知识图谱>> latent>> 返回
项目作者: skrupler

项目描述 :
Autostart script written in bash for openvpn, rtorrent and sysvinit/systemd.
高级语言: Shell
项目地址: git://github.com/skrupler/latent.git
创建时间: 2016-12-18T04:32:53Z
项目社区:https://github.com/skrupler/latent
开源协议:GNU General Public License v3.0
下载


latent.sh

latent.sh is a autostart script written in bash for openvpn, rtorrent and sysvinit/systemd. It ables you to with little hassle create a separate networked namespace (logical copy of the network stack) and connect it over openvpn isolating it from the rest of the system. It then launches rtorrent into a byobu session and binds it (-b ) to the ip address.

This is useful if you want to run certain processes like rtorrent in an isolated enviroment connected to the internet
via a vpn connection.

This project is under development still, might change/break

How it works

The gist of it is that a netns is created upon runtime and iptables are configured accordingly via virtual eth’s or (veths for short) making the netns able to access the network.
Then a openvpn connection is established and the rtorrent instance is binded to the ip address acquired by openvpn.

Visualization

  1.         +------+       +-------+       +-------+       +-------+      +---------+      +----------+
  2.         | eth0 |-------| veth0 |-------| veth1 |-------| netns |------| openvpn |------| rtorrent |
  3.         +------+       +-------+       +-------+       +-------+      +---------+      +----------+

Requirements

The script depends on these packages.

  • byobu
  • openvpn
  • rtorrent
  • iptables

.. and obviously a vpn provider you either run yourself or trust enough with your illicit traffic ;-)

Installation

I didn’t think this thru.

1. Clone the repo

  1. $ git clone https://github.com/skrupler/latent.git .sh

2. Adjust the settings.

  1. $ vim .sh/latent.sh
  1. PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
  2. USER="HACKER1"
  3. RTORRENT=/usr/bin/rtorrent
  4. BYOBU=/usr/bin/byobu
  5. BYOBU_NAME=secure
  6. BYOBU_TITLE=rtorrent
  7. IP=/sbin/ip
  8. PIDFILE=/var/run/rtorrent.pid
  9. SOCKET=/tmp/rpc.socket
  10. IFACE="eth0"
  11. NETNS="hidden"
  12. VETH0="veth0"
  13. VETH1="veth1"
  14. DNS="nameserver 91.239.100.100"
  15. OPVN=/etc/openvpn/openvpn.ovpn
  16. SOCKET_NAME=rtmux

Tip

Do note that if you have a vpn provider with login credentials you can specify in your .ovpn configuration file a authentication directive auth-user-pass /etc/openvpn/auth which takes two lines, username and password on 2ndline.

3. Choose what boot manager you run and continue from there.

Boot managers

It works with a varity of boot managers.

Upstart/SysVinit

Put the latent.sh in /etc/init.d/latent.sh and activate it.

Register it with rc.d:

  1. # update-rc.d latent.sh defaults 99

Make it executable:

  1. # chmod 755 /etc/init.d/latent.sh
Usage:
  1. # service latent.sh (start|stop|restart)

Systemd

Create a unit file in /etc/systemd/system/latent.service.

  1. [Unit]
  2. Description=latent.sh
  3. After=network.target
  5. [Service]
  6. Type=forking
  7. KillMode=none
  8. ExecStart=/home/username/sh/latent.sh start
  9. ExecStop=/home/username/sh/latent.sh stop
  10. WorkingDirectory=%h
  11. Restart=on-failure
  13. [Install]
  14. WantedBy=default.target
Usage:
  1. systemctl enable latent.service
  2. systemctl start|stop|restart latent.service