service/start.rb +26 -0
- data/lib/spior/service.rb +7 -0
- data/lib/spior/status.rb +30 -12
- data/lib/spior/tor/info.rb +96 -0
- data/lib/spior/tor.rb +3 -65
- data/lib/spior/version.rb +3 -0
- data/lib/spior.rb +44 -0
- data/man/spior.1 +53 -0
- data/man/spior.1.html +122 -0
- data/man/spior.1.ronn +46 -0
- data/spior.gemspec +7 -5
- data.tar.gz.sig +2 -1
- metadata +39 -36
- metadata.gz.sig +0 -0
- data/conf/resolv.conf +0 -1
- data/conf/ssh.conf +0 -29
- data/conf/sshd.conf +0 -46
- data/conf/sshuttle.service +0 -11
- data/conf/torrc/torrc_archlinux +0 -18
- data/conf/torrc/torrc_default +0 -20
- data/lib/spior/install.rb +0 -88
- data/lib/spior/mac.rb +0 -11
- data/lib/spior/network.rb +0 -46
- data/lib/spior/reload.rb +0 -14
- data/lib/spior/runner.rb +0 -46
data/conf/sshd.conf
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
# ref https://github.com/stribika/stribika.github.io/wiki/Secure-Secure-Shell
|
2
|
-
# ref https://github.com/jumanjihouse/devenv/blob/master/app/etc/ssh/sshd_config
|
3
|
-
# ref https://www.ssh.com/ssh/sshd_config/
|
4
|
-
|
5
|
-
# Support for curve25519 KEX and chacha20 are on the wishlist.
|
6
|
-
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
7
|
-
|
8
|
-
hostkeyalgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256
|
9
|
-
|
10
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
11
|
-
|
12
|
-
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
|
13
|
-
|
14
|
-
Protocol 2
|
15
|
-
AllowGroups ssh-user
|
16
|
-
|
17
|
-
# Only allow 4096-byte RSA key
|
18
|
-
HostKey /etc/ssh/ssh_host_rsa_key
|
19
|
-
HostKey /etc/ssh/ssh_host_ed25519_key
|
20
|
-
|
21
|
-
PermitEmptyPasswords no
|
22
|
-
|
23
|
-
# Change to no to disable s/key passwords
|
24
|
-
ChallengeResponseAuthentication no
|
25
|
-
|
26
|
-
PubkeyAuthentication yes
|
27
|
-
|
28
|
-
# With TOR
|
29
|
-
#ListenAddress 127.0.0.1:22
|
30
|
-
|
31
|
-
UsePAM yes
|
32
|
-
PasswordAuthentication no
|
33
|
-
PrintMotd no
|
34
|
-
PrintLastLog no
|
35
|
-
|
36
|
-
X11Forwarding no
|
37
|
-
permitrootlogin no
|
38
|
-
|
39
|
-
# override default of no subsystems
|
40
|
-
Subsystem sftp /usr/lib64/misc/sftp-server
|
41
|
-
|
42
|
-
# Allow client to pass locale environment variables. #367017
|
43
|
-
AcceptEnv LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
|
44
|
-
|
45
|
-
# Allow client to pass COLORTERM to match TERM. #658540
|
46
|
-
AcceptEnv COLORTERM
|
data/conf/sshuttle.service
DELETED
data/conf/torrc/torrc_archlinux
DELETED
@@ -1,18 +0,0 @@
|
|
1
|
-
DataDirectory /var/lib/tor/data
|
2
|
-
|
3
|
-
Log notice stdout
|
4
|
-
|
5
|
-
GeoIPExcludeUnknown 1
|
6
|
-
|
7
|
-
## Torified DNS
|
8
|
-
DNSPort 127.0.0.1:9061
|
9
|
-
AutomapHostsOnResolve 1
|
10
|
-
AutomapHostsSuffixes .exit,.onion
|
11
|
-
|
12
|
-
SocksPort 9050
|
13
|
-
|
14
|
-
VirtualAddrNetworkIPv4 10.192.0.0/10
|
15
|
-
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
16
|
-
|
17
|
-
TestSocks 1
|
18
|
-
MaxCircuitDirtiness 600
|
data/conf/torrc/torrc_default
DELETED
@@ -1,20 +0,0 @@
|
|
1
|
-
User tor
|
2
|
-
PIDFile /run/tor/tor.pid
|
3
|
-
DataDirectory /var/lib/tor/data
|
4
|
-
|
5
|
-
Log notice stdout
|
6
|
-
|
7
|
-
GeoIPExcludeUnknown 1
|
8
|
-
|
9
|
-
## Torified DNS
|
10
|
-
DNSPort 127.0.0.1:9061
|
11
|
-
AutomapHostsOnResolve 1
|
12
|
-
AutomapHostsSuffixes .exit,.onion
|
13
|
-
|
14
|
-
SocksPort 9050
|
15
|
-
|
16
|
-
VirtualAddrNetworkIPv4 10.192.0.0/10
|
17
|
-
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
18
|
-
|
19
|
-
TestSocks 1
|
20
|
-
MaxCircuitDirtiness 600
|
data/lib/spior/install.rb
DELETED
@@ -1,88 +0,0 @@
|
|
1
|
-
require 'nomansland'
|
2
|
-
require 'tty-which'
|
3
|
-
require_relative 'msg'
|
4
|
-
require_relative 'helpers'
|
5
|
-
|
6
|
-
module Spior
|
7
|
-
class Install
|
8
|
-
|
9
|
-
def self.dependencies
|
10
|
-
base_packages
|
11
|
-
mac_update
|
12
|
-
end
|
13
|
-
|
14
|
-
def self.check_base
|
15
|
-
base_packages
|
16
|
-
end
|
17
|
-
|
18
|
-
def self.check_mac
|
19
|
-
pkg_mac
|
20
|
-
end
|
21
|
-
|
22
|
-
private
|
23
|
-
|
24
|
-
def self.base_packages
|
25
|
-
if not TTY::Which.exist?('iptables') or not TTY::Which.exist?('tor')
|
26
|
-
case Nomansland::installer?
|
27
|
-
when :emerge
|
28
|
-
emerge = Helpers::Exec.new("emerge -av --changed-use")
|
29
|
-
emerge.run("tor iptables")
|
30
|
-
when :pacman
|
31
|
-
pacman = Helpers::Exec.new("pacman -S --needed")
|
32
|
-
pacman.run("tor iptables")
|
33
|
-
when :yum
|
34
|
-
yum = Helpers::Exec.new("yum install")
|
35
|
-
yum.run("tor iptables")
|
36
|
-
else
|
37
|
-
apt_get = Helpers::Exec.new("apt-get install")
|
38
|
-
apt_get.run("tor iptables iptables-persistent")
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
def self.pkg_mac
|
44
|
-
pkg_name="deceitmac"
|
45
|
-
if not TTY::Which.exist?(pkg_name)
|
46
|
-
build_pkg(pkg_name)
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
def self.mac_update
|
51
|
-
pkg_name="deceitmac"
|
52
|
-
if TTY::Which.exist?(pkg_name)
|
53
|
-
print "Target #{pkg_name} exist, update? [N/y] "
|
54
|
-
choice = gets.chomp
|
55
|
-
if choice =~ /y|Y/ then
|
56
|
-
puts "Update #{pkg_name}..."
|
57
|
-
build_pkg(pkg_name)
|
58
|
-
end
|
59
|
-
else
|
60
|
-
puts "Install #{pkg_name}..."
|
61
|
-
build_pkg(pkg_name)
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
def self.build_pkg(name)
|
66
|
-
old_path = Dir.pwd
|
67
|
-
system("rm -rf /tmp/#{name}*")
|
68
|
-
system("curl -L -o /tmp/#{name}.tar.gz https://github.com/szorfein/#{name}/archive/master.tar.gz")
|
69
|
-
Dir.chdir("/tmp")
|
70
|
-
system("tar xvf #{name}.tar.gz")
|
71
|
-
Dir.chdir("#{name}-master")
|
72
|
-
system("sudo make install")
|
73
|
-
if TTY::Which.exist?('systemctl')
|
74
|
-
if Dir.exist?("/lib/systemd/system")
|
75
|
-
puts "lib/systemd"
|
76
|
-
system("sudo cp deceitmac@.service /lib/systemd/system/")
|
77
|
-
else
|
78
|
-
puts "/usr/lib/systemd"
|
79
|
-
system("sudo cp deceitmac@.service /usr/lib/systemd/system/")
|
80
|
-
end
|
81
|
-
end
|
82
|
-
Msg.p "pkg #{name} installed"
|
83
|
-
Dir.chdir(old_path)
|
84
|
-
rescue => e
|
85
|
-
Msg.err e
|
86
|
-
end
|
87
|
-
end
|
88
|
-
end
|
data/lib/spior/mac.rb
DELETED
data/lib/spior/network.rb
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
require 'interfacez'
|
2
|
-
require_relative 'msg'
|
3
|
-
|
4
|
-
module Spior
|
5
|
-
class Network
|
6
|
-
attr_accessor :card
|
7
|
-
|
8
|
-
def initialize(name = false)
|
9
|
-
@name = name
|
10
|
-
@check = false
|
11
|
-
end
|
12
|
-
|
13
|
-
def card
|
14
|
-
verify_card
|
15
|
-
if @check == false then
|
16
|
-
ask_for_card
|
17
|
-
end
|
18
|
-
@name
|
19
|
-
end
|
20
|
-
|
21
|
-
private
|
22
|
-
|
23
|
-
def verify_card
|
24
|
-
return if @check or not @name
|
25
|
-
Interfacez.all do |interface|
|
26
|
-
if interface == @name then
|
27
|
-
@check = true
|
28
|
-
end
|
29
|
-
end
|
30
|
-
if not @check then
|
31
|
-
Msg.err "Your interface #{@name} is no found"
|
32
|
-
end
|
33
|
-
end
|
34
|
-
|
35
|
-
def ask_for_card
|
36
|
-
until @check == true
|
37
|
-
Interfacez.all do |interface|
|
38
|
-
print interface + " "
|
39
|
-
end
|
40
|
-
printf "\nWhat is the name of the card to be used? "
|
41
|
-
@name = gets.chomp
|
42
|
-
verify_card
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|
data/lib/spior/reload.rb
DELETED
@@ -1,14 +0,0 @@
|
|
1
|
-
require 'tty-which'
|
2
|
-
require_relative 'msg'
|
3
|
-
require_relative 'helpers'
|
4
|
-
|
5
|
-
module Spior
|
6
|
-
module Reload
|
7
|
-
def self.tor
|
8
|
-
if TTY::Which.exist?('systemctl')
|
9
|
-
Helpers::Exec.new("systemctl").run("restart tor")
|
10
|
-
Msg.p "ip changed"
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|
data/lib/spior/runner.rb
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
require_relative 'options'
|
2
|
-
require_relative 'install'
|
3
|
-
require_relative 'copy'
|
4
|
-
require_relative 'mac'
|
5
|
-
require_relative 'iptables'
|
6
|
-
require_relative 'network'
|
7
|
-
require_relative 'persist'
|
8
|
-
require_relative 'msg'
|
9
|
-
|
10
|
-
module Spior
|
11
|
-
class Runner
|
12
|
-
def initialize(argv)
|
13
|
-
@options = Options.new(argv)
|
14
|
-
@network = false
|
15
|
-
end
|
16
|
-
|
17
|
-
def run
|
18
|
-
if @options.install then
|
19
|
-
Msg.head
|
20
|
-
Spior::Install::dependencies
|
21
|
-
Spior::Copy::config_files
|
22
|
-
end
|
23
|
-
if @options.mac then
|
24
|
-
Msg.head
|
25
|
-
Spior::Install::check_mac
|
26
|
-
if not @network
|
27
|
-
@network = Spior::Network.new(@options.interface)
|
28
|
-
end
|
29
|
-
Spior::MAC::randomize(@network.card)
|
30
|
-
end
|
31
|
-
if @options.tor then
|
32
|
-
Msg.head
|
33
|
-
if not @network
|
34
|
-
@network = Spior::Network.new(@options.interface)
|
35
|
-
end
|
36
|
-
Spior::Iptables::tor(@network.card)
|
37
|
-
end
|
38
|
-
if @options.persist then
|
39
|
-
if not @network
|
40
|
-
@network = Spior::Network.new(@options.interface)
|
41
|
-
end
|
42
|
-
Spior::Persist::all(@network.card)
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|