first commit

README.md

@@ -0,0 +1 @@
+tranforme un raspberry en relay TOR

install_hotspot.sh

@@ -0,0 +1,118 @@
+#!/bin/bash
+# Based on Adafruit Learning Technologies Onion Pi project
+# But mainly fixed by Raspberry Pi FR...
+
+if (( $EUID != 0 )); then 
+   echo "This must be run as root. Try 'sudo bash $0'." 
+   exit 1 
+fi
+
+
+echo "
+$(tput setaf 2)              .~~.   .~~.
+$(tput setaf 6)   /         $(tput setaf 2)'. \ ' ' / .'$(tput setaf 6)         \ 
+$(tput setaf 6)  |   /       $(tput setaf 1).~ .~~~..~.$(tput setaf 6)       \   |
+$(tput setaf 6) |   |   /  $(tput setaf 1) : .~.'~'.~. :$(tput setaf 6)   \   |   |
+$(tput setaf 6)|   |   |   $(tput setaf 1)~ (   ) (   ) ~$(tput setaf 6)   |   |   |
+$(tput setaf 6)|   |  |   $(tput setaf 1)( : '~'.~.'~' : )$(tput setaf 6)   |  |   |
+$(tput setaf 6)|   |   |   $(tput setaf 1)~ .~ (   ) ~. ~ $(tput setaf 6)  |   |   |
+$(tput setaf 6) |   |   \   $(tput setaf 1)(  : '~' :  )$(tput setaf 6)   /   |   |
+$(tput setaf 6)  |   \       $(tput setaf 1)'~ .~~~. ~'$(tput setaf 6)       /   |
+$(tput setaf 6)   \              $(tput setaf 1)'~'$(tput setaf 6)              / 
+
+"
+
+echo "$(tput setaf 6)This script will configure your Raspberry Pi as a wireless access point.$(tput sgr0)"
+read -p "$(tput bold ; tput setaf 2)Press [Enter] to begin, [Ctrl-C] to abort...$(tput sgr0)"
+
+echo "$(tput setaf 6)Updating packages...$(tput sgr0)"
+apt-get update -y
+
+echo "Installing dnsmasq"
+apt install dnsmasq -y
+systemctl stop dnsmasq
+
+echo "Configuring Wlan0 static IP for 192.168.42.1/24"
+echo "interface wlan0
+    static ip_address=192.168.4.1/24
+    nohook wpa_supplicant" >> /etc/dhcpcd.conf
+
+echo "Restarting dhcpcd..."
+service dhcpcd restart
+
+echo "Configuring dnsmasq..."
+mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
+echo "interface=wlan0      # Use the require wireless interface - usually wlan0
+dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h" > /etc/dnsmasq.conf
+
+echo "Enabling dnsmasq and restart..."
+systemctl unmask dnsmasq
+systemctl enable dnsmasq
+
+systemctl restart dnsmasq
+
+
+echo "Unlock wlan soft lock with rfkill..."
+if command -v rfkill &> /dev/null
+then
+    rfkill unblock wlan
+fi
+
+echo "Install and enable hostapd..."
+apt-get install hostapd -y
+systemctl unmask hostapd
+systemctl enable hostapd
+
+echo "Configuring Hostapd !"
+echo "Choose the hostname for your new network (1-32 char, try to privilege ASCII chars) :"
+read ssid
+
+echo "Choose the password for your new network (minimum 8 char):"
+read passphrase
+
+echo "interface=wlan0
+driver=nl80211
+ssid=$ssid
+hw_mode=g
+channel=7
+wmm_enabled=0
+macaddr_acl=0
+auth_algs=1
+ignore_broadcast_ssid=0
+wpa=2
+wpa_passphrase=$passphrase
+wpa_key_mgmt=WPA-PSK
+wpa_pairwise=TKIP
+rsn_pairwise=CCMP
+" > /etc/hostapd/hostapd.conf
+
+echo 'DAEMON_CONF="/etc/hostapd/hostapd.conf"' >> /etc/default/hostapd
+
+echo "Starting hostapd..."
+systemctl start hostapd
+
+
+echo "$(tput setaf 6)Setting IP forwarding to start at system boot...$(tput sgr0)"
+cp /etc/sysctl.conf /etc/sysctl.bak
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+
+echo "up iptables-restore < /etc/iptables.ipv4.nat" >> /etc/network/interfaces
+
+echo "$(tput setaf 6)Activating IP forwarding...$(tput sgr0)"
+sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
+
+echo "$(tput setaf 6)Setting up IP tables to interconnect ports...$(tput sgr0)"
+iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
+
+echo "$(tput setaf 6)Saving IP tables...$(tput sgr0)"
+sh -c "iptables-save > /etc/iptables.ipv4.nat"
+
+echo "Add auto start on startup the Raspberry Pi."
+sed -i '/exit 0/ i iptables-restore < /etc/iptables.ipv4.nat' /etc/rc.local
+
+echo "$(tput setaf 6)Rebooting...$(tput sgr0)"
+reboot
+
+exit 0

install_tor.sh

@@ -0,0 +1,98 @@
+#!/bin/bash
+# Based on Adafruit Learning Technologies Onion Pi project
+# More info: http://learn.adafruit.com/onion-pi
+
+if (( $EUID != 0 )); then
+  echo "This must be run as root. Type in 'sudo bash $0' to run it as root."
+  exit 1
+fi
+
+echo "$(tput setaf 2)                          
+                   ..         
+                  ,:          
+          .      ::           
+          .:    :2.           
+           .:,  1L            
+            .v: Z, ..::,      
+             :k:N.Lv:         
+              22ukL           
+              JSYk.$(tput bold ; tput setaf 7)           
+             ,B@B@i           
+             BO@@B@.          
+           :B@L@Bv:@7         
+         .PB@iBB@  .@Mi       
+       .P@B@iE@@r  . 7B@i     
+      5@@B@:NB@1$(tput setaf 5) r  ri:$(tput bold ; tput setaf 7)7@M    
+    .@B@BG.OB@B$(tput setaf 5)  ,.. .i, $(tput bold ; tput setaf 7)MB,  
+    @B@BO.B@@B$(tput setaf 5)  i7777,    $(tput bold ; tput setaf 7)MB. 
+   PB@B@.OB@BE$(tput setaf 5)  LririL,.L. $(tput bold ; tput setaf 7)@P 
+   B@B@5iB@B@i$(tput setaf 5)  :77r7L, L7 $(tput bold ; tput setaf 7)O@ 
+   @B1B27@B@B,$(tput setaf 5) . .:ii.  r7 $(tput bold ; tput setaf 7)BB 
+   O@.@M:B@B@:$(tput setaf 5) v7:    ::.  $(tput bold ; tput setaf 7)BM 
+   :Br7@L5B@BO$(tput setaf 5) irL: :v7L. $(tput bold ; tput setaf 7)P@, 
+    7@,Y@UqB@B7$(tput setaf 5) ir ,L;r: $(tput bold ; tput setaf 7)u@7  
+     r@LiBMBB@Bu$(tput setaf 5)   rr:.$(tput bold ; tput setaf 7):B@i   
+       FNL1NB@@@@:   ;OBX     
+         rLu2ZB@B@@XqG7$(tput sgr0 ; tput setaf 2)      
+            . rJuv::          
+                             
+            $(tput setaf 2)ONION PI
+           $(tput bold ; tput setaf 5)by adafruit. Mainly fixed by Ajani for https://raspberry-pi.fr$(tput sgr0)
+"
+
+echo "$(tput setaf 6)This script will auto-setup an Onion Pi Tor proxy for you.$(tput sgr0)"
+read -p "$(tput bold ; tput setaf 2)Press [Enter] to begin, [Ctrl-C] to abort...$(tput sgr0)"
+
+echo "$(tput setaf 6)Installing Tor...$(tput sgr0)"
+apt-get install tor -y
+
+echo "$(tput setaf 6)Configuring Tor...$(tput sgr0)"
+cp /etc/tor/torrc /etc/tor/torrc.bak
+echo "Log notice file /var/log/tor/notices.log
+VirtualAddrNetwork 10.192.0.0/10
+AutomapHostsSuffixes .onion,.exit
+AutomapHostsOnResolve 1
+TransPort 192.168.4.1:9040
+DNSPort 192.168.4.1:53" >> /etc/tor/torrc
+
+echo "$(tput setaf 6)Flushing old IP tables...$(tput sgr0)"
+iptables -F
+iptables -t nat -F
+
+echo "$(tput setaf 6)Establishing $(tput bold)ssh$(tput sgr0 ; tput setaf 6) exception on port 22...$(tput sgr0)"
+iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --to-ports 22
+
+echo "$(tput setaf 6)Rerouting DNS traffic...$(tput sgr0)"
+iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
+
+echo "$(tput setaf 6)Rerouting TCP traffic...$(tput sgr0)"
+iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
+
+echo "$(tput setaf 6)Saving IP tables...$(tput sgr0)"
+sh -c "iptables-save > /etc/iptables.ipv4.nat"
+
+echo "$(tput setaf 6)Setting up logging in /var/log/tor/notices.log...$(tput sgr0)"
+touch /var/log/tor/notices.log
+chown debian-tor /var/log/tor/notices.log
+chmod 644 /var/log/tor/notices.log
+
+echo "$(tput setaf 6)Starting Tor...$(tput sgr0)"
+service tor start
+
+echo "$(tput setaf 6)Setting Tor to start at boot...$(tput sgr0)"
+update-rc.d tor enable
+
+echo "$(tput setaf 6)Force Tor to wait 1 minute before running in order to wait for wlan0 interface...$(tput sgr0)"
+mkdir /etc/systemd/system/tor@default.service.d/
+touch /etc/systemd/system/tor@default.service.d/wait_for_network.conf
+printf '[Service]\nExecStartPre=/bin/sleep 60' > /etc/systemd/system/tor@default.service.d/wait_for_network.conf
+sudo systemctl daemon-reload
+
+echo "$(tput setaf 6)Setup complete!
+
+$(tput bold)Verify by visiting: $(tput setaf 3)https://check.torproject.org/$(tput sgr0)
+
+$(tput setaf 6)Rebooting$(tput sgr0)..."
+reboot
+
+exit 0