Oggi invece ho seguito questa guida per creare un'interfaccia di rete attraverso TOR, e sto cercando di creare una rete wifi a partire da quest'interfaccia in modo da poter navigare in privato senza necessariamente avere TOR installato nel dispositivo.
Quindi ho creato questo script che sembra creare una WiFi a cui il mio telefono riesce a collegarsi, ma dalla quale non riesco a caricare alcuna pagina. C'è qualcuno in grado di semplificare il tutto, magari eliminando l'interfaccia tornet0 in mezzo e applicando le regole direttamente a wlan0? Non sono molto esperto di reti...
Il mio script per avviare l'hotspot (root):
Codice: Seleziona tutto
#!/bin/bash
# destinations you don't want routed through Tor
NON_TOR="192.168.1.1/24"
# Tor's TransPort
TRANS_PORT="9040"
# your internal interface
INT_IF="tornet0"
iptables -F
iptables -t nat -F
iptables -t nat -I POSTROUTING -s 172.16.0.0/24 -j MASQUERADE
for NET in $NON_TOR; do
iptables -t nat -A PREROUTING -i $INT_IF -d $NET -j RETURN
done
iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 53 -j REDIRECT --to-ports 53
iptables -A FORWARD -i $INT_IF -p udp -j DROP
iptables -t nat -A PREROUTING -i $INT_IF -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT
ssid="TORSpot"
pass="torhotspot"
dest="wlan0"
src="tornet0"
echo "interface=${dest}
driver=nl80211
ssid=${ssid}
channel=5
hw_mode=g
auth_algs=1
wpa=3
wpa_passphrase=${pass}
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP" > /etc/hostapd/hostapd.conf
echo "ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
option domain-name-servers 208.67.220.220,208.67.222.222 ;
subnet 10.42.43.0 netmask 255.255.255.0 {
range 10.42.43.50 10.42.43.70;
option subnet-mask 255.255.255.0;
option broadcast-address 10.42.43.255;
option routers 10.42.43.1;
}" > /etc/dhcp/dhcpd.conf
ifconfig "${dest}" 10.42.43.1/24
iptables -t nat -A POSTROUTING -s 10.42.43.0/24 -o "${src}" -j MASQUERADE
iptables -A FORWARD -s 10.42.43.0/24 -o "${src}" -j ACCEPT
iptables -A FORWARD -d 10.42.43.0/24 -m state --state ESTABLISHED,RELATED -i "${src}" -j ACCEPT
echo 1 >/proc/sys/net/ipv4/conf/all/forwarding
echo 'INTERFACES=${dest}' >/etc/default/dhcp
dhcpd "${dest}"
# touch /var/log/hostapd.log
# chown root:www-data /var/log/hostapd.log
# chmod 662 /var/log/hostapd.log
hostapd /etc/hostapd/hostapd.conf # | tee /var/log/hostapd.log
Codice: Seleziona tutto
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.84
netmask 255.255.255.0
gateway 192.168.1.1
broadcast 192.168.1.255
auto tornet0
iface tornet0 inet static
address 172.16.0.1
netmask 255.255.255.0
bridge_ports none
bridge_maxwait 0
bridge_fd 1
up iptables -t nat -I POSTROUTING -s 172.16.0.0/24 -j MASQUERADE
down iptables -t nat -D POSTROUTING -s 172.16.0.0/24 -j MASQUERADE
