vbatts/slackware-tor-iptables
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Updated toriptables2.py Refactor

Browse source
This commit is contained in:
Rupert Edwards 2016-01-14 12:13:14 -05:00
parent d1eb99448f
commit 0fd6ac5947
1 changed files with 11 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
toriptables2.py
View file

@ -1,5 +1,6 @@
#! /usr/bin/env python #! /usr/bin/env python
# Written by Rupe version 2 # Written by Rupe version 2
#
""" """
Tor Iptables script is an anonymizer Tor Iptables script is an anonymizer
that sets up iptables and tor to route all services that sets up iptables and tor to route all services
@ -26,7 +27,7 @@ class TorIptables(object):
self.tor_uid = getoutput("id -ur debian-tor") # Tor user uid self.tor_uid = getoutput("id -ur debian-tor") # Tor user uid
self.trans_port = "9040" # Tor port self.trans_port = "9040" # Tor port
self.tor_config_file = '/etc/tor/torrc' self.tor_config_file = '/etc/tor/torrc'
self.torrc = ''' self.torrc = r'''
## Inserted by %s for tor iptables rules set ## Inserted by %s for tor iptables rules set
## Transparently route all traffic thru tor on port %s ## Transparently route all traffic thru tor on port %s
VirtualAddrNetwork %s VirtualAddrNetwork %s
@ -34,7 +35,7 @@ AutomapHostsOnResolve 1
TransPort %s TransPort %s
DNSPort %s DNSPort %s
''' % (basename(__file__), self.trans_port, self.virtual_net, ''' % (basename(__file__), self.trans_port, self.virtual_net,
self.trans_port, self.local_dnsport) self.trans_port, self.local_dnsport)
def flush_iptables_rules(self): def flush_iptables_rules(self):
call(["iptables", "-F"]) call(["iptables", "-F"])
@ -49,16 +50,18 @@ DNSPort %s
fnull = open(devnull, 'w') fnull = open(devnull, 'w')
try: try:
tor_restart = check_call(["service", "tor", "restart"], tor_restart = check_call(["service", "tor", "restart"],
stdout=fnull, stderr=fnull) stdout=fnull, stderr=fnull)
if tor_restart is 0: if tor_restart is 0:
print(" {0}".format("[\033[92m+\033[0m] Anonymizer \033[92mON\033[0m")) print(" {0}".format(
"[\033[92m+\033[0m] Anonymizer \033[92mON\033[0m"))
except CalledProcessError as err: except CalledProcessError as err:
print("\n[!] Command failed: %s" % err.cmd) print("\n[!] Command failed: %s" % err.cmd)
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-m", "owner", "--uid-owner", call(["iptables", "-t", "nat", "-A", "OUTPUT", "-m", "owner", "--uid-owner",
"%s" % self.tor_uid, "-j", "RETURN"]) "%s" % self.tor_uid, "-j", "RETURN"])
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-p", "udp", "--dport", "53", call(["iptables", "-t", "nat", "-A", "OUTPUT", "-p", "udp", "--dport",
"-j", "REDIRECT", "--to-ports", "53"]) self.local_dnsport, "-j", "REDIRECT", "--to-ports", self.local_dnsport
])
for net in self.non_tor: for net in self.non_tor:
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-d", "%s" % net, "-j", call(["iptables", "-t", "nat", "-A", "OUTPUT", "-d", "%s" % net, "-j",