diff --git a/config/dnsmasq.conf b/config/dnsmasq.conf index 0e26b87..f152e8b 100644 --- a/config/dnsmasq.conf +++ b/config/dnsmasq.conf @@ -1,7 +1,5 @@ interface=wlan0 dhcp-range=10.3.141.1,10.3.141.24,255.255.255.0,12h bind-dynamic -no-negcache -server=127.3.2.1 +server=/loki/127.3.2.1 server=127.0.0.1 -server=1.1.1.1 diff --git a/config/head b/config/head new file mode 100644 index 0000000..471ca1b --- /dev/null +++ b/config/head @@ -0,0 +1 @@ +nameserver 127.3.2.1 diff --git a/config/lokilaunch.sh b/config/lokilaunch.sh index f531b52..46205d3 100644 --- a/config/lokilaunch.sh +++ b/config/lokilaunch.sh @@ -7,33 +7,11 @@ case "$1" in lokinet > /dev/null 2>&1 & ;; - connect) - ehco -n "rerouted iptables\n" - sudo ip rule add from 10.3.141.1 lookup main prio 1000 - echo -n "added wlan0 address rule\n" - sudo ip rule add from 10.3.141.0/24 lookup lokinet prio 1000 - echo -n "added wifi-clients rule\n" - sleep 3 - sudo ip route add default dev lokitun0 table lokinet - echo -n "added lokitun0 route\n" - echo -n "Restarting DNSMASQ\n" - ;; - stop) - echo -n "Stopping LOKINET daemon\n" + echo -n "daemon stop command sent\n" pkill lokinet ;; -disconnect) - sudo ip rule del from 10.3.141.1 lookup main prio 1000 #LOKIPAP - echo -n "removed wlan0 address rule\n" - sudo ip rule del from 10.3.141.0/24 lookup lokinet prio 1000 #LOKIPAP - echo -n "removed wifi-clients rule\n" - sudo ip route del default dev lokitun0 table lokinet - echo -n "removed lokitun0 route\n" - echo -n "Lokinet terminated - Network encryption services ended\n" - ;; - gen) echo -n "NEW lokinet.ini FILE CREATED\n" lokinet "-g" @@ -53,7 +31,7 @@ bootstrap) ;; *) - echo "Usage: "$1" {start|stop|gen|bootstrap|connect|disconnect}" + echo "Usage: "$1" {start|stop|gen|bootstrap}" exit 1 ;; esac diff --git a/config/on-down.sh b/config/on-down.sh new file mode 100644 index 0000000..e6ddd10 --- /dev/null +++ b/config/on-down.sh @@ -0,0 +1,2 @@ +#!/usr/bin/env bash +# this will be overriden by on-up.sh diff --git a/config/on-ready.sh b/config/on-ready.sh new file mode 100644 index 0000000..c8c20ff --- /dev/null +++ b/config/on-ready.sh @@ -0,0 +1,2 @@ +#!/usr/bin/env bash +notify-send "$@ Our Loki Address $LOKINET_ADDR is ready on address $IF_ADDR on $IF_NAME" diff --git a/config/on-up.sh b/config/on-up.sh new file mode 100644 index 0000000..6eefab0 --- /dev/null +++ b/config/on-up.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +set -x +gateway_route=$(ip route | grep ^default | grep via | head -n1) +gateway_addr=$(echo "$gateway_route" | cut -d' ' -f3 ) +for addr in $STRICT_CONNECT_ADDRS ; do + sudo ip route add $(echo $addr | cut -d':' -f 1) via $gateway_addr +done +sudo ip route del $gateway_route +sudo ip route add default dev lokitun0 +cat < /root/.lokinet/on-down.sh +#!/usr/bin/env bash +set -x +for addr in \$STRICT_CONNECT_ADDRS ; do + sudo ip route del \$(echo \$addr | cut -d':' -f 1) via $gateway_addr +done +sudo ip route del default dev lokitun0 +sudo ip route add $gateway_route + +EOF +chmod +x /root/.lokinet/on-down.sh diff --git a/config/rt_tables b/config/rt_tables deleted file mode 100644 index 4d9087d..0000000 --- a/config/rt_tables +++ /dev/null @@ -1,12 +0,0 @@ -# -# reserved values -# -2 lokinet -255 local -254 main -253 default -0 unspec -# -# local -# -#1 inr.ruhep diff --git a/includes/functions.php b/includes/functions.php index f3f7efd..9a5b97f 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -352,13 +352,13 @@ function DisplayLokinetConfig() $status = '
Lokinet daemon is running
'; } - if ($rulestate != "lokinet") { + /* if ($rulestate != "lokinet") { $status = '
Not Connected to Lokinet
'; } else { $status = '
Successfully Connected to Lokinet
'; - } + } */ ?>
@@ -379,21 +379,21 @@ function DisplayLokinetConfig()

-
All 4 buttons below must be active (green) to connect to Lokinet. If there isn't a current lokinet.ini file found on the system the "Generate.ini" button will be red. The .ini file must be generated first by pressing the button. Similarly the absense of a valid bootstrap will be indicated by the red "Bootstrap" button. Applying a bootstrap by pressing the apply button without submitting a valid URL in the textbox area will apply the original default bootstrap in place of one being provided. Stopping the daemon also exits Lokinet. If you simply exit Lokinet the daemon is left running in the background. So in summary if necessary generate the .ini and bootstrap then you are able to connect to lokinet and the daemon will be started. +
The 3 buttons below must be active (green) to connect to Lokinet. If there isn't a current lokinet.ini file found on the system the "Generate.ini" button will be red. The .ini file must be generated prior to connecting to Lokinet by pressing the button which will automatically write the required .ini file. Similarly the absense of a valid bootstrap will be indicated by a red "Bootstrap" button. Applying a bootstrap by pressing the apply button without submitting a valid URL in the textbox area will apply the original default bootstrap in place of one being provided. Stopping the daemon also exits Lokinet. To summarize, if necessary generate the .ini and bootstrap Lokinet then you are able to connect to Lokinet by starting the daemon and letting the network establish itself.
Enter a valid bootstrap url below and apply to overwrite the current bootstrap:
- + ' , PHP_EOL; } else { echo '' , PHP_EOL; - } + } */ if ($lokinetstatus[0] == 0) { echo '' , PHP_EOL; } else { @@ -611,23 +611,25 @@ function SaveTORAndVPNConfig() } elseif (isset($_POST['StartDaemon'])) { ?>
- Starting Lokinet background daemon process. + Launching Lokinet.
$output";*/ +/* $output = shell_exec('sudo /etc/init.d/dnsmasq stop'); + echo "
$output
"; +*/ $output = shell_exec('sudo /home/pi/loki-network/lokilaunch.sh start'); echo "
$output
"; - /*$output = shell_exec('sudo /etc/init.d/dnsmasq start'); - echo "
$output
";*/ +/* $output = shell_exec('sudo /etc/init.d/dnsmasq start'); + echo "
$output
"; +*/ } elseif (isset($_POST['StopDaemon'])) { ?>
Exiting Lokinet.
$output"; + /* $output = shell_exec('sudo /home/pi/loki-network/lokilaunch.sh disconnect'); + echo "
$output
"; */ ?>
Stopping Lokinet background daemon process. @@ -635,7 +637,7 @@ function SaveTORAndVPNConfig() $output"; - +/* } elseif (isset($_POST['UseLokinet'])) { ?>
@@ -648,13 +650,15 @@ function SaveTORAndVPNConfig() if ($lokinetstatus[0] == 0){ $output = shell_exec('sudo /home/pi/loki-network/lokilaunch.sh start'); echo "
$output
"; - } + $output = shell_exec('sudo /home/pi/loki-network/lokilaunch.sh connect'); echo "
$output
"; $output = shell_exec('sudo /etc/init.d/dnsmasq start'); # sleep(5); # $output = shell_exec('sudo dnsmasq --interface=wlan0 --bind-interfaces --dhcp-range=10.3.141.0,10.3.141.24,12h --conf-file=/etc/resolv.conf'); echo "
$output
"; +} + } elseif (isset($_POST['ExitLokinet'])) { ?>
@@ -663,7 +667,7 @@ function SaveTORAndVPNConfig() $output"; - +*/ } elseif (isset($_POST['GenerateLokinet'])) { ?>
@@ -686,8 +690,9 @@ function SaveTORAndVPNConfig() Exiting Lokinet.
$output"; +*/ ?>
Stopping Lokinet background daemon process. diff --git a/installers/common.sh b/installers/common.sh index 5c20e0c..bf872f6 100755 --- a/installers/common.sh +++ b/installers/common.sh @@ -1,25 +1,29 @@ -# test staging push raspap_dir="/etc/raspap" raspap_user="www-data" +webroot_dir="/var/www/html" version=`sed 's/\..*//' /etc/debian_version` # Determine version, set default home location for lighttpd and # php package to install -webroot_dir="/var/www/html" -if [ $version -eq 9 ]; then - version_msg="Raspian 9.0 (Stretch)" +if [ $version -eq 10 ]; then + version_msg="Raspbian 10.0 (Buster)" + php_package="php7.1-cgi" +elif [ $version -eq 9 ]; then + version_msg="Raspbian 9.0 (Stretch)" php_package="php7.0-cgi" elif [ $version -eq 8 ]; then - version_msg="Raspian 8.0 (Jessie)" + version_msg="Raspbian 8.0 (Jessie)" php_package="php5-cgi" else - version_msg="Raspian earlier than 8.0 (Wheezy)" + version_msg="Raspbian earlier than 8.0 (Wheezy)" webroot_dir="/var/www" php_package="php5-cgi" fi phpcgiconf="" -if [ "$php_package" = "php7.0-cgi" ]; then +if [ "$php_package" = "php7.1-cgi" ]; then + phpcgiconf="/etc/php/7.1/cgi/php.ini" +elif [ "$php_package" = "php7.0-cgi" ]; then phpcgiconf="/etc/php/7.0/cgi/php.ini" elif [ "$php_package" = "php5-cgi" ]; then phpcgiconf="/etc/php5/cgi/php.ini" @@ -197,14 +201,29 @@ function default_configuration() { sudo mv $webroot_dir/config/hostapd.conf /etc/hostapd/hostapd.conf || install_error "Unable to move hostapd configuration file" sudo mv $webroot_dir/config/dnsmasq.conf /etc/dnsmasq.conf || install_error "Unable to move dnsmasq configuration file" sudo mv $webroot_dir/config/dhcpcd.conf /etc/dhcpcd.conf || install_error "Unable to move dhcpcd configuration file" - sudo mv $webroot_dir/config/rt_tables /etc/iproute2/ || install_error "Unable to move dhcpcd configuration file" + sudo mv $webroot_dir/config/head /etc/resolvconf/resolv.conf.d/head || install_error "Unable to move resolvconf head file" + sudo resolvconf -u || install_error "Unable to update resolv.conf" + + + # LokiPAP Batch file relocation and permissions in user loki-network directory + + sudo mv $webroot_dir/config/lokilaunch.sh $HOME/loki-network/ || install error "Unable to move lokilaunch.sh, install Lokinet first" + # Forces all traffic through Lokinet (drop scripts into root's .lokinet folder) - # LokiPAP Batch file relocation and permissions in user loki-network directory + sudo mv $webroot_dir/config/on-up.sh /root/.lokinet/on-up.sh || install error "Unable to move on-up.sh, install Lokinet first" + sudo mv $webroot_dir/config/on-down.sh /root/.lokinet/on-down.sh || install error "Unable to move on-down.sh, install Lokinet first" + sudo mv $webroot_dir/config/on-ready.sh /root/.lokinet/on-ready.sh || install error "Unable to move on-ready.sh, install Lokinet first" + + #changes persmission on lokilaunch.sh - sudo mv $webroot_dir/config/lokilaunch.sh $HOME/loki-network/ || install error "Unable to move, install Lokinet first" sudo chmod 755 $HOME/loki-network/lokilaunch.sh - # sudo chown $raspap_user:$raspap_user lokilaunch.sh + + # Forces all traffic through Lokinet (change permissions) + + sudo chmod 755 /root/.lokinet/on-up.sh + sudo chmod 755 /root/.lokinet/on-down.sh + sudo chmod 755 /root/.lokinet/on-ready.sh # Generate required lines for Rasp AP to place into rc.local file. # #RASPAP is for removal script @@ -213,8 +232,6 @@ function default_configuration() { 'iptables -t nat -A POSTROUTING -s 10.3.141.0\/24 -o lokitun0 -j MASQUERADE #RASPAP' 'iptables -t nat -A POSTROUTING -j MASQUERADE #RASPAP' 'sudo \/home\/pi\/loki-network\/.\/lokilaunch.sh start #RASPAP' - 'sudo \/home\/pi\/loki-network\/.\/lokilaunch.sh connect #RASPAP' - ) @@ -243,6 +260,9 @@ function patch_system_files() { # Set commands array cmds=( "/home/pi/loki-network/lokilaunch.sh*" + #added for forced Lokinet + "/sbin/ip" + # "/sbin/ifdown" "/sbin/ifup" "/bin/cat /etc/wpa_supplicant/wpa_supplicant.conf" diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 944e037..759c0c5 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -9,7 +9,7 @@ function update_system_packages() { function install_dependencies() { install_log "Installing required packages" - sudo apt-get install lighttpd $php_package git hostapd dnsmasq vnstat || install_error "Unable to install dependencies" + sudo apt-get install lighttpd $php_package git hostapd dnsmasq vnstat resolvconf || install_error "Unable to install dependencies" } install_raspap