vbatts/toriptables2
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update toriptables2.py

Browse source
This commit is contained in:
Rupert Edwards 2015-12-18 23:27:05 -05:00
parent 09d55d40d8
commit 28a9539f4a
1 changed files with 60 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
toriptables2.py
View file

@ -1,5 +1,5 @@
#! /usr/bin/env python
# Written by rupe
# By Rupe
"""
Tor Iptables script is an anonymizer
that sets up iptables and tor to route all services
@ -11,12 +11,12 @@ from commands import getoutput
from subprocess import call
from os.path import isfile
from os import devnull
from atexit import register
from argparse import ArgumentParser
fnull = open(devnull, 'w')
class TorIptables(object):
def __init__(self):
self.tor_config_file = '/etc/tor/torrc'
self.torrc = '''
@ -32,45 +32,46 @@ DNSPort 53
self.load_iptables_rules.__init__(self)
def flush_iptables_rules(self):
call(["iptables", "-F"])
call(["iptables", '-F'])
call(["iptables", "-t", "nat", "-F"])
def load_iptables_rules(self):
self.flush_iptables_rules()
self.non_tor.extend(self.non_tor_net)
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-m", "owner",
"--uid-owner", "%s" % self.tor_uid, "-j", "RETURN"])
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-p", "udp", "--dport",
"53", "-j", "REDIRECT", "--to-ports", "53"])
@register
def restart_tor():
fnull = open(devnull, 'w')
call(["service", "tor", "restart"], stderr=fnull)
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-m", "owner", "--uid-owner",
"%s" % self.tor_uid, "-j", "RETURN"])
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-p", "udp", "--dport", "53",
"-j", "REDIRECT", "--to-ports", "53"])
for self.net in self.non_tor:
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-d",
"%s" % self.net, "-j", "RETURN"])
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-d", "%s" % self.net,
"-j", "RETURN"])
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-p", "tcp", "--syn",
"-j", "REDIRECT", "--to-ports", "%s" % self.trans_port])
call(["iptables", "-t", "nat", "-A", "OUTPUT", "-p", "tcp", "--syn", "-j",
"REDIRECT", "--to-ports", "%s" % self.trans_port])
call(["iptables", "-A", "OUTPUT", "-m", "state", "--state",
"ESTABLISHED,RELATED", "-j", "ACCEPT"])
for self.net in self.non_tor:
call(["iptables", "-A", "OUTPUT", "-d", "%s" % self.net, "-j",
"ACCEPT"])
for self.net in (self.non_tor):
call(["iptables", "-A", "OUTPUT", "-d", "%s" % self.net, "-j", "ACCEPT"])
call(["iptables", "-A", "OUTPUT", "-m", "owner", "--uid-owner",
"%s" % self.tor_uid, "-j", "ACCEPT"])
call(["iptables", "-A", "OUTPUT", "-m", "owner", "--uid-owner", "%s" %
self.tor_uid, "-j", "ACCEPT"])
call(["iptables", "-A", "OUTPUT", "-j", "REJECT"])
# Restart Tor
call(["service", "tor", "restart"], stderr=fnull)
if __name__ == '__main__':
parser = ArgumentParser(
description='Tor Iptables script for loading and unloading iptables rules')
parser.add_argument('-l', '--load',
action='store_true',
action="store_true",
help='This option will load tor iptables rules')
parser.add_argument('-f', '--flush',
action='store_true',
@ -80,8 +81,7 @@ if __name__ == '__main__':
try:
load_tables = TorIptables()
if isfile(load_tables.tor_config_file):
if not 'VirtualAddrNetwork' in open(
load_tables.tor_config_file).read():
if not 'VirtualAddrNetwork' in open(load_tables.tor_config_file).read():
with open(load_tables.tor_config_file, 'a+') as torrconf:
torrconf.write(load_tables.torrc)