htrgouvea · mcasdfgf · Dec 16, 2019 · Dec 16, 2019 · Dec 23, 2019 · Dec 23, 2019
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
@@ -0,0 +1,12 @@
+# These are supported funding model platforms
+
+github: #GouveaHeitor
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml
@@ -9,10 +9,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v1
-    - name: Run a multi-line script
+    - name: Installing dependencies and verify Nipe Status
       run: |
         sudo apt install -y tor iptables perl
         sudo cpan install Switch JSON LWP::UserAgent Config::Simple
         sudo cp .configs/debian-torrc /etc/tor/torrc
         sudo chmod 644 /etc/tor/torrc
-        perl nipe.pl status
+        perl nipe.pl status
diff --git a/LICENSE.md b/LICENSE.md
@@ -2,7 +2,7 @@ License
 ==============
 The MIT License (MIT)
 
-Copyright (c) 2015 - 2019 Heitor Gouvêa
+Copyright (c) 2015 - 2020 | Heitor Gouvêa
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README.md b/README.md
@@ -40,7 +40,7 @@
   $ cd nipe
 
   # Install libs and dependencies
-  $ cpan install Switch JSON LWP::UserAgent Config::Simple
+  $ sudo cpan install Switch JSON LWP::UserAgent Config::Simple
   $ perl nipe.pl install
 ```
 

diff --git a/before_run.iptables b/before_run.iptables
@@ -0,0 +1,15 @@
+# Generated by iptables-save v1.8.3 on Thu Feb 20 23:59:42 2020
+*filter
+:INPUT ACCEPT [203:28011]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [269:23054]
+COMMIT
+# Completed on Thu Feb 20 23:59:42 2020
+# Generated by iptables-save v1.8.3 on Thu Feb 20 23:59:42 2020
+*nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+COMMIT
+# Completed on Thu Feb 20 23:59:42 2020
diff --git a/iptables_tor_rules.iptables b/iptables_tor_rules.iptables
@@ -0,0 +1,37 @@
+# Generated by iptables-save v1.8.3 on Thu Feb 20 23:46:03 2020
+*filter
+:INPUT ACCEPT [361:48646]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A OUTPUT -m state --state ESTABLISHED -j ACCEPT
+-A OUTPUT -m owner --uid-owner 124 -j ACCEPT
+-A OUTPUT -p udp -m udp --dport 9061 -j ACCEPT
+-A OUTPUT -p tcp -m tcp --dport 9061 -j ACCEPT
+-A OUTPUT -d 10.66.0.0/16 -p tcp -j ACCEPT
+-A OUTPUT -d 127.0.0.0/8 -j ACCEPT
+-A OUTPUT -d 192.168.0.0/16 -j ACCEPT
+-A OUTPUT -d 172.16.0.0/12 -j ACCEPT
+-A OUTPUT -d 10.0.0.0/8 -j ACCEPT
+-A OUTPUT -p tcp -j ACCEPT
+-A OUTPUT -p udp -j REJECT --reject-with icmp-port-unreachable
+-A OUTPUT -p icmp -j REJECT --reject-with icmp-port-unreachable
+COMMIT
+# Completed on Thu Feb 20 23:46:03 2020
+# Generated by iptables-save v1.8.3 on Thu Feb 20 23:46:03 2020
+*nat
+:PREROUTING ACCEPT [2:1064]
+:INPUT ACCEPT [2:1064]
+:OUTPUT ACCEPT [7:5851]
+:POSTROUTING ACCEPT [85:7114]
+-A OUTPUT -m state --state ESTABLISHED -j RETURN
+-A OUTPUT -m owner --uid-owner 124 -j RETURN
+-A OUTPUT -p udp -m udp --dport 53 -j REDIRECT --to-ports 9061
+-A OUTPUT -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 9061
+-A OUTPUT -d 10.66.0.0/16 -p tcp -j REDIRECT --to-ports 9051
+-A OUTPUT -d 127.0.0.0/8 -j RETURN
+-A OUTPUT -d 192.168.0.0/16 -j RETURN
+-A OUTPUT -d 172.16.0.0/12 -j RETURN
+-A OUTPUT -d 10.0.0.0/8 -j RETURN
+-A OUTPUT -p tcp -j REDIRECT --to-ports 9051
+COMMIT
+# Completed on Thu Feb 20 23:46:03 2020
diff --git a/lib/Nipe/Functions.pm b/lib/Nipe/Functions.pm
@@ -16,7 +16,7 @@ sub help {
 		\r\trestart       Restart the Nipe process
 		\r\tstatus        See status
 
-		\rCopyright (c) 2015 - 2019 Heitor Gouvêa\n\n";
+		\rCopyright (c) 2015 - 2020 | Heitor Gouvêa\n\n";
 
 	return true;
 }
@@ -26,6 +26,10 @@ sub install {
 
 	system ("sudo mkdir -p /etc/tor");
 
+	if ( -e "/etc/tor/torrc") {
+		system ("sudo mv /etc/tor/torrc /etc/tor/torrc.bak")
+	}
+
 	if ($operationalSystem eq "debian") {
 		system ("sudo apt-get install tor iptables");
 		system ("sudo cp .configs/debian-torrc /etc/tor/torrc");
@@ -59,4 +63,4 @@ sub install {
 	return true;
 }
 
-1;
+1;
diff --git a/lib/Nipe/Start.pm b/lib/Nipe/Start.pm
@@ -7,7 +7,7 @@ use Nipe::Device;
 sub new {
 	my $dnsPort      = "9061";
 	my $transferPort = "9051";
-	my @table        = ("nat", "filter");
+	# my @table        = ("nat", "filter");
 	my $network      = "10.66.0.0/255.255.0.0";
 
 	my $username = Nipe::Device -> getUsername();
@@ -19,54 +19,57 @@ sub new {
 	else {
 		system ("sudo systemctl start tor");
 	}
-
-	foreach my $table (@table) {
-		my $target = "ACCEPT";
 
-		if ($table eq "nat") {
-			$target = "RETURN";
-		}
+    system ("sudo iptables-save > before_run.iptables");
+    system ("sudo iptables-restore < iptables_tor_rules.iptables");
+
+	# foreach my $table (@table) {
+	# 	my $target = "ACCEPT";
 
-		system ("sudo iptables -t $table -F OUTPUT");
-		system ("sudo iptables -t $table -A OUTPUT -m state --state ESTABLISHED -j $target");
-		system ("sudo iptables -t $table -A OUTPUT -m owner --uid $username -j $target");
+	# 	if ($table eq "nat") {
+	# 		$target = "RETURN";
+	# 	}
 
-		my $matchDnsPort = $dnsPort;
+	# 	system ("sudo iptables -t $table -F OUTPUT");
+	# 	system ("sudo iptables -t $table -A OUTPUT -m state --state ESTABLISHED -j $target");
+	# 	system ("sudo iptables -t $table -A OUTPUT -m owner --uid $username -j $target");
 
-		if ($table eq "nat") {
-			$target = "REDIRECT --to-ports $dnsPort";
-			$matchDnsPort = "53";
-		}
+	# 	my $matchDnsPort = $dnsPort;
 
-		system ("sudo iptables -t $table -A OUTPUT -p udp --dport $matchDnsPort -j $target");
-		system ("sudo iptables -t $table -A OUTPUT -p tcp --dport $matchDnsPort -j $target");
+	# 	if ($table eq "nat") {
+	# 		$target = "REDIRECT --to-ports $dnsPort";
+	# 		$matchDnsPort = "53";
+	# 	}
 
-		if ($table eq "nat") {
-			$target = "REDIRECT --to-ports $transferPort";
-		}
+	# 	system ("sudo iptables -t $table -A OUTPUT -p udp --dport $matchDnsPort -j $target");
+	# 	system ("sudo iptables -t $table -A OUTPUT -p tcp --dport $matchDnsPort -j $target");
 
-		system ("sudo iptables -t $table -A OUTPUT -d $network -p tcp -j $target");
+	# 	if ($table eq "nat") {
+	# 		$target = "REDIRECT --to-ports $transferPort";
+	# 	}
 
-		if ($table eq "nat") {
-			$target = "RETURN";
-		}
+	# 	system ("sudo iptables -t $table -A OUTPUT -d $network -p tcp -j $target");
 
-		system ("sudo iptables -t $table -A OUTPUT -d 127.0.0.1/8    -j $target");
-		system ("sudo iptables -t $table -A OUTPUT -d 192.168.0.0/16 -j $target");
-		system ("sudo iptables -t $table -A OUTPUT -d 172.16.0.0/12  -j $target");
-		system ("sudo iptables -t $table -A OUTPUT -d 10.0.0.0/8     -j $target");
+	# 	if ($table eq "nat") {
+	# 		$target = "RETURN";
+	# 	}
 
-		if ($table eq "nat") {
-			$target = "REDIRECT --to-ports $transferPort";
-		}
+	# 	system ("sudo iptables -t $table -A OUTPUT -d 127.0.0.1/8    -j $target");
+	# 	system ("sudo iptables -t $table -A OUTPUT -d 192.168.0.0/16 -j $target");
+	# 	system ("sudo iptables -t $table -A OUTPUT -d 172.16.0.0/12  -j $target");
+	# 	system ("sudo iptables -t $table -A OUTPUT -d 10.0.0.0/8     -j $target");
 
-		system ("sudo iptables -t $table -A OUTPUT -p tcp -j $target");
-	}
+	# 	if ($table eq "nat") {
+	# 		$target = "REDIRECT --to-ports $transferPort";
+	# 	}
+
+	# 	system ("sudo iptables -t $table -A OUTPUT -p tcp -j $target");
+	# }
 
-	system ("sudo iptables -t filter -A OUTPUT -p udp -j REJECT");
-	system ("sudo iptables -t filter -A OUTPUT -p icmp -j REJECT");
+	# system ("sudo iptables -t filter -A OUTPUT -p udp -j REJECT");
+	# system ("sudo iptables -t filter -A OUTPUT -p icmp -j REJECT");
 
 	return true;
 }
 
-1;
+1;
diff --git a/lib/Nipe/Stop.pm b/lib/Nipe/Stop.pm
@@ -5,10 +5,11 @@ package Nipe::Stop;
 sub new {
 	my @table = ("nat", "filter");
 
-	foreach my $table (@table) {
-		system ("sudo iptables -t $table -F OUTPUT");
-		system ("sudo iptables -t $table -F OUTPUT");
-	}
+	# foreach my $table (@table) {
+	# 	system ("sudo iptables -t $table -F OUTPUT");
+	# 	system ("sudo iptables -t $table -F OUTPUT");
+	# }
+    system ("sudo iptables-restore < before_run.iptables");
 
 	if (-e "/etc/init.d/tor") {
 		system ("sudo /etc/init.d/tor stop > /dev/null");
@@ -21,4 +22,4 @@ sub new {
 	return true;
 }
 
-1;
+1;