TorAP
From Makers Local 256
Contents
Overview
I did this because I could. I want to share an open access point, but I didn't want to put up with any of the legal ramifications of abuse. Also, after visiting overseas, I wanted to run a tor relay and bridge. Right now it connects to another open AP and shares it's tor connection over it's AP. It will probably act weird when plugged into a real network.
Configs
/etc/config/network
config 'interface' 'loopback' option 'ifname' 'lo' option 'proto' 'static' option 'ipaddr' '127.0.0.1' option 'netmask' '255.0.0.0' config 'interface' 'lan' option 'type' 'bridge' option 'proto' 'static' option 'ipaddr' '192.168.42.1' option 'netmask' '255.255.255.0' option 'ifname' 'eth0.1' config 'interface' 'wan' option 'proto' 'dhcp' option 'ifname' 'eth0.2'
/etc/config/wireless
config wifi-device wifi0 option type atheros option channel auto config wifi-iface option device wifi0 option mode sta config wifi-iface option device wifi0 option network lan option mode ap option ssid "Tor - Pass is privacy1984" option key "privacy1984" option hidden false option isolate 1 option encryption psk2
/etc/firewall.user
iptables -t nat -A prerouting_rule -i br-lan -d 192.168.42.0/24 -j RETURN iptables -t nat -A prerouting_rule -i br-lan -p udp --dport 53 -j REDIRECT --to-ports 5353 iptables -t nat -A prerouting_rule -i br-lan -p tcp --syn -j REDIRECT --to-ports 9040
/etc/rc.local
/root/getonline.sh 2>&1 > /tmp/getonline.log
/root/getonline.sh
#!/bin/sh
debug () {
if [ -n "$TERM" -a "$TERM" != "dumb" -a "$1" -le "0$DEBUG" ]; then
echo -n "$(date +"%Y-%m-%d %H:%M:%S")"
echo " $2"
fi
}
# our variables
IF=ath0
# check to see if we have an ip on eth0.2
[ "$(ifconfig eth0.2 | grep -c inet)" -gt 0 ] && exit
# loop forever
while true; do
# try each IP we can see
/root/aps $IF | grep "OPN Master" | while read anet; do
# get our bssid
bssid=$(echo $anet | awk '{print $1}')
# get our ssid
ssid=$(echo $anet | sed -e "s/^$bssid OPN Master //")
debug 0 "Checking $ssid on $bssid"
# try to associate
iwconfig $IF essid "$ssid" ap "$bssid"
# wait a little bit
sleep 5
# see if we're connected
if [ "$(iwconfig $IF | grep -c "$bssid")" = 0 ]; then
debug 0 "Count not associate to $ssid on $bssid"
continue
fi
debug 0 "Attempting to obtain IP automatically"
# try to get an ip
udhcpc -i $IF -n
if [ "$(ifconfig $IF | grep -c inet)" -gt 0 ]; then
debug 0 "Got an IP"
break
fi
ifconfig $IF
debug 0 "Didn't obtain an IP"
# try the next
done
debug 0 "yay online! or there's no networks nearby :/"
# get our router
router=$(netstat -rnap | awk "/UG.*$IF/ {print \$2}")
# check to see if we have a router
if [ -z "$router" ]; then
debug 0 "Sleeping for a bit before checking for networks again"
sleep 60
continue
fi
debug 0 "Restarting ntp"
/etc/init.d/ntpd restart
debug 0 "Restarting tor"
/etc/init.d/tor restart
# TODO need to check to make sure ntp and tor are happy
debug 0 "Pinging router $router"
while ping -c 1 $router >/dev/null; do
debug 0 "Everything's good, sleeping for a bit"
sleep 60
debug 0 "Pinging router $router"
debug 0 "Checking to see if ntpd's still running"
if [ "$(ps ax | grep -v grep | grep -c ntp)" = 0 ]; then
debug 0 "It's not!"
/etc/init.d/ntpd restart
fi
debug 0 "Checking to see if tor's running"
if [ "$(ps ax | grep -v grep | grep -c tor)" = 0 ]; then
debug 0 "It's not!"
/etc/init.d/tor restart
fi
done
done
/www/cgi-bin/stats.cgi
#!/bin/sh echo "Content-type: text/plain" echo date echo echo "System and network status:" tail /tmp/getonline.log echo echo "Tor status:" tail /tmp/tor.log
