RubyGems - spior - Versions diffs - 0.3.6 → 0.3.7 - Mend

spior 0.3.6 → 0.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 07b4daf3d6c06b689e2d584b43e419eb4e9e9ea8e19c4bf71c3116428955f957
-  data.tar.gz: '08699ad87b9abc01147df75938c744268e33d313955bb046b736ad674f93820e'
+  metadata.gz: 6e9226877b6a3f11c1b02a6cea0dd51f6342096772624dbf332fdf7928c77f5e
+  data.tar.gz: 00b1d3325b22ddf4ef2bd3423125151a1cfaa951670d7ceeb3e7eb8a071e0d5d
 SHA512:
-  metadata.gz: 92014306180514cf8b3f9bea57544054fc961127161a6ca8e067a7baeaec256fc365ca8c6e58fe4f88bfeb7f01c24b85350d7ac031dd44e4532b7c8c5ddbc497
-  data.tar.gz: 2971e056165009f5ef1dda7dcbc5e282ba1769076ffc99d439e3b8741a44d1aeb01197087b628e3f6103b1d23cfbb1861bfa27d1c843c52a5bb0e84caeba03f2
+  metadata.gz: 26fe94bd00c3fdfe3e4edfac13bb75780ed00401bb218c90f35496d0b084bec68785cb71461c3ddbbef1d9df7d4ee9c5751dc4be3c2997627114d6511ea17f55
+  data.tar.gz: e1b403d42966e8010d3634b7cddb50e0df4bef5539891534b3da4ed6ebc3c45afb4e6fb63cd8744efaa730974e5898036770ee94a9b5bcc652b6becc13ba0b52

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,9 @@
+## 0.3.7, release 2023-10-27
+* Persist mode may require manual intervention to work, look the [readme](https://github.com/szorfein/spior/tree/master#left-over)
+* Persist and runtime corrected on Voidlinux.
+* Spior check the presence of 'simple_firewall.rules' when you use the --clearnet
+* Create a `/etc/sysctl.d/40-ipv6.conf` with the persist mode in order to block ipv6 at boot.
 ## 0.3.5, release 2023-10-26
 * Better code style, only 11 alerts from rubocop.
 * spior -t also block ipv6 traffic, no need to reboot.

data/README.md CHANGED Viewed

@@ -4,7 +4,7 @@
 <br/>
 [![Gem Version](https://badge.fury.io/rb/spior.svg)](https://badge.fury.io/rb/spior)
-![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/szorfein/spior/Rubocop/develop)
+![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/szorfein/spior/Rubocop/devel)
 [![Ruby Style Guide](https://img.shields.io/badge/code_style-rubocop-brightgreen.svg)](https://github.com/rubocop/rubocop)
 ![GitHub](https://img.shields.io/github/license/szorfein/spior)
@@ -54,6 +54,16 @@ Return to clearnet navigation
 ## Left Over
+### Troubleshoooting
+When you enable the `--persist` mode, Spior try to block ipv6 with sysctl. It can fail on some system, so you may need to manually disable ipv6 via kernel argument.
+An exemple with GRUB, edit `/etc/default/grub.cfg` and change the line bellow:
+```
+GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet"
+```
+Recompile the initrd after that and it should be good.
 ### Issues
 For any questions, comments, feedback or issues, submit a [new issue](https://github.com/szorfein/spior/issues/new).
@@ -61,4 +71,4 @@ For any questions, comments, feedback or issues, submit a [new issue](https://gi
 + https://rubyreferences.github.io/rubyref
 + https://rubystyle.guide/
 + https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxy
-+ https://github.com/epidemics-scepticism/writing/blob/master/misconception.md
++ https://github.com/epidemics-scepticism/writing/blob/master/misconception.md

data/lib/auth.rb CHANGED Viewed

@@ -10,7 +10,7 @@ class Auth
   end
   def mkdir(path)
-    return if File.exist?(path)
+    return if Dir.exist?(path)
     x("mkdir -p #{path}")
   end
@@ -21,6 +21,12 @@ class Auth
     x("sysctl -w #{flag}=#{value}")
   end
+  def write(content, file)
+    temp = Tempfile.new
+    File.write(temp.path, "#{content}\n")
+    x("cp #{temp.path} #{file}")
+  end
   protected
   def search_app

data/lib/spior/iptables/rules.rb CHANGED Viewed

@@ -43,7 +43,7 @@ module Spior
       end
       def search_for_comment(filename)
-        return unless File.exist? filename
+        return false unless File.exist? filename
         File.open(filename) do |f|
           f.each do |line|
@@ -74,13 +74,15 @@ module Spior
       end
       def restoring_older_rules(filename)
-        files = %W[#{filename}-backup #{filename}]
+        files = %W[#{filename}-backup /etc/iptables/simple_firewall.rules #{filename}]
         files.each do |f|
           next unless File.exist?(f) || search_for_comment(f)
           Iptables::Root.new.stop!
           Msg.p "Found older rules #{f}, restoring..."
-          Helpers::Exec.new('iptables-restore').run(f)
+          Helpers::Exec.new('cp').run("#{f} #{@save_path}")
+          Helpers::Exec.new('iptables-restore').run(@save_path)
           return true
         end
         false

data/lib/spior/ipv6.rb CHANGED Viewed

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 require 'auth'
+require 'interfacez'
 module Spior
   # Block or Allow ipv6 traffic with sysctl
@@ -22,6 +23,18 @@ module Spior
       Msg.p 'ipv6 blocked' if @changed
     end
+    def block_persist
+      Auth.new.mkdir '/etc/sysctl.d'
+      interfaces = ['net.ipv6.conf.all.disable_ipv6 = 1',
+                    'net.ipv6.conf.default.disable_ipv6 = 1']
+      Interfacez.all { |i| interfaces << "net.ipv6.conf.#{i}.disable_ipv6 = 1" }
+      if Process::Sys.getuid == '0'
+        File.write('/etc/sysctl.d/40-ipv6.conf', interfaces.join("\n"))
+      else
+        Auth.new.write(interfaces.join("\n"), '/etc/sysctl.d/40-ipv6.conf')
+      end
+    end
     private
     def apply_option(flag, value)

data/lib/spior/service/enable.rb CHANGED Viewed

@@ -17,6 +17,8 @@ module Spior
           for_gentoo
         when :archlinux
           for_arch
+        when :void
+          for_void
         else
           Msg.report 'Your distro is not yet supported.'
         end
@@ -37,13 +39,23 @@ module Spior
         else
           Msg.report 'Init no yet supported for start Iptables at boot'
         end
+        Ipv6.new.block_persist
       end
       def for_arch
         Iptables::Rules.new.save
         Tor::Config.new(Tempfile.new('torrc')).backup
         systemd_enable('iptables', 'tor')
-        Msg.p 'Services enabled for Archlinux...'
+        Ipv6.new.block_persist
+        Msg.p 'Persist enabled for Arch...'
+      end
+      def for_void
+        Iptables::Rules.new.save
+        Tor::Config.new(Tempfile.new('torrc')).backup
+        runit_enable('iptables', 'tor')
+        Ipv6.new.block_persist
+        Msg.p 'Persist enabled for Void...'
       end
       private
@@ -51,15 +63,28 @@ module Spior
       def systemd_enable(*services)
         systemctl = Helpers::Exec.new('systemctl')
         services.each do |s|
-          Msg.p "Search for service #{s}..."
-          systemctl.run("enable #{s}") unless system("systemctl is-enabled #{s}")
+          next if system("systemctl is-enabled #{s} >/dev/null")
+          systemctl.run("enable #{s}")
+          Msg.p "Enabling #{s}..."
+        end
+      end
+      def runit_enable(*services)
+        services.each do |s|
+          next if File.exist? "/var/service/#{s}"
+          Helpers::Exec.new('ln').run("-s /etc/sv/#{s} /var/service/#{s}")
+          Msg.p "Enabling #{s}"
         end
       end
       def systemd_start(service)
         systemctl = Helpers::Exec.new('systemctl')
+        return if system("systemctl is-active #{service} >/dev/null")
         Msg.p "Search for service #{service}..."
-        systemctl.run("start #{service}") unless system("systemctl is-active #{service}")
+        systemctl.run("start #{service}")
       end
     end
   end

data/lib/spior/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Spior
-  VERSION = '0.3.6'
+  VERSION = '0.3.7'
 end

data/spior.gemspec CHANGED Viewed

@@ -40,7 +40,7 @@ Gem::Specification.new do |s|
   s.required_ruby_version = '>= 2.6'
   s.add_runtime_dependency('interfacez', '~> 1.0')
-  s.add_runtime_dependency('nomansland', '~> 0.0')
+  s.add_runtime_dependency('nomansland', '~> 0.0.5')
   s.add_runtime_dependency('rainbow', '~> 3.1')
-  s.add_runtime_dependency('tty-which', '~> 0.5')
+  s.add_runtime_dependency('tty-which', '~> 0.5.0')
 end

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: spior
 version: !ruby/object:Gem::Version
-  version: 0.3.6
+  version: 0.3.7
 platform: ruby
 authors:
 - szorfein
@@ -36,7 +36,7 @@ cert_chain:
   urXgRIzALxd/xazPCnoLSXPzfJSI6Y77S1EBvhPd9RaSO8IyH9RhPDP9mnTvW2Kl
   NAUnoL+txK5a
   -----END CERTIFICATE-----
-date: 2023-10-26 00:00:00.000000000 Z
+date: 2023-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: interfacez
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: 0.0.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: 0.0.5
 - !ruby/object:Gem::Dependency
   name: rainbow
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 0.5.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 0.5.0
 description: "    A tool to make TOR your default gateway\n"
 email: szorfein@protonmail.com
 executables:

metadata.gz.sig CHANGED Viewed

Binary file