spior 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CHANGELOG.md +7 -0
- data/README.md +7 -4
- data/Rakefile +2 -1
- data/bin/spior +2 -3
- data/lib/spior.rb +42 -0
- data/lib/spior/clear.rb +13 -18
- data/lib/spior/copy.rb +63 -98
- data/lib/spior/helpers.rb +13 -7
- data/lib/spior/install.rb +0 -3
- data/lib/spior/iptables.rb +5 -183
- data/lib/spior/iptables/default.rb +38 -0
- data/lib/spior/iptables/root.rb +92 -0
- data/lib/spior/iptables/tor.rb +64 -0
- data/lib/spior/menu.rb +10 -24
- data/lib/spior/network.rb +0 -1
- data/lib/spior/options.rb +8 -15
- data/lib/spior/persist.rb +29 -62
- data/lib/spior/status.rb +30 -12
- data/lib/spior/tor.rb +4 -104
- data/lib/spior/tor/info.rb +113 -0
- data/lib/spior/{reload.rb → tor/restart.rb} +3 -4
- data/lib/spior/version.rb +3 -0
- data/spior.gemspec +3 -1
- metadata +11 -9
- metadata.gz.sig +0 -0
- data/ext/ssh.conf +0 -29
- data/ext/sshd.conf +0 -46
- data/ext/sshuttle.service +0 -11
- data/lib/spior/runner.rb +0 -34
data/lib/spior/tor.rb
CHANGED
@@ -1,107 +1,7 @@
|
|
1
|
-
require 'pathname'
|
2
|
-
require 'nomansland'
|
3
|
-
require 'tty-which'
|
4
|
-
require_relative 'msg'
|
5
|
-
require_relative 'install'
|
6
|
-
require_relative 'copy'
|
7
|
-
require_relative 'helpers'
|
8
|
-
|
9
1
|
module Spior
|
10
|
-
|
11
|
-
attr_accessor :dns, :uid, :trans_port, :virt_addr
|
12
|
-
|
13
|
-
def initialize
|
14
|
-
@systemctl = Helpers::Exec.new("systemctl")
|
15
|
-
check_deps
|
16
|
-
@dns = search_dns
|
17
|
-
@uid = search_uid
|
18
|
-
@trans_port = search_trans_port
|
19
|
-
@virt_addr = search_virt_addr
|
20
|
-
end
|
21
|
-
|
22
|
-
private
|
23
|
-
|
24
|
-
def check_deps
|
25
|
-
Spior::Install::check_deps
|
26
|
-
Spior::Copy::config_files
|
27
|
-
add_resolv
|
28
|
-
add_torrc
|
29
|
-
verify_service
|
30
|
-
end
|
31
|
-
|
32
|
-
def add_resolv
|
33
|
-
string = "nameserver 127.0.0.1"
|
34
|
-
Spior::Copy::backup("/etc/resolv.conf", /nameserver 127.0.0.1$/)
|
35
|
-
new_file = Helpers::NewFile.new(string, "resolv.conf", "/etc")
|
36
|
-
new_file.add
|
37
|
-
new_file.perm("root", "644")
|
38
|
-
end
|
39
|
-
|
40
|
-
def add_torrc
|
41
|
-
user = ""
|
42
|
-
pid = ""
|
43
|
-
dir = "DataDirectory /var/lib/tor/data"
|
44
|
-
case Nomansland::distro?
|
45
|
-
when :gentoo
|
46
|
-
user = "User tor"
|
47
|
-
pid = "PIDFile /run/tor/tor.pid"
|
48
|
-
end
|
49
|
-
string = <<EOF
|
50
|
-
# Generated by Spior
|
51
|
-
#{user}
|
52
|
-
#{pid}
|
53
|
-
#{dir}
|
54
|
-
GeoIPExcludeUnknown 1
|
55
|
-
DNSPort 127.0.0.1:9061
|
56
|
-
AutomapHostsOnResolve 1
|
57
|
-
AutomapHostsSuffixes .exit,.onion
|
58
|
-
SocksPort 9050
|
59
|
-
VirtualAddrNetworkIPv4 10.192.0.0/10
|
60
|
-
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
61
|
-
TestSocks 1
|
62
|
-
MaxCircuitDirtiness 600
|
63
|
-
EOF
|
64
|
-
re = /# Generated by Spior/
|
65
|
-
Spior::Copy::backup("/etc/tor/torrc", re)
|
66
|
-
new_file = Helpers::NewFile.new(string, "torrc", "/etc/tor")
|
67
|
-
new_file.add
|
68
|
-
new_file.perm("root", "644")
|
69
|
-
end
|
70
|
-
|
71
|
-
def search_dns
|
72
|
-
9061
|
73
|
-
end
|
74
|
-
|
75
|
-
def search_uid
|
76
|
-
case Nomansland::distro?
|
77
|
-
when :debian
|
78
|
-
`id -u debian-tor`.chomp
|
79
|
-
when :ubuntu
|
80
|
-
`id -u debian-tor`.chomp
|
81
|
-
else
|
82
|
-
`id -u tor`.chomp
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
def search_trans_port
|
87
|
-
9040
|
88
|
-
end
|
89
|
-
|
90
|
-
def search_virt_addr
|
91
|
-
"10.192.0.0/10"
|
92
|
-
end
|
93
|
-
|
94
|
-
def verify_service
|
95
|
-
if TTY::Which.exist?('systemctl')
|
96
|
-
state = `systemctl is-active tor`.chomp
|
97
|
-
if state == 'active'
|
98
|
-
@systemctl.run('restart tor')
|
99
|
-
else
|
100
|
-
@systemctl.run('start tor')
|
101
|
-
end
|
102
|
-
else
|
103
|
-
Msg.for_no_systemd
|
104
|
-
end
|
105
|
-
end
|
2
|
+
module Tor
|
106
3
|
end
|
107
4
|
end
|
5
|
+
|
6
|
+
require_relative 'tor/info'
|
7
|
+
require_relative 'tor/restart'
|
@@ -0,0 +1,113 @@
|
|
1
|
+
require 'pathname'
|
2
|
+
require 'nomansland'
|
3
|
+
require 'tty-which'
|
4
|
+
|
5
|
+
module Spior
|
6
|
+
module Tor
|
7
|
+
class Info
|
8
|
+
attr_accessor :dns, :uid, :trans_port, :virt_addr
|
9
|
+
|
10
|
+
def initialize
|
11
|
+
@systemctl = Helpers::Exec.new("systemctl")
|
12
|
+
check_deps
|
13
|
+
@dns = search_dns
|
14
|
+
@uid = search_uid
|
15
|
+
@trans_port = search_trans_port
|
16
|
+
@virt_addr = search_virt_addr
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def check_deps
|
22
|
+
Spior::Install::check_deps
|
23
|
+
Spior::Copy.new.save
|
24
|
+
add_resolv
|
25
|
+
add_torrc
|
26
|
+
verify_service
|
27
|
+
end
|
28
|
+
|
29
|
+
def add_resolv
|
30
|
+
string = "nameserver 127.0.0.1"
|
31
|
+
new_file = Helpers::NewFile.new(string, "resolv.conf", "/etc")
|
32
|
+
new_file.add
|
33
|
+
new_file.perm("root", "644")
|
34
|
+
end
|
35
|
+
|
36
|
+
def self.grep?(file, regex)
|
37
|
+
is_found = false
|
38
|
+
return is_found if ! File.exist? file
|
39
|
+
File.open(file) do |f|
|
40
|
+
f.each do |line|
|
41
|
+
is_found = true if line.match(regex)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
is_found
|
45
|
+
end
|
46
|
+
|
47
|
+
def add_torrc
|
48
|
+
user = ""
|
49
|
+
pid = ""
|
50
|
+
dir = "DataDirectory /var/lib/tor/data"
|
51
|
+
case Nomansland::distro?
|
52
|
+
when :gentoo
|
53
|
+
user = "User tor"
|
54
|
+
pid = "PIDFile /run/tor/tor.pid"
|
55
|
+
end
|
56
|
+
string = <<EOF
|
57
|
+
# Generated by Spior
|
58
|
+
#{user}
|
59
|
+
#{pid}
|
60
|
+
#{dir}
|
61
|
+
GeoIPExcludeUnknown 1
|
62
|
+
DNSPort 127.0.0.1:9061
|
63
|
+
AutomapHostsOnResolve 1
|
64
|
+
AutomapHostsSuffixes .exit,.onion
|
65
|
+
SocksPort 9050
|
66
|
+
VirtualAddrNetworkIPv4 10.192.0.0/10
|
67
|
+
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
68
|
+
TestSocks 1
|
69
|
+
MaxCircuitDirtiness 600
|
70
|
+
EOF
|
71
|
+
new_file = Helpers::NewFile.new(string, "torrc", "/etc/tor")
|
72
|
+
new_file.add
|
73
|
+
new_file.perm("root", "644")
|
74
|
+
end
|
75
|
+
|
76
|
+
def search_dns
|
77
|
+
9061
|
78
|
+
end
|
79
|
+
|
80
|
+
def search_uid
|
81
|
+
case Nomansland::distro?
|
82
|
+
when :debian
|
83
|
+
`id -u debian-tor`.chomp
|
84
|
+
when :ubuntu
|
85
|
+
`id -u debian-tor`.chomp
|
86
|
+
else
|
87
|
+
`id -u tor`.chomp
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
def search_trans_port
|
92
|
+
9040
|
93
|
+
end
|
94
|
+
|
95
|
+
def search_virt_addr
|
96
|
+
"10.192.0.0/10"
|
97
|
+
end
|
98
|
+
|
99
|
+
def verify_service
|
100
|
+
if TTY::Which.exist?('systemctl')
|
101
|
+
state = `systemctl is-active tor`.chomp
|
102
|
+
if state == 'active'
|
103
|
+
@systemctl.run('restart tor')
|
104
|
+
else
|
105
|
+
@systemctl.run('start tor')
|
106
|
+
end
|
107
|
+
else
|
108
|
+
Msg.for_no_systemd
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
@@ -1,10 +1,9 @@
|
|
1
1
|
require 'tty-which'
|
2
|
-
require_relative 'msg'
|
3
|
-
require_relative 'helpers'
|
4
2
|
|
5
3
|
module Spior
|
6
|
-
module
|
7
|
-
|
4
|
+
module Tor
|
5
|
+
module_function
|
6
|
+
def restart
|
8
7
|
if TTY::Which.exist?('systemctl')
|
9
8
|
Helpers::Exec.new("systemctl").run("restart tor")
|
10
9
|
Msg.p "ip changed"
|
data/spior.gemspec
CHANGED
@@ -1,6 +1,8 @@
|
|
1
|
+
require File.dirname(__FILE__) + "/lib/spior/version"
|
2
|
+
|
1
3
|
Gem::Specification.new do |s|
|
2
4
|
s.name = "spior"
|
3
|
-
s.version =
|
5
|
+
s.version = Spior::VERSION
|
4
6
|
s.summary = "A tool to make TOR your default gateway"
|
5
7
|
s.description = <<-EOF
|
6
8
|
A tool to make TOR your default gateway
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: spior
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- szorfein
|
@@ -35,7 +35,7 @@ cert_chain:
|
|
35
35
|
J/zT/q2Ac7BWpSLbv6p9lChBiEnD9j24x463LR5QQjDNS5SsjzRQfFuprsa9Nqf2
|
36
36
|
Tw==
|
37
37
|
-----END CERTIFICATE-----
|
38
|
-
date: 2020-
|
38
|
+
date: 2020-11-01 00:00:00.000000000 Z
|
39
39
|
dependencies:
|
40
40
|
- !ruby/object:Gem::Dependency
|
41
41
|
name: rainbow
|
@@ -110,23 +110,25 @@ files:
|
|
110
110
|
- bin/spior
|
111
111
|
- ext/ipt_mod.conf
|
112
112
|
- ext/iptables.service
|
113
|
-
-
|
114
|
-
- ext/sshd.conf
|
115
|
-
- ext/sshuttle.service
|
113
|
+
- lib/spior.rb
|
116
114
|
- lib/spior/clear.rb
|
117
115
|
- lib/spior/copy.rb
|
118
116
|
- lib/spior/helpers.rb
|
119
117
|
- lib/spior/install.rb
|
120
118
|
- lib/spior/iptables.rb
|
119
|
+
- lib/spior/iptables/default.rb
|
120
|
+
- lib/spior/iptables/root.rb
|
121
|
+
- lib/spior/iptables/tor.rb
|
121
122
|
- lib/spior/menu.rb
|
122
123
|
- lib/spior/msg.rb
|
123
124
|
- lib/spior/network.rb
|
124
125
|
- lib/spior/options.rb
|
125
126
|
- lib/spior/persist.rb
|
126
|
-
- lib/spior/reload.rb
|
127
|
-
- lib/spior/runner.rb
|
128
127
|
- lib/spior/status.rb
|
129
128
|
- lib/spior/tor.rb
|
129
|
+
- lib/spior/tor/info.rb
|
130
|
+
- lib/spior/tor/restart.rb
|
131
|
+
- lib/spior/version.rb
|
130
132
|
- spior.gemspec
|
131
133
|
- test/test_install.rb
|
132
134
|
- test/test_options.rb
|
@@ -154,10 +156,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
154
156
|
requirements:
|
155
157
|
- tor
|
156
158
|
- iptables
|
157
|
-
rubygems_version: 3.
|
159
|
+
rubygems_version: 3.0.3
|
158
160
|
signing_key:
|
159
161
|
specification_version: 4
|
160
162
|
summary: A tool to make TOR your default gateway
|
161
163
|
test_files:
|
162
|
-
- test/test_options.rb
|
163
164
|
- test/test_install.rb
|
165
|
+
- test/test_options.rb
|
metadata.gz.sig
CHANGED
Binary file
|
data/ext/ssh.conf
DELETED
@@ -1,29 +0,0 @@
|
|
1
|
-
Host *.onion
|
2
|
-
ProxyCommand socat - SOCKS4A:localhost:%h:%p,socksport=9050
|
3
|
-
|
4
|
-
Host github.com
|
5
|
-
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
|
6
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc
|
7
|
-
MACs hmac-sha2-256,hmac-sha2-512,hmac-sha1
|
8
|
-
|
9
|
-
Host *
|
10
|
-
Protocol 2
|
11
|
-
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
12
|
-
|
13
|
-
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
|
14
|
-
|
15
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
16
|
-
|
17
|
-
PasswordAuthentication no
|
18
|
-
ChallengeResponseAuthentication no
|
19
|
-
PubkeyAuthentication yes
|
20
|
-
ForwardX11Trusted no
|
21
|
-
ForwardX11 no
|
22
|
-
ForwardAgent no
|
23
|
-
ConnectTimeout 40
|
24
|
-
|
25
|
-
# Send locale environment variables. #367017
|
26
|
-
SendEnv LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
|
27
|
-
|
28
|
-
# Send COLORTERM to match TERM. #658540
|
29
|
-
SendEnv COLORTERM
|
data/ext/sshd.conf
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
# ref https://github.com/stribika/stribika.github.io/wiki/Secure-Secure-Shell
|
2
|
-
# ref https://github.com/jumanjihouse/devenv/blob/master/app/etc/ssh/sshd_config
|
3
|
-
# ref https://www.ssh.com/ssh/sshd_config/
|
4
|
-
|
5
|
-
# Support for curve25519 KEX and chacha20 are on the wishlist.
|
6
|
-
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
7
|
-
|
8
|
-
hostkeyalgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256
|
9
|
-
|
10
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
11
|
-
|
12
|
-
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
|
13
|
-
|
14
|
-
Protocol 2
|
15
|
-
AllowGroups ssh-user
|
16
|
-
|
17
|
-
# Only allow 4096-byte RSA key
|
18
|
-
HostKey /etc/ssh/ssh_host_rsa_key
|
19
|
-
HostKey /etc/ssh/ssh_host_ed25519_key
|
20
|
-
|
21
|
-
PermitEmptyPasswords no
|
22
|
-
|
23
|
-
# Change to no to disable s/key passwords
|
24
|
-
ChallengeResponseAuthentication no
|
25
|
-
|
26
|
-
PubkeyAuthentication yes
|
27
|
-
|
28
|
-
# With TOR
|
29
|
-
#ListenAddress 127.0.0.1:22
|
30
|
-
|
31
|
-
UsePAM yes
|
32
|
-
PasswordAuthentication no
|
33
|
-
PrintMotd no
|
34
|
-
PrintLastLog no
|
35
|
-
|
36
|
-
X11Forwarding no
|
37
|
-
permitrootlogin no
|
38
|
-
|
39
|
-
# override default of no subsystems
|
40
|
-
Subsystem sftp /usr/lib64/misc/sftp-server
|
41
|
-
|
42
|
-
# Allow client to pass locale environment variables. #367017
|
43
|
-
AcceptEnv LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
|
44
|
-
|
45
|
-
# Allow client to pass COLORTERM to match TERM. #658540
|
46
|
-
AcceptEnv COLORTERM
|
data/ext/sshuttle.service
DELETED
data/lib/spior/runner.rb
DELETED
@@ -1,34 +0,0 @@
|
|
1
|
-
require_relative 'options'
|
2
|
-
require_relative 'install'
|
3
|
-
require_relative 'copy'
|
4
|
-
require_relative 'iptables'
|
5
|
-
require_relative 'network'
|
6
|
-
require_relative 'persist'
|
7
|
-
require_relative 'msg'
|
8
|
-
|
9
|
-
module Spior
|
10
|
-
class Runner
|
11
|
-
def initialize(argv)
|
12
|
-
@options = Options.new(argv)
|
13
|
-
@network = false
|
14
|
-
end
|
15
|
-
|
16
|
-
def run
|
17
|
-
if @options.install then
|
18
|
-
Msg.head
|
19
|
-
Spior::Install::check_deps
|
20
|
-
Spior::Copy::config_files
|
21
|
-
end
|
22
|
-
if @options.tor then
|
23
|
-
Msg.head
|
24
|
-
if not @network
|
25
|
-
@network = Spior::Network.new(@options.interface)
|
26
|
-
end
|
27
|
-
Spior::Iptables::tor(@network.card)
|
28
|
-
end
|
29
|
-
if @options.persist then
|
30
|
-
Spior::Persist::all
|
31
|
-
end
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|