parent
deb4cbd867
commit
477dadb96c
@ -0,0 +1,22 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Check /var/log/kern.log for logging results
|
||||
|
||||
LOG_IP4=1
|
||||
LOG_IP6=0
|
||||
|
||||
# for IPv4
|
||||
if [ "$LOG_IP4" == "1" ]; then
|
||||
iptables -t raw -A OUTPUT -p icmp -j TRACE
|
||||
iptables -t raw -A PREROUTING -p icmp -j TRACE
|
||||
modprobe ipt_LOG
|
||||
fi
|
||||
|
||||
# for IPv6
|
||||
if [ "$LOG_IP6" == "1" ]; then
|
||||
ip6tables -t raw -A OUTPUT -p icmpv6 --icmpv6-type echo-request -j TRACE
|
||||
ip6tables -t raw -A OUTPUT -p icmpv6 --icmpv6-type echo-reply -j TRACE
|
||||
ip6tables -t raw -A PREROUTING -p icmpv6 --icmpv6-type echo-request -j TRACE
|
||||
ip6tables -t raw -A PREROUTING -p icmpv6 --icmpv6-type echo-reply -j TRACE
|
||||
modprobe ip6t_LOG
|
||||
fi
|
@ -1,60 +1,86 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Search though files and updates IP address to current qubes-netvm-gateway address on startup
|
||||
# of eth0
|
||||
|
||||
|
||||
DIRS="/usr/lib/leaktest-workstation/simple_ping.py \
|
||||
/usr/lib/whonixcheck/preparation \
|
||||
/usr/share/anon-kde-streamiso/share/config/kioslaverc \
|
||||
/usr/bin/whonix_firewall \
|
||||
/etc/whonix_firewall.d/30_default \
|
||||
/usr/lib/anon-shared-helper-scripts/tor_bootstrap_check.bsh \
|
||||
/usr/bin/uwt \
|
||||
/etc/uwt.d/30_uwt_default \
|
||||
/usr/share/tor/tor-service-defaults-torrc.anondist \
|
||||
/usr/bin/update-torbrowser \
|
||||
/etc/network/interfaces.whonix \
|
||||
/etc/resolv.conf.anondist \
|
||||
/etc/sdwdate.d/31_anon_dist_stream_isolation_plugin \
|
||||
/etc/rinetd.conf.anondist \
|
||||
/etc/network/interfaces.whonix \
|
||||
/usr/share/anon-torchat/.torchat/torchat.ini"
|
||||
|
||||
# $1 = space delimited files
|
||||
# Search though files and updates IP address to the current
|
||||
# 'qubes-netvm-gateway' IP address
|
||||
|
||||
FILES=(
|
||||
'/usr/lib/leaktest-workstation/simple_ping.py'
|
||||
'/usr/lib/whonixcheck/preparation'
|
||||
'/usr/share/anon-kde-streamiso/share/config/kioslaverc'
|
||||
'/usr/bin/whonix_firewall'
|
||||
'/etc/whonix_firewall.d/30_default'
|
||||
'/usr/lib/anon-shared-helper-scripts/tor_bootstrap_check.bsh'
|
||||
'/usr/bin/uwt'
|
||||
'/etc/uwt.d/30_uwt_default'
|
||||
'/usr/share/tor/tor-service-defaults-torrc.anondist'
|
||||
'/usr/bin/update-torbrowser'
|
||||
'/etc/network/interfaces.whonix'
|
||||
'/etc/resolv.conf.anondist'
|
||||
'/etc/sdwdate.d/31_anon_dist_stream_isolation_plugin'
|
||||
'/etc/rinetd.conf.anondist'
|
||||
'/etc/network/interfaces.whonix'
|
||||
'/usr/share/anon-torchat/.torchat/torchat.ini'
|
||||
)
|
||||
|
||||
# sed search and replace. return 0 if replace happened, otherwise 1
|
||||
search_replace() {
|
||||
local search="$1"
|
||||
local replace="$2"
|
||||
local file="$3"
|
||||
local retval=1
|
||||
|
||||
if ! [ -L "${file}" ]; then
|
||||
ls_attrs="$(lsattr "${file}")"
|
||||
ls_attrs=${ls_attrs:4:1}
|
||||
if [ "${ls_attrs}" == "i" ]; then
|
||||
chattr -i "${file}"
|
||||
fi
|
||||
fi
|
||||
|
||||
sed -i.bak '/'"${search}"'/,${s//'"${replace}"'/;b};$q1' "${file}"
|
||||
retval=$?
|
||||
|
||||
if [ "${ls_attrs}" == "i" ]; then
|
||||
chattr +i "${file}"
|
||||
fi
|
||||
|
||||
return $retval
|
||||
}
|
||||
|
||||
function replace_ips()
|
||||
{
|
||||
IP=$2
|
||||
LAST_IP=$3
|
||||
local search_ip="${1}"
|
||||
local replace_ip="${2}"
|
||||
local files=("${!3}")
|
||||
local restart_tor=0
|
||||
|
||||
if ! [ "$LAST_IP" == "$IP" ]; then
|
||||
for file in $1; do
|
||||
# If IP is 10.152.152.10, network is 10.152.152.0
|
||||
replace_network="${replace_ip%.*}.0"
|
||||
search_network="${search_ip%.*}.0"
|
||||
|
||||
if ! [ "${search_ip}" == "${replace_ip}" ]; then
|
||||
for file in "${files[@]}"; do
|
||||
if [ -f "$file" ]; then
|
||||
#find / -xdev -type f -print0 | xargs -0r file | grep 'ASCII text' | awk -F: '{print $1}' | \
|
||||
# xargs -d'\n' -r sed -i "s/$LAST_IP/$IP/g"
|
||||
#find / -xdev -type f -print0 | xargs -0r file | grep 'ASCII text' | awk -F: '{print $1}' | \
|
||||
# xargs -d'\n' -r sed -i "s/$LAST_IP_PART./$IP_PART./g"
|
||||
sed -i "s/$LAST_IP/$IP/g" "$file"
|
||||
search_replace "${search_ip}" "${replace_ip}" "${file}" && restart_tor=1
|
||||
search_replace "${search_network}" "${replace_network}" "${file}" && restart_tor=1
|
||||
fi
|
||||
done
|
||||
echo "$IP" > /etc/whonix-netvm-gateway
|
||||
service tor restart
|
||||
|
||||
if [ "${restart_tor}" == "1" ]; then
|
||||
echo "${replace_ip}" > /etc/whonix-netvm-gateway
|
||||
service tor restart
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
IP=`xenstore-read qubes-netvm-gateway`
|
||||
IP_PART=$(echo $IP | cut -f 1,2,3 -d".")
|
||||
LAST_IP="$(cat /etc/whonix-netvm-gateway)"
|
||||
LAST_IP_PART=$(echo $LAST_IP | cut -f 1,2,3 -d".")
|
||||
replace_ips "$DIRS" $IP $LAST_IP
|
||||
ip="$(xenstore-read qubes-netvm-gateway)"
|
||||
|
||||
# Compare to current IP address assiged by Qubes
|
||||
replace_ips "$(cat /etc/whonix-netvm-gateway)" "${ip}" FILES[@]
|
||||
|
||||
# Do again; checking for original 10.152.152.10 incase of update
|
||||
LAST_IP=10.152.152.10
|
||||
LAST_IP_PART=$(echo $LAST_IP | cut -f 1,2,3 -d".")
|
||||
replace_ips "$DIRS" $IP $LAST_IP
|
||||
replace_ips "10.152.152.10" "${ip}" FILES[@]
|
||||
|
||||
# Do again; checking for original 10.152.152.11 incase of update
|
||||
LAST_IP=10.152.152.11
|
||||
LAST_IP_PART=$(echo $LAST_IP | cut -f 1,2,3 -d".")
|
||||
replace_ips "$DIRS" $IP $LAST_IP
|
||||
replace_ips "10.152.152.11" "${ip}" FILES[@]
|
||||
|
||||
|
Loading…
Reference in new issue