update full

README.md

@@ -1 +1 @@
-tranforme un raspberry en relay TOR
+Various soft for Raspberry Hotpost (classic, openvpn , wireguard, tor)

automated_tools/wlan_swap.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+if (( $EUID != 0 )); then
+   echo "This must be run as root. Try 'sudo bash $0'."
+   exit 1
+fi
+
+echo "Swap wlan0 and wlan1"
+IFACE=wlan0
+read MAC </sys/class/net/$IFACE/address
+
+if ! [ -f /etc/udev/rules.d/70-my_network_interfaces.rules ]
+then
+echo "file not exist => install it.."
+echo ""
+else
+echo "file exist => remove it and install it again..."
+echo ""
+rm /etc/udev/rules.d/70-my_network_interfaces.rules
+fi
+cat <<'EOF'>> /etc/udev/rules.d/70-my_network_interfaces.rules
+# Built-in wifi interface used in hostapd - identify device by MAC address
+SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="XXX", NAME="wlan1"
+EOF
+
+sudo sed -i -e "s/XXX/$MAC/g" /etc/udev/rules.d/70-my_network_interfaces.rules
+
+echo "Actuel wlan0 MAC address is : $MAC"
+echo "After reboot wlan0 will swapped to wlan1 and wlan1 to wlan0"
+echo "check the config file and double check is what you want:"
+echo ""
+cat /etc/udev/rules.d/70-my_network_interfaces.rules
+echo ""
+echo "if it's ok, reboot...otherwize edit the file /etc/udev/rules.d/70-my_network_interfaces.rules"
+echo
+

manual_tools/70-my_network_interfaces.rules

@@ -1,2 +0,0 @@
-# Built-in wifi interface used in hostapd - identify device by MAC address
-SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="b8:27:eb:4c:53:b2", NAME="wlan1"

manual_tools/config_relay.sh

@@ -0,0 +1,137 @@
+#!/bin/bash
+echo "Autonconfigure relay v1.0"
+
+if (( $EUID != 0 )); then
+   echo "This must be run as root. Try 'sudo bash $0'."
+   exit 1
+fi
+
+function hotspot_(){
+echo -e "$(tput setaf 6)flush iptables:$(tput sgr0)"
+iptables -F
+iptables -S
+cp iptables/iptables.ipv4.nat_hotspot /etc/iptables.ipv4.nat
+echo -e "$(tput setaf 6)\nactivate rules:$(tput sgr0)"
+iptables-restore </etc/iptables.ipv4.nat
+iptables -S
+echo -e "$(tput setaf 6)\nDone !$(tput sgr0)\n"
+exit
+}
+
+function openvpn_(){
+echo -e -n "Check openVPN installed : "
+if ! [ -x "$(command -v openvpn)" ]
+then
+echo -e "[\e[91m NO \e[0m]" && apt-get install openvpn -y
+update-rc.d -f openvpn remove
+else
+echo -e "[\e[92m OK \e[0m]"
+fi
+echo -e "$(tput setaf 6)\nflush iptables:$(tput sgr0)"
+iptables -F
+iptables -S
+cp iptables/iptables.ipv4.nat_openvpn /etc/iptables.ipv4.nat
+echo -e "$(tput setaf 6)\nactivate rules:$(tput sgr0)"
+iptables-restore </etc/iptables.ipv4.nat
+iptables -S
+ME=$(who -m | awk '{print $1;}')
+echo -e "$(tput setaf 6)\ndo not forget to copy your openvpn config ! (copy to /home/$ME/)$(tput sgr0)"
+sleep 2
+if [ -f /home/$ME/config.ovpn ]
+then
+echo -e "$(tput setaf 6)\nFile exist we can start openvpn ! $(tput sgr0)"
+echo -e "sudo openvpn --config /home/$ME/config.ovpn  --daemon"
+STATUS="$(systemctl is-active --quiet openvpn)"
+if [ "${STATUS}" = "active" ]; then killall -9 openvpn ;fi
+sudo openvpn --config /home/$ME/config.ovpn --daemon
+fi
+echo -e "$(tput setaf 6)\nDone !$(tput sgr0)\n"
+exit
+}
+
+function tor_(){
+echo -e -n "Check if Tor isinstalled : "
+if ! [ -x "$(command -v tor)" ]
+then
+echo -e "[\e[91m NO \e[0m]" && apt-get install tor -y
+else
+echo -e "[\e[92m OK \e[0m]"
+fi
+if ! [ -f /etc/tor/torrc.bak ]
+then
+cp /etc/tor/torrc /etc/tor/torrc.bak
+fi
+cp /etc/tor/torrc.bak /etc/tor/torrc
+echo "Log notice file /var/log/tor/notices.log
+VirtualAddrNetwork 10.192.0.0/10
+AutomapHostsSuffixes .onion,.exit
+AutomapHostsOnResolve 1
+TransPort 192.168.4.1:9040
+DNSPort 192.168.4.1:53" >> /etc/tor/torrc
+echo "$(tput setaf 6)Setting up logging in /var/log/tor/notices.log...$(tput sgr0)"
+touch /var/log/tor/notices.log
+chown debian-tor /var/log/tor/notices.log
+chmod 644 /var/log/tor/notices.log
+echo -e "$(tput setaf 6)\nflush iptables:$(tput sgr0)"
+iptables -F
+iptables -t nat -F
+iptables -S
+echo -e "$(tput setaf 6)\nactivate rules:$(tput sgr0)"
+iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --to-ports 22
+iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
+iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
+sh -c "iptables-save > /etc/iptables.ipv4.nat"
+update-rc.d tor remove
+service tor start
+echo -e "$(tput setaf 6)\nDone !$(tput sgr0)\n"
+exit
+}
+
+function wireguard_(){
+echo -e -n "Check Wireguard is installed : "
+if ! [ -x "$(command -v wg)" ]
+then
+echo -e "[\e[91m NO \e[0m]" && apt-get install wirehuard -y
+update-rc.d -f wg remove
+else
+echo -e "[\e[92m OK \e[0m]"
+fi
+iptables -A FORWARD -i wlan0 -o wg0 -j ACCEPT
+iptables -t nat -A  POSTROUTING -o wg0 -j MASQUERADE
+iptables -A FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+echo -e "$(tput setaf 6)\ndo not forget to copy your Wireguard config ! (copy to /etc/wireguard/wg0.conf)$(tput sgr0)"
+if [ /etc/wireguard/wg0.conf ]
+then
+echo -e "$(tput setaf 6)\nFile exist we can start wireguard ! $(tput sgr0)"
+wg-quick up wg0
+wg
+fi
+exit
+}
+
+PS3='Please enter your choice: '
+select item in "Hotspot" "OpenVPN" "Wireguard" "Tor" "quit"
+do
+    case $REPLY in
+        1)
+            echo -e "$(tput setaf 1)\nHotspot:$(tput sgr0)"
+	    hotspot_
+            ;;
+        2)
+            echo -e "$(tput setaf 1)\nOpenVPN:$(tput sgr0)"
+            openvpn_
+	    ;;
+        3)
+            echo -e "$(tput setaf 1)\nWireguard:$(tput sgr0)"
+	    wireguard_
+	    ;;
+	4)
+	    echo -e "$(tput setaf 1)\nTor:$(tput sgr0)"
+            tor_
+            ;;
+        5)
+            break
+            ;;
+        *) echo "invalid option $REPLY";;
+    esac
+done

manual_tools/config_tor_manual.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --to-ports 22
-sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
-sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
-echo "attendre 1 minute après le lancement de tor"

manual_tools/install_openvpn.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-sudo apt-get install openvpn -y
-sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
-sudo iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-sudo iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT

manual_tools/install_tor.sh

@@ -1,8 +0,0 @@
-#!/bin/bash
-cp /etc/tor/torrc /etc/tor/torrc.bak
-echo "Log notice file /var/log/tor/notices.log
-VirtualAddrNetwork 10.192.0.0/10
-AutomapHostsSuffixes .onion,.exit
-AutomapHostsOnResolve 1
-TransPort 192.168.4.1:9040
-DNSPort 192.168.4.1:53" >> /etc/tor/torrc

manual_tools/iptable_hotspot

@@ -1,18 +0,0 @@
-# Generated by xtables-save v1.8.2 on Sat Mar 13 08:00:42 2021
-*nat
-:PREROUTING ACCEPT [57:13405]
-:INPUT ACCEPT [23:2643]
-:POSTROUTING ACCEPT [0:0]
-:OUTPUT ACCEPT [10:654]
-[31:5724] -A POSTROUTING -o eth0 -j MASQUERADE
-COMMIT
-# Completed on Sat Mar 13 08:00:42 2021
-# Generated by xtables-save v1.8.2 on Sat Mar 13 08:00:42 2021
-*filter
-:INPUT ACCEPT [153:17502]
-:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [88:11807]
-[452:379123] -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-[380:62447] -A FORWARD -i wlan0 -o eth0 -j ACCEPT
-COMMIT
-# Completed on Sat Mar 13 08:00:42 2021

manual_tools/iptables/iptables.ipv4.nat_hotspot

@@ -0,0 +1,18 @@
+# Generated by xtables-save v1.8.2 on Sun Mar 14 08:45:54 2021
+*nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A POSTROUTING -o eth0 -j MASQUERADE
+COMMIT
+# Completed on Sun Mar 14 08:45:54 2021
+# Generated by xtables-save v1.8.2 on Sun Mar 14 08:45:54 2021
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A FORWARD -i wlan0 -o eth0 -j ACCEPT
+COMMIT
+# Completed on Sun Mar 14 08:45:54 2021