Last active
March 2, 2021 07:36
-
-
Save a9v8i/48c7bcb2962b64d9a6f1b8986ab265f0 to your computer and use it in GitHub Desktop.
Tor Router Raspberry Pi 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# v98 | |
# Raspberry Pi Desktop | |
# eth0 = tor gateway | |
# wlan0 = internet gateway | |
# ┌──(unk9vvn㉿avi)-[~] | |
# └─$ sudo chmod +x RPiTOR.sh;sudo ./RPiTOR.sh | |
if [ "$(id -u)" != "0" ];then | |
printf "$RED" "[X] Please run as RooT ..." | |
printf "$GREEN" "sudo chmod +x RPiTOR.sh;sudo ./RPiTOR.sh" | |
exit 0 | |
fi | |
DHCPCD=$(cat /etc/dhcpcd.conf|grep -o "192.168.4.1/24") | |
# Install Tools | |
echo "$(tput setaf 6)***Install Tools...$(tput sgr0)" | |
apt-get update;apt-get upgrade -y;apt-get dist-upgrade -y | |
apt-get install -y tor dnsmasq monit speedtest-cli | |
DEBIAN_FRONTEND=noninteractive apt install -y netfilter-persistent iptables-persistent | |
# Interface Config | |
if [ "$DHCPCD" != "192.168.4.1/24" ]; then | |
echo "$(tput setaf 6)Interface Config...$(tput sgr0)" | |
echo 1 > /proc/sys/net/ipv4/ip_forward | |
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.d/99-sysctl.conf | |
echo ' | |
interface eth0 | |
static ip_address=192.168.4.1/24 | |
' >> /etc/dhcpcd.conf | |
fi | |
# IPTable Config | |
echo "$(tput setaf 6)Iptable Config...$(tput sgr0)" | |
iptables -F | |
iptables -t nat -F | |
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE | |
iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT | |
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 22 | |
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 25 -j REDIRECT --to-ports 25 | |
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j REDIRECT --to-ports 53 | |
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 1314 -j REDIRECT --to-ports 1314 | |
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 3333 -j REDIRECT --to-ports 3333 | |
iptables -t nat -A PREROUTING -i eth0 -p tcp --syn -j REDIRECT --to-ports 9040 | |
iptables -t nat -L;sleep 2 | |
netfilter-persistent save | |
# DHCP Config | |
echo "$(tput setaf 6)DHCP Config...$(tput sgr0)" | |
echo ' | |
interface=eth0 # Listening interface | |
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h | |
# Pool of IP addresses served via DHCP | |
domain=wlan # Local wireless DNS domain | |
address=/gw.wlan/192.168.4.1 | |
# Alias for this router | |
' > /etc/dnsmasq.conf | |
service dnsmasq start | |
update-rc.d dnsmasq enable | |
# Tor Config | |
echo "$(tput setaf 6)Tor Config...$(tput sgr0)" | |
echo ' | |
Log notice file /var/log/tor/notices.log | |
VirtualAddrNetwork 10.192.0.0/10 | |
AutomapHostsSuffixes .onion,.exit | |
AutomapHostsOnResolve 1 | |
TransPort 9040 | |
TransListenAddress 192.168.4.1 | |
DNSPort 53 | |
DNSListenAddress 192.168.4.1 | |
UseBridges 1 | |
Bridge 59.167.172.26:9001 53369B9BFE14211A966FA5E7C10E98333A21C343 | |
Bridge 174.27.137.36:443 119F69061493E4C71A47B27D205A94C13F949776 | |
' > /etc/tor/torrc | |
touch /var/log/tor/notices.log | |
chown debian-tor /var/log/tor/notices.log | |
chmod 644 /var/log/tor/notices.log | |
service tor start | |
update-rc.d tor enable | |
# Monit Config | |
echo "$(tput setaf 6)Monit Config...$(tput sgr0)" | |
echo ' | |
check process gdm with pidfile /var/run/tor/tor.pid | |
start program = "/etc/init.d/tor start" | |
stop program = "/etc/init.d/tor stop" | |
' > /etc/monit/monitrc | |
monit -c /etc/monit/monitrc | |
service monit start | |
systemctl enable monit | |
update-rc.d monit enable | |
reboot | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment