spior 0.1.2 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/CHANGELOG.md +27 -0
- data/README.md +24 -15
- data/Rakefile +20 -0
- data/bin/spior +2 -3
- data/{conf → ext}/ipt_mod.conf +0 -0
- data/{conf → ext}/iptables.service +0 -0
- data/lib/spior/clear.rb +13 -19
- data/lib/spior/copy.rb +54 -77
- data/lib/spior/dep.rb +37 -0
- data/lib/spior/helpers.rb +106 -7
- data/lib/spior/iptables/default.rb +38 -0
- data/lib/spior/iptables/root.rb +88 -0
- data/lib/spior/iptables/tor.rb +59 -0
- data/lib/spior/iptables.rb +5 -183
- data/lib/spior/menu.rb +15 -34
- data/lib/spior/msg.rb +7 -9
- data/lib/spior/options.rb +9 -20
- data/lib/spior/persist.rb +33 -29
- data/lib/spior/service/restart.rb +21 -0
- data/lib/spior/service/start.rb +26 -0
- data/lib/spior/service.rb +7 -0
- data/lib/spior/status.rb +30 -12
- data/lib/spior/tor/info.rb +96 -0
- data/lib/spior/tor.rb +3 -65
- data/lib/spior/version.rb +3 -0
- data/lib/spior.rb +44 -0
- data/man/spior.1 +53 -0
- data/man/spior.1.html +122 -0
- data/man/spior.1.ronn +46 -0
- data/spior.gemspec +7 -5
- data.tar.gz.sig +2 -1
- metadata +39 -36
- metadata.gz.sig +0 -0
- data/conf/resolv.conf +0 -1
- data/conf/ssh.conf +0 -29
- data/conf/sshd.conf +0 -46
- data/conf/sshuttle.service +0 -11
- data/conf/torrc/torrc_archlinux +0 -18
- data/conf/torrc/torrc_default +0 -20
- data/lib/spior/install.rb +0 -88
- data/lib/spior/mac.rb +0 -11
- data/lib/spior/network.rb +0 -46
- data/lib/spior/reload.rb +0 -14
- data/lib/spior/runner.rb +0 -46
data/conf/sshd.conf
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
# ref https://github.com/stribika/stribika.github.io/wiki/Secure-Secure-Shell
|
2
|
-
# ref https://github.com/jumanjihouse/devenv/blob/master/app/etc/ssh/sshd_config
|
3
|
-
# ref https://www.ssh.com/ssh/sshd_config/
|
4
|
-
|
5
|
-
# Support for curve25519 KEX and chacha20 are on the wishlist.
|
6
|
-
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
7
|
-
|
8
|
-
hostkeyalgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256
|
9
|
-
|
10
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
11
|
-
|
12
|
-
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
|
13
|
-
|
14
|
-
Protocol 2
|
15
|
-
AllowGroups ssh-user
|
16
|
-
|
17
|
-
# Only allow 4096-byte RSA key
|
18
|
-
HostKey /etc/ssh/ssh_host_rsa_key
|
19
|
-
HostKey /etc/ssh/ssh_host_ed25519_key
|
20
|
-
|
21
|
-
PermitEmptyPasswords no
|
22
|
-
|
23
|
-
# Change to no to disable s/key passwords
|
24
|
-
ChallengeResponseAuthentication no
|
25
|
-
|
26
|
-
PubkeyAuthentication yes
|
27
|
-
|
28
|
-
# With TOR
|
29
|
-
#ListenAddress 127.0.0.1:22
|
30
|
-
|
31
|
-
UsePAM yes
|
32
|
-
PasswordAuthentication no
|
33
|
-
PrintMotd no
|
34
|
-
PrintLastLog no
|
35
|
-
|
36
|
-
X11Forwarding no
|
37
|
-
permitrootlogin no
|
38
|
-
|
39
|
-
# override default of no subsystems
|
40
|
-
Subsystem sftp /usr/lib64/misc/sftp-server
|
41
|
-
|
42
|
-
# Allow client to pass locale environment variables. #367017
|
43
|
-
AcceptEnv LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
|
44
|
-
|
45
|
-
# Allow client to pass COLORTERM to match TERM. #658540
|
46
|
-
AcceptEnv COLORTERM
|
data/conf/sshuttle.service
DELETED
data/conf/torrc/torrc_archlinux
DELETED
@@ -1,18 +0,0 @@
|
|
1
|
-
DataDirectory /var/lib/tor/data
|
2
|
-
|
3
|
-
Log notice stdout
|
4
|
-
|
5
|
-
GeoIPExcludeUnknown 1
|
6
|
-
|
7
|
-
## Torified DNS
|
8
|
-
DNSPort 127.0.0.1:9061
|
9
|
-
AutomapHostsOnResolve 1
|
10
|
-
AutomapHostsSuffixes .exit,.onion
|
11
|
-
|
12
|
-
SocksPort 9050
|
13
|
-
|
14
|
-
VirtualAddrNetworkIPv4 10.192.0.0/10
|
15
|
-
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
16
|
-
|
17
|
-
TestSocks 1
|
18
|
-
MaxCircuitDirtiness 600
|
data/conf/torrc/torrc_default
DELETED
@@ -1,20 +0,0 @@
|
|
1
|
-
User tor
|
2
|
-
PIDFile /run/tor/tor.pid
|
3
|
-
DataDirectory /var/lib/tor/data
|
4
|
-
|
5
|
-
Log notice stdout
|
6
|
-
|
7
|
-
GeoIPExcludeUnknown 1
|
8
|
-
|
9
|
-
## Torified DNS
|
10
|
-
DNSPort 127.0.0.1:9061
|
11
|
-
AutomapHostsOnResolve 1
|
12
|
-
AutomapHostsSuffixes .exit,.onion
|
13
|
-
|
14
|
-
SocksPort 9050
|
15
|
-
|
16
|
-
VirtualAddrNetworkIPv4 10.192.0.0/10
|
17
|
-
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
18
|
-
|
19
|
-
TestSocks 1
|
20
|
-
MaxCircuitDirtiness 600
|
data/lib/spior/install.rb
DELETED
@@ -1,88 +0,0 @@
|
|
1
|
-
require 'nomansland'
|
2
|
-
require 'tty-which'
|
3
|
-
require_relative 'msg'
|
4
|
-
require_relative 'helpers'
|
5
|
-
|
6
|
-
module Spior
|
7
|
-
class Install
|
8
|
-
|
9
|
-
def self.dependencies
|
10
|
-
base_packages
|
11
|
-
mac_update
|
12
|
-
end
|
13
|
-
|
14
|
-
def self.check_base
|
15
|
-
base_packages
|
16
|
-
end
|
17
|
-
|
18
|
-
def self.check_mac
|
19
|
-
pkg_mac
|
20
|
-
end
|
21
|
-
|
22
|
-
private
|
23
|
-
|
24
|
-
def self.base_packages
|
25
|
-
if not TTY::Which.exist?('iptables') or not TTY::Which.exist?('tor')
|
26
|
-
case Nomansland::installer?
|
27
|
-
when :emerge
|
28
|
-
emerge = Helpers::Exec.new("emerge -av --changed-use")
|
29
|
-
emerge.run("tor iptables")
|
30
|
-
when :pacman
|
31
|
-
pacman = Helpers::Exec.new("pacman -S --needed")
|
32
|
-
pacman.run("tor iptables")
|
33
|
-
when :yum
|
34
|
-
yum = Helpers::Exec.new("yum install")
|
35
|
-
yum.run("tor iptables")
|
36
|
-
else
|
37
|
-
apt_get = Helpers::Exec.new("apt-get install")
|
38
|
-
apt_get.run("tor iptables iptables-persistent")
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
def self.pkg_mac
|
44
|
-
pkg_name="deceitmac"
|
45
|
-
if not TTY::Which.exist?(pkg_name)
|
46
|
-
build_pkg(pkg_name)
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
def self.mac_update
|
51
|
-
pkg_name="deceitmac"
|
52
|
-
if TTY::Which.exist?(pkg_name)
|
53
|
-
print "Target #{pkg_name} exist, update? [N/y] "
|
54
|
-
choice = gets.chomp
|
55
|
-
if choice =~ /y|Y/ then
|
56
|
-
puts "Update #{pkg_name}..."
|
57
|
-
build_pkg(pkg_name)
|
58
|
-
end
|
59
|
-
else
|
60
|
-
puts "Install #{pkg_name}..."
|
61
|
-
build_pkg(pkg_name)
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
def self.build_pkg(name)
|
66
|
-
old_path = Dir.pwd
|
67
|
-
system("rm -rf /tmp/#{name}*")
|
68
|
-
system("curl -L -o /tmp/#{name}.tar.gz https://github.com/szorfein/#{name}/archive/master.tar.gz")
|
69
|
-
Dir.chdir("/tmp")
|
70
|
-
system("tar xvf #{name}.tar.gz")
|
71
|
-
Dir.chdir("#{name}-master")
|
72
|
-
system("sudo make install")
|
73
|
-
if TTY::Which.exist?('systemctl')
|
74
|
-
if Dir.exist?("/lib/systemd/system")
|
75
|
-
puts "lib/systemd"
|
76
|
-
system("sudo cp deceitmac@.service /lib/systemd/system/")
|
77
|
-
else
|
78
|
-
puts "/usr/lib/systemd"
|
79
|
-
system("sudo cp deceitmac@.service /usr/lib/systemd/system/")
|
80
|
-
end
|
81
|
-
end
|
82
|
-
Msg.p "pkg #{name} installed"
|
83
|
-
Dir.chdir(old_path)
|
84
|
-
rescue => e
|
85
|
-
Msg.err e
|
86
|
-
end
|
87
|
-
end
|
88
|
-
end
|
data/lib/spior/mac.rb
DELETED
data/lib/spior/network.rb
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
require 'interfacez'
|
2
|
-
require_relative 'msg'
|
3
|
-
|
4
|
-
module Spior
|
5
|
-
class Network
|
6
|
-
attr_accessor :card
|
7
|
-
|
8
|
-
def initialize(name = false)
|
9
|
-
@name = name
|
10
|
-
@check = false
|
11
|
-
end
|
12
|
-
|
13
|
-
def card
|
14
|
-
verify_card
|
15
|
-
if @check == false then
|
16
|
-
ask_for_card
|
17
|
-
end
|
18
|
-
@name
|
19
|
-
end
|
20
|
-
|
21
|
-
private
|
22
|
-
|
23
|
-
def verify_card
|
24
|
-
return if @check or not @name
|
25
|
-
Interfacez.all do |interface|
|
26
|
-
if interface == @name then
|
27
|
-
@check = true
|
28
|
-
end
|
29
|
-
end
|
30
|
-
if not @check then
|
31
|
-
Msg.err "Your interface #{@name} is no found"
|
32
|
-
end
|
33
|
-
end
|
34
|
-
|
35
|
-
def ask_for_card
|
36
|
-
until @check == true
|
37
|
-
Interfacez.all do |interface|
|
38
|
-
print interface + " "
|
39
|
-
end
|
40
|
-
printf "\nWhat is the name of the card to be used? "
|
41
|
-
@name = gets.chomp
|
42
|
-
verify_card
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|
data/lib/spior/reload.rb
DELETED
@@ -1,14 +0,0 @@
|
|
1
|
-
require 'tty-which'
|
2
|
-
require_relative 'msg'
|
3
|
-
require_relative 'helpers'
|
4
|
-
|
5
|
-
module Spior
|
6
|
-
module Reload
|
7
|
-
def self.tor
|
8
|
-
if TTY::Which.exist?('systemctl')
|
9
|
-
Helpers::Exec.new("systemctl").run("restart tor")
|
10
|
-
Msg.p "ip changed"
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
end
|
data/lib/spior/runner.rb
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
require_relative 'options'
|
2
|
-
require_relative 'install'
|
3
|
-
require_relative 'copy'
|
4
|
-
require_relative 'mac'
|
5
|
-
require_relative 'iptables'
|
6
|
-
require_relative 'network'
|
7
|
-
require_relative 'persist'
|
8
|
-
require_relative 'msg'
|
9
|
-
|
10
|
-
module Spior
|
11
|
-
class Runner
|
12
|
-
def initialize(argv)
|
13
|
-
@options = Options.new(argv)
|
14
|
-
@network = false
|
15
|
-
end
|
16
|
-
|
17
|
-
def run
|
18
|
-
if @options.install then
|
19
|
-
Msg.head
|
20
|
-
Spior::Install::dependencies
|
21
|
-
Spior::Copy::config_files
|
22
|
-
end
|
23
|
-
if @options.mac then
|
24
|
-
Msg.head
|
25
|
-
Spior::Install::check_mac
|
26
|
-
if not @network
|
27
|
-
@network = Spior::Network.new(@options.interface)
|
28
|
-
end
|
29
|
-
Spior::MAC::randomize(@network.card)
|
30
|
-
end
|
31
|
-
if @options.tor then
|
32
|
-
Msg.head
|
33
|
-
if not @network
|
34
|
-
@network = Spior::Network.new(@options.interface)
|
35
|
-
end
|
36
|
-
Spior::Iptables::tor(@network.card)
|
37
|
-
end
|
38
|
-
if @options.persist then
|
39
|
-
if not @network
|
40
|
-
@network = Spior::Network.new(@options.interface)
|
41
|
-
end
|
42
|
-
Spior::Persist::all(@network.card)
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|