spior 0.1.4 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CHANGELOG.md +7 -0
- data/README.md +7 -4
- data/Rakefile +2 -1
- data/bin/spior +2 -3
- data/lib/spior.rb +42 -0
- data/lib/spior/clear.rb +13 -18
- data/lib/spior/copy.rb +63 -98
- data/lib/spior/helpers.rb +13 -7
- data/lib/spior/install.rb +0 -3
- data/lib/spior/iptables.rb +5 -183
- data/lib/spior/iptables/default.rb +38 -0
- data/lib/spior/iptables/root.rb +92 -0
- data/lib/spior/iptables/tor.rb +64 -0
- data/lib/spior/menu.rb +10 -24
- data/lib/spior/network.rb +0 -1
- data/lib/spior/options.rb +8 -15
- data/lib/spior/persist.rb +29 -62
- data/lib/spior/status.rb +30 -12
- data/lib/spior/tor.rb +4 -104
- data/lib/spior/tor/info.rb +113 -0
- data/lib/spior/{reload.rb → tor/restart.rb} +3 -4
- data/lib/spior/version.rb +3 -0
- data/spior.gemspec +3 -1
- metadata +11 -9
- metadata.gz.sig +0 -0
- data/ext/ssh.conf +0 -29
- data/ext/sshd.conf +0 -46
- data/ext/sshuttle.service +0 -11
- data/lib/spior/runner.rb +0 -34
data/lib/spior/tor.rb
CHANGED
@@ -1,107 +1,7 @@
|
|
1
|
-
require 'pathname'
|
2
|
-
require 'nomansland'
|
3
|
-
require 'tty-which'
|
4
|
-
require_relative 'msg'
|
5
|
-
require_relative 'install'
|
6
|
-
require_relative 'copy'
|
7
|
-
require_relative 'helpers'
|
8
|
-
|
9
1
|
module Spior
|
10
|
-
|
11
|
-
attr_accessor :dns, :uid, :trans_port, :virt_addr
|
12
|
-
|
13
|
-
def initialize
|
14
|
-
@systemctl = Helpers::Exec.new("systemctl")
|
15
|
-
check_deps
|
16
|
-
@dns = search_dns
|
17
|
-
@uid = search_uid
|
18
|
-
@trans_port = search_trans_port
|
19
|
-
@virt_addr = search_virt_addr
|
20
|
-
end
|
21
|
-
|
22
|
-
private
|
23
|
-
|
24
|
-
def check_deps
|
25
|
-
Spior::Install::check_deps
|
26
|
-
Spior::Copy::config_files
|
27
|
-
add_resolv
|
28
|
-
add_torrc
|
29
|
-
verify_service
|
30
|
-
end
|
31
|
-
|
32
|
-
def add_resolv
|
33
|
-
string = "nameserver 127.0.0.1"
|
34
|
-
Spior::Copy::backup("/etc/resolv.conf", /nameserver 127.0.0.1$/)
|
35
|
-
new_file = Helpers::NewFile.new(string, "resolv.conf", "/etc")
|
36
|
-
new_file.add
|
37
|
-
new_file.perm("root", "644")
|
38
|
-
end
|
39
|
-
|
40
|
-
def add_torrc
|
41
|
-
user = ""
|
42
|
-
pid = ""
|
43
|
-
dir = "DataDirectory /var/lib/tor/data"
|
44
|
-
case Nomansland::distro?
|
45
|
-
when :gentoo
|
46
|
-
user = "User tor"
|
47
|
-
pid = "PIDFile /run/tor/tor.pid"
|
48
|
-
end
|
49
|
-
string = <<EOF
|
50
|
-
# Generated by Spior
|
51
|
-
#{user}
|
52
|
-
#{pid}
|
53
|
-
#{dir}
|
54
|
-
GeoIPExcludeUnknown 1
|
55
|
-
DNSPort 127.0.0.1:9061
|
56
|
-
AutomapHostsOnResolve 1
|
57
|
-
AutomapHostsSuffixes .exit,.onion
|
58
|
-
SocksPort 9050
|
59
|
-
VirtualAddrNetworkIPv4 10.192.0.0/10
|
60
|
-
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
61
|
-
TestSocks 1
|
62
|
-
MaxCircuitDirtiness 600
|
63
|
-
EOF
|
64
|
-
re = /# Generated by Spior/
|
65
|
-
Spior::Copy::backup("/etc/tor/torrc", re)
|
66
|
-
new_file = Helpers::NewFile.new(string, "torrc", "/etc/tor")
|
67
|
-
new_file.add
|
68
|
-
new_file.perm("root", "644")
|
69
|
-
end
|
70
|
-
|
71
|
-
def search_dns
|
72
|
-
9061
|
73
|
-
end
|
74
|
-
|
75
|
-
def search_uid
|
76
|
-
case Nomansland::distro?
|
77
|
-
when :debian
|
78
|
-
`id -u debian-tor`.chomp
|
79
|
-
when :ubuntu
|
80
|
-
`id -u debian-tor`.chomp
|
81
|
-
else
|
82
|
-
`id -u tor`.chomp
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
def search_trans_port
|
87
|
-
9040
|
88
|
-
end
|
89
|
-
|
90
|
-
def search_virt_addr
|
91
|
-
"10.192.0.0/10"
|
92
|
-
end
|
93
|
-
|
94
|
-
def verify_service
|
95
|
-
if TTY::Which.exist?('systemctl')
|
96
|
-
state = `systemctl is-active tor`.chomp
|
97
|
-
if state == 'active'
|
98
|
-
@systemctl.run('restart tor')
|
99
|
-
else
|
100
|
-
@systemctl.run('start tor')
|
101
|
-
end
|
102
|
-
else
|
103
|
-
Msg.for_no_systemd
|
104
|
-
end
|
105
|
-
end
|
2
|
+
module Tor
|
106
3
|
end
|
107
4
|
end
|
5
|
+
|
6
|
+
require_relative 'tor/info'
|
7
|
+
require_relative 'tor/restart'
|
@@ -0,0 +1,113 @@
|
|
1
|
+
require 'pathname'
|
2
|
+
require 'nomansland'
|
3
|
+
require 'tty-which'
|
4
|
+
|
5
|
+
module Spior
|
6
|
+
module Tor
|
7
|
+
class Info
|
8
|
+
attr_accessor :dns, :uid, :trans_port, :virt_addr
|
9
|
+
|
10
|
+
def initialize
|
11
|
+
@systemctl = Helpers::Exec.new("systemctl")
|
12
|
+
check_deps
|
13
|
+
@dns = search_dns
|
14
|
+
@uid = search_uid
|
15
|
+
@trans_port = search_trans_port
|
16
|
+
@virt_addr = search_virt_addr
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def check_deps
|
22
|
+
Spior::Install::check_deps
|
23
|
+
Spior::Copy.new.save
|
24
|
+
add_resolv
|
25
|
+
add_torrc
|
26
|
+
verify_service
|
27
|
+
end
|
28
|
+
|
29
|
+
def add_resolv
|
30
|
+
string = "nameserver 127.0.0.1"
|
31
|
+
new_file = Helpers::NewFile.new(string, "resolv.conf", "/etc")
|
32
|
+
new_file.add
|
33
|
+
new_file.perm("root", "644")
|
34
|
+
end
|
35
|
+
|
36
|
+
def self.grep?(file, regex)
|
37
|
+
is_found = false
|
38
|
+
return is_found if ! File.exist? file
|
39
|
+
File.open(file) do |f|
|
40
|
+
f.each do |line|
|
41
|
+
is_found = true if line.match(regex)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
is_found
|
45
|
+
end
|
46
|
+
|
47
|
+
def add_torrc
|
48
|
+
user = ""
|
49
|
+
pid = ""
|
50
|
+
dir = "DataDirectory /var/lib/tor/data"
|
51
|
+
case Nomansland::distro?
|
52
|
+
when :gentoo
|
53
|
+
user = "User tor"
|
54
|
+
pid = "PIDFile /run/tor/tor.pid"
|
55
|
+
end
|
56
|
+
string = <<EOF
|
57
|
+
# Generated by Spior
|
58
|
+
#{user}
|
59
|
+
#{pid}
|
60
|
+
#{dir}
|
61
|
+
GeoIPExcludeUnknown 1
|
62
|
+
DNSPort 127.0.0.1:9061
|
63
|
+
AutomapHostsOnResolve 1
|
64
|
+
AutomapHostsSuffixes .exit,.onion
|
65
|
+
SocksPort 9050
|
66
|
+
VirtualAddrNetworkIPv4 10.192.0.0/10
|
67
|
+
TransPort 9040 IsolateClientAddr IsolateClientProtocol IsolateDestAddr IsolateDestPort
|
68
|
+
TestSocks 1
|
69
|
+
MaxCircuitDirtiness 600
|
70
|
+
EOF
|
71
|
+
new_file = Helpers::NewFile.new(string, "torrc", "/etc/tor")
|
72
|
+
new_file.add
|
73
|
+
new_file.perm("root", "644")
|
74
|
+
end
|
75
|
+
|
76
|
+
def search_dns
|
77
|
+
9061
|
78
|
+
end
|
79
|
+
|
80
|
+
def search_uid
|
81
|
+
case Nomansland::distro?
|
82
|
+
when :debian
|
83
|
+
`id -u debian-tor`.chomp
|
84
|
+
when :ubuntu
|
85
|
+
`id -u debian-tor`.chomp
|
86
|
+
else
|
87
|
+
`id -u tor`.chomp
|
88
|
+
end
|
89
|
+
end
|
90
|
+
|
91
|
+
def search_trans_port
|
92
|
+
9040
|
93
|
+
end
|
94
|
+
|
95
|
+
def search_virt_addr
|
96
|
+
"10.192.0.0/10"
|
97
|
+
end
|
98
|
+
|
99
|
+
def verify_service
|
100
|
+
if TTY::Which.exist?('systemctl')
|
101
|
+
state = `systemctl is-active tor`.chomp
|
102
|
+
if state == 'active'
|
103
|
+
@systemctl.run('restart tor')
|
104
|
+
else
|
105
|
+
@systemctl.run('start tor')
|
106
|
+
end
|
107
|
+
else
|
108
|
+
Msg.for_no_systemd
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
@@ -1,10 +1,9 @@
|
|
1
1
|
require 'tty-which'
|
2
|
-
require_relative 'msg'
|
3
|
-
require_relative 'helpers'
|
4
2
|
|
5
3
|
module Spior
|
6
|
-
module
|
7
|
-
|
4
|
+
module Tor
|
5
|
+
module_function
|
6
|
+
def restart
|
8
7
|
if TTY::Which.exist?('systemctl')
|
9
8
|
Helpers::Exec.new("systemctl").run("restart tor")
|
10
9
|
Msg.p "ip changed"
|
data/spior.gemspec
CHANGED
@@ -1,6 +1,8 @@
|
|
1
|
+
require File.dirname(__FILE__) + "/lib/spior/version"
|
2
|
+
|
1
3
|
Gem::Specification.new do |s|
|
2
4
|
s.name = "spior"
|
3
|
-
s.version =
|
5
|
+
s.version = Spior::VERSION
|
4
6
|
s.summary = "A tool to make TOR your default gateway"
|
5
7
|
s.description = <<-EOF
|
6
8
|
A tool to make TOR your default gateway
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: spior
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- szorfein
|
@@ -35,7 +35,7 @@ cert_chain:
|
|
35
35
|
J/zT/q2Ac7BWpSLbv6p9lChBiEnD9j24x463LR5QQjDNS5SsjzRQfFuprsa9Nqf2
|
36
36
|
Tw==
|
37
37
|
-----END CERTIFICATE-----
|
38
|
-
date: 2020-
|
38
|
+
date: 2020-11-01 00:00:00.000000000 Z
|
39
39
|
dependencies:
|
40
40
|
- !ruby/object:Gem::Dependency
|
41
41
|
name: rainbow
|
@@ -110,23 +110,25 @@ files:
|
|
110
110
|
- bin/spior
|
111
111
|
- ext/ipt_mod.conf
|
112
112
|
- ext/iptables.service
|
113
|
-
-
|
114
|
-
- ext/sshd.conf
|
115
|
-
- ext/sshuttle.service
|
113
|
+
- lib/spior.rb
|
116
114
|
- lib/spior/clear.rb
|
117
115
|
- lib/spior/copy.rb
|
118
116
|
- lib/spior/helpers.rb
|
119
117
|
- lib/spior/install.rb
|
120
118
|
- lib/spior/iptables.rb
|
119
|
+
- lib/spior/iptables/default.rb
|
120
|
+
- lib/spior/iptables/root.rb
|
121
|
+
- lib/spior/iptables/tor.rb
|
121
122
|
- lib/spior/menu.rb
|
122
123
|
- lib/spior/msg.rb
|
123
124
|
- lib/spior/network.rb
|
124
125
|
- lib/spior/options.rb
|
125
126
|
- lib/spior/persist.rb
|
126
|
-
- lib/spior/reload.rb
|
127
|
-
- lib/spior/runner.rb
|
128
127
|
- lib/spior/status.rb
|
129
128
|
- lib/spior/tor.rb
|
129
|
+
- lib/spior/tor/info.rb
|
130
|
+
- lib/spior/tor/restart.rb
|
131
|
+
- lib/spior/version.rb
|
130
132
|
- spior.gemspec
|
131
133
|
- test/test_install.rb
|
132
134
|
- test/test_options.rb
|
@@ -154,10 +156,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
154
156
|
requirements:
|
155
157
|
- tor
|
156
158
|
- iptables
|
157
|
-
rubygems_version: 3.
|
159
|
+
rubygems_version: 3.0.3
|
158
160
|
signing_key:
|
159
161
|
specification_version: 4
|
160
162
|
summary: A tool to make TOR your default gateway
|
161
163
|
test_files:
|
162
|
-
- test/test_options.rb
|
163
164
|
- test/test_install.rb
|
165
|
+
- test/test_options.rb
|
metadata.gz.sig
CHANGED
Binary file
|
data/ext/ssh.conf
DELETED
@@ -1,29 +0,0 @@
|
|
1
|
-
Host *.onion
|
2
|
-
ProxyCommand socat - SOCKS4A:localhost:%h:%p,socksport=9050
|
3
|
-
|
4
|
-
Host github.com
|
5
|
-
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
|
6
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc
|
7
|
-
MACs hmac-sha2-256,hmac-sha2-512,hmac-sha1
|
8
|
-
|
9
|
-
Host *
|
10
|
-
Protocol 2
|
11
|
-
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
12
|
-
|
13
|
-
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
|
14
|
-
|
15
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
16
|
-
|
17
|
-
PasswordAuthentication no
|
18
|
-
ChallengeResponseAuthentication no
|
19
|
-
PubkeyAuthentication yes
|
20
|
-
ForwardX11Trusted no
|
21
|
-
ForwardX11 no
|
22
|
-
ForwardAgent no
|
23
|
-
ConnectTimeout 40
|
24
|
-
|
25
|
-
# Send locale environment variables. #367017
|
26
|
-
SendEnv LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
|
27
|
-
|
28
|
-
# Send COLORTERM to match TERM. #658540
|
29
|
-
SendEnv COLORTERM
|
data/ext/sshd.conf
DELETED
@@ -1,46 +0,0 @@
|
|
1
|
-
# ref https://github.com/stribika/stribika.github.io/wiki/Secure-Secure-Shell
|
2
|
-
# ref https://github.com/jumanjihouse/devenv/blob/master/app/etc/ssh/sshd_config
|
3
|
-
# ref https://www.ssh.com/ssh/sshd_config/
|
4
|
-
|
5
|
-
# Support for curve25519 KEX and chacha20 are on the wishlist.
|
6
|
-
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
|
7
|
-
|
8
|
-
hostkeyalgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256
|
9
|
-
|
10
|
-
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
|
11
|
-
|
12
|
-
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
|
13
|
-
|
14
|
-
Protocol 2
|
15
|
-
AllowGroups ssh-user
|
16
|
-
|
17
|
-
# Only allow 4096-byte RSA key
|
18
|
-
HostKey /etc/ssh/ssh_host_rsa_key
|
19
|
-
HostKey /etc/ssh/ssh_host_ed25519_key
|
20
|
-
|
21
|
-
PermitEmptyPasswords no
|
22
|
-
|
23
|
-
# Change to no to disable s/key passwords
|
24
|
-
ChallengeResponseAuthentication no
|
25
|
-
|
26
|
-
PubkeyAuthentication yes
|
27
|
-
|
28
|
-
# With TOR
|
29
|
-
#ListenAddress 127.0.0.1:22
|
30
|
-
|
31
|
-
UsePAM yes
|
32
|
-
PasswordAuthentication no
|
33
|
-
PrintMotd no
|
34
|
-
PrintLastLog no
|
35
|
-
|
36
|
-
X11Forwarding no
|
37
|
-
permitrootlogin no
|
38
|
-
|
39
|
-
# override default of no subsystems
|
40
|
-
Subsystem sftp /usr/lib64/misc/sftp-server
|
41
|
-
|
42
|
-
# Allow client to pass locale environment variables. #367017
|
43
|
-
AcceptEnv LANG LC_ALL LC_COLLATE LC_CTYPE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE
|
44
|
-
|
45
|
-
# Allow client to pass COLORTERM to match TERM. #658540
|
46
|
-
AcceptEnv COLORTERM
|
data/ext/sshuttle.service
DELETED
data/lib/spior/runner.rb
DELETED
@@ -1,34 +0,0 @@
|
|
1
|
-
require_relative 'options'
|
2
|
-
require_relative 'install'
|
3
|
-
require_relative 'copy'
|
4
|
-
require_relative 'iptables'
|
5
|
-
require_relative 'network'
|
6
|
-
require_relative 'persist'
|
7
|
-
require_relative 'msg'
|
8
|
-
|
9
|
-
module Spior
|
10
|
-
class Runner
|
11
|
-
def initialize(argv)
|
12
|
-
@options = Options.new(argv)
|
13
|
-
@network = false
|
14
|
-
end
|
15
|
-
|
16
|
-
def run
|
17
|
-
if @options.install then
|
18
|
-
Msg.head
|
19
|
-
Spior::Install::check_deps
|
20
|
-
Spior::Copy::config_files
|
21
|
-
end
|
22
|
-
if @options.tor then
|
23
|
-
Msg.head
|
24
|
-
if not @network
|
25
|
-
@network = Spior::Network.new(@options.interface)
|
26
|
-
end
|
27
|
-
Spior::Iptables::tor(@network.card)
|
28
|
-
end
|
29
|
-
if @options.persist then
|
30
|
-
Spior::Persist::all
|
31
|
-
end
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|