TorAP
From Makers Local 256
Contents
Overview
I did this because I could. I want to share an open access point, but I didn't want to put up with any of the legal ramifications of abuse. Also, after visiting overseas, I wanted to run a tor relay and bridge. Right now it connects to another open AP and shares it's tor connection over it's AP. It will probably act weird when plugged into a real network.
Configs
/etc/config/network
config 'interface' 'loopback' option 'ifname' 'lo' option 'proto' 'static' option 'ipaddr' '127.0.0.1' option 'netmask' '255.0.0.0' config 'interface' 'lan' option 'type' 'bridge' option 'proto' 'static' option 'ipaddr' '192.168.42.1' option 'netmask' '255.255.255.0' option 'ifname' 'eth0.1' config 'interface' 'wan' option 'proto' 'dhcp' option 'ifname' 'eth0.2'
/etc/config/wireless
config wifi-device wifi0 option type atheros option channel auto config wifi-iface option device wifi0 option mode sta config wifi-iface option device wifi0 option network lan option mode ap option ssid "Tor - Pass is privacy1984" option key "privacy1984" option hidden false option isolate 1 option encryption psk2
/etc/firewall.user
iptables -t nat -A prerouting_rule -i br-lan -d 192.168.42.0/24 -j RETURN iptables -t nat -A prerouting_rule -i br-lan -p udp --dport 53 -j REDIRECT --to-ports 5353 iptables -t nat -A prerouting_rule -i br-lan -p tcp --syn -j REDIRECT --to-ports 9040
/etc/rc.local
/root/getonline.sh 2>&1 > /tmp/getonline.log
/root/getonline.sh
#!/bin/sh debug () { if [ -n "$TERM" -a "$TERM" != "dumb" -a "$1" -le "0$DEBUG" ]; then echo -n "$(date +"%Y-%m-%d %H:%M:%S")" echo " $2" fi } # our variables IF=ath0 # check to see if we have an ip on eth0.2 [ "$(ifconfig eth0.2 | grep -c inet)" -gt 0 ] && exit # loop forever while true; do # try each IP we can see /root/aps $IF | grep "OPN Master" | while read anet; do # get our bssid bssid=$(echo $anet | awk '{print $1}') # get our ssid ssid=$(echo $anet | sed -e "s/^$bssid OPN Master //") debug 0 "Checking $ssid on $bssid" # try to associate iwconfig $IF essid "$ssid" ap "$bssid" # wait a little bit sleep 5 # see if we're connected if [ "$(iwconfig $IF | grep -c "$bssid")" = 0 ]; then debug 0 "Count not associate to $ssid on $bssid" continue fi debug 0 "Attempting to obtain IP automatically" # try to get an ip udhcpc -i $IF -n if [ "$(ifconfig $IF | grep -c inet)" -gt 0 ]; then debug 0 "Got an IP" break fi ifconfig $IF debug 0 "Didn't obtain an IP" # try the next done debug 0 "yay online! or there's no networks nearby :/" # get our router router=$(netstat -rnap | awk "/UG.*$IF/ {print \$2}") # check to see if we have a router if [ -z "$router" ]; then debug 0 "Sleeping for a bit before checking for networks again" sleep 60 continue fi debug 0 "Restarting ntp" /etc/init.d/ntpd restart debug 0 "Restarting tor" /etc/init.d/tor restart # TODO need to check to make sure ntp and tor are happy debug 0 "Pinging router $router" while ping -c 1 $router >/dev/null; do debug 0 "Everything's good, sleeping for a bit" sleep 60 debug 0 "Pinging router $router" debug 0 "Checking to see if ntpd's still running" if [ "$(ps ax | grep -v grep | grep -c ntp)" = 0 ]; then debug 0 "It's not!" /etc/init.d/ntpd restart fi debug 0 "Checking to see if tor's running" if [ "$(ps ax | grep -v grep | grep -c tor)" = 0 ]; then debug 0 "It's not!" /etc/init.d/tor restart fi done done
/www/cgi-bin/stats.cgi
#!/bin/sh echo "Content-type: text/plain" echo date echo echo "System and network status:" tail /tmp/getonline.log echo echo "Tor status:" tail /tmp/tor.log