162 lines
3.7 KiB
Bash
Executable File
162 lines
3.7 KiB
Bash
Executable File
#!/bin/bash
|
|
# -*-mode: sh; tab-width: 8; coding: utf-8-unix -*-
|
|
|
|
ROLE=proxy
|
|
MODE=vda
|
|
CONN=guest
|
|
USAGE="[config|start|stop|status|restart|verify|test]"
|
|
|
|
[ $( id -u ) -eq 0 ] || { ERROR you must be root ; exit 1 ; }
|
|
prog=$( basename $0 .bash )
|
|
|
|
export PATH=$PATH:/usr/local/sbin
|
|
. /usr/local/bin/usr_local_tput.bash || exit 2
|
|
PREFIX=/usr/local
|
|
|
|
NEEDED_SCRIPTS="
|
|
/usr/local/bin/proxy_ping_test.bash
|
|
/usr/local/sbin/proxy_whonix_gateway_tor.bash
|
|
"
|
|
. /usr/local/etc/local.d/local.bash || exit 1
|
|
. /usr/local/sbin/proxy_whonix_lib.bash || \
|
|
{ ERROR loading /usr/local/sbin/proxy_whonix_lib.bash ; exit 2; }
|
|
|
|
# vda does not need dnsmasq
|
|
# $DEST resolv.conf
|
|
|
|
## proxy_vda_stop
|
|
proxy_vda_stop () {
|
|
|
|
return 0
|
|
}
|
|
|
|
## tor_init_check_iptables
|
|
proxy_vda_init_check_iptables () {
|
|
# tor_init_check_iptables || return 1$?
|
|
return 0
|
|
}
|
|
|
|
## proxy_vda_config
|
|
proxy_vda_config () {
|
|
proxy_whonix_guest_config || return 1$?
|
|
|
|
[ -f /etc/firewall.conf.vda ] && \
|
|
cp -p /usr/local/etc/firewall.conf.vda /etc/firewall.conf.vda
|
|
|
|
proxy_guest_firewall_config || return 2$?
|
|
#/usr/local/sbin/proxy_whonix_guest_workstation-firewall.bash > \
|
|
# /etc/firewall.conf.ws.new
|
|
|
|
proxy_vda_whonix_config
|
|
|
|
return 0
|
|
}
|
|
|
|
## proxy_vda_verify
|
|
proxy_vda_verify () {
|
|
|
|
for elt in $(echo $USAGE | sed -e 's/|/ /') ; do grep ^$elt $0 ; done
|
|
|
|
return 0
|
|
}
|
|
|
|
proxy_vda_grep_logs () {
|
|
|
|
return 0
|
|
}
|
|
|
|
## proxy_vda_test
|
|
proxy_vda_test () {
|
|
|
|
proxy_whonix_test vda || return 3$?
|
|
|
|
return 0
|
|
}
|
|
|
|
## proxy_vda_status
|
|
proxy_vda_status () {
|
|
netstat -nle4 | grep -q 127.0.0.1:3128 >/dev/null || \
|
|
{ [ -n "$DEBUG" ] && WARN $0 polipo not running ; return 1 ; }
|
|
[ -n "$DEBUG" ] && DBUG $0 polipo running
|
|
|
|
/usr/local/bin/proxy_ping_test.bash vda
|
|
/usr/local/bin/proxy_ping_test.bash polipo
|
|
/usr/local/bin/proxy_ping_test.bash dns
|
|
|
|
return 0
|
|
}
|
|
|
|
## proxy_vda_whonix_start
|
|
proxy_vda_whonix_start () {
|
|
local dire=vda
|
|
local ret
|
|
|
|
#? proxy_whonix_guest_start
|
|
|
|
proxy_whonix_polipo_start $dire || \
|
|
{ ret=$? ;ERROR $prog polipo not running ret=$ret ; return 4$ret ; }
|
|
|
|
return 0
|
|
}
|
|
|
|
## proxy_vda_start
|
|
proxy_vda_start () {
|
|
# local_guest_start_services
|
|
local PROXY_WLAN_GW=10.152.152.10
|
|
local IP=10.152.152.11
|
|
|
|
grep -q gateway /etc//hosts || grep $PROXY_WLAN_GW gateway >> /etc//hosts
|
|
|
|
if ! ifconfig eth0 | grep -q $IP ; then
|
|
ifconfig eth0 $IP netmask 255.255.192.0 broadcast 10.152.191.255
|
|
#? inet $IP netmask 255.0.0.0 broadcast 10.255.255.255
|
|
fi
|
|
ip grep -q "^wlan[1-9][ ]00000000" /proc/net/route || \
|
|
route add default gw $PROXY_WLAN_GW
|
|
|
|
# dnsmasq
|
|
echo nameserver $PROXY_WLAN_GW > /etc/resolv.conf
|
|
|
|
[ -f /etc/firewall.conf.vda ] || exit 2
|
|
if [ -f /etc/firewall.conf.vda -a ! -f /etc/firewall.conf ] ; then
|
|
cp -p /etc/firewall.conf.vda /etc/firewall.conf
|
|
proxy_iptables_restore < /etc/firewall.conf
|
|
elif ! diff -q /etc/firewall.conf.vda /etc/firewall.conf ; then
|
|
mv /etc/firewall.conf /etc/firewall.conf.bak
|
|
cp -p /etc/firewall.conf.vda /etc/firewall.conf
|
|
proxy_iptables -F; proxy_iptables_restore < /etc/firewall.conf
|
|
fi
|
|
proxy_iptables_save | grep -i reject || return 3
|
|
|
|
proxy_vda_whonix_start
|
|
|
|
return 0
|
|
}
|
|
|
|
if [ "$#" -eq 0 ] ; then
|
|
echo USAGE: $prog $USAGE
|
|
|
|
elif [ "$1" = '-h' ] || [ "$1" = '--help' ] ; then
|
|
echo USAGE: $prog $USAGE or:
|
|
grep '^## ' $0 | sed -e 's/^## //'
|
|
|
|
elif [ "$1" = config -o "$1" = 'install' ] ; then
|
|
proxy_vda_config || exit 3$?
|
|
|
|
elif [ "$1" = verify -o "$1" = 'test' ] ; then
|
|
proxy_vda_$1 || exit 4$?
|
|
|
|
elif [ "$1" = update -o "$1" = 'start' -o "$1" = 'status' -o "$1" = 'stop' ] ; then
|
|
proxy_vda_$1 || exit 5$?
|
|
|
|
elif [ "$1" = hourly -o "$1" = 'refresh' ] ; then
|
|
proxy_vda_refresh || exit 6$?
|
|
|
|
else
|
|
eval "$@"
|
|
exit $?
|
|
|
|
fi
|
|
|
|
exit 0
|