├── README.RU.md ├── README.md ├── WHATSNEW.md ├── config.inc ├── contributors.txt ├── docpics ├── mtkwifi.png ├── orangepipc.png └── rtlwifi.png ├── finalize_inst.sh ├── hardware ├── orangepi0 │ └── usr │ │ └── local │ │ └── bin │ │ └── cputemp.sh ├── orangepipc │ ├── 3.4.39-02-lobo │ │ └── wifi │ │ │ ├── 8188eu.ko │ │ │ ├── mt7601Uap.ko │ │ │ ├── rtnet7601Uap.ko │ │ │ └── rtutil7601Uap.ko │ ├── usr │ │ └── local │ │ │ └── bin │ │ │ ├── cputemp.sh │ │ │ └── powersave.sh │ └── wifi │ │ ├── etc │ │ ├── Wireless │ │ │ └── RT2870AP │ │ │ │ ├── RT2870AP.dat │ │ │ │ ├── RT2870AP.dat.old │ │ │ │ ├── RT2870APCard.dat │ │ │ │ ├── RT2870STA.dat │ │ │ │ ├── RT2870STACard.dat │ │ │ │ └── SingleSKU.dat │ │ └── modprobe.d │ │ │ └── 8188eu.conf │ │ └── firmware │ │ └── rtlwifi │ │ └── rtl8188eufw.bin ├── raspberrypi1 │ ├── usr │ │ └── local │ │ │ └── bin │ │ │ └── cputemp.sh │ └── wifi │ │ ├── etc │ │ └── modprobe.d │ │ │ └── r8188eu.conf │ │ └── firmware │ │ ├── mt7601u.bin │ │ └── rtlwifi │ │ └── rtl8188eufw.bin ├── raspberrypi2 │ ├── usr │ │ └── local │ │ │ └── bin │ │ │ └── cputemp.sh │ └── wifi │ │ ├── etc │ │ └── modprobe.d │ │ │ └── r8188eu.conf │ │ └── firmware │ │ ├── mt7601u.bin │ │ └── rtlwifi │ │ └── rtl8188eufw.bin └── raspberrypi3 │ └── usr │ └── local │ └── bin │ └── cputemp.sh ├── hostapd ├── hostapd_arm.tar.gz └── hostapd_pi_arm6.tar.gz ├── installer.sh ├── scripts ├── etc │ ├── hostapd │ │ └── hostapd-torbox.conf │ ├── systemd │ │ └── system │ │ │ ├── hostapd-torbox.service │ │ │ ├── i2p-torbox.service │ │ │ ├── powersave-torbox.service │ │ │ └── webui-torbox.service │ └── udev │ │ └── rules.d │ │ └── 70-persistent-net.rules ├── install │ ├── hostapdinst.sh │ ├── i2pinst.sh │ ├── java8inst.sh │ ├── nodejsinst.sh │ ├── privoxyinst.sh │ ├── setupnet.sh │ ├── setuprepos.sh │ ├── torinst.sh │ └── webuiinst.sh └── usr │ └── local │ └── bin │ ├── all_tor.sh │ ├── ap.sh │ ├── clean_firewall.sh │ ├── masquerade.sh │ ├── start_ap.sh │ └── sysctl_i2p.sh └── webui ├── _startapp.bat ├── app.js ├── bin └── www ├── config ├── config.json └── user.json ├── package.json ├── public ├── images │ └── .delme ├── javascripts │ └── .delme └── stylesheets │ └── style.css ├── routes ├── i2p.js ├── index.js ├── lib │ └── functions.js ├── mode.js └── system.js └── views ├── access.pug ├── error.pug ├── i2p.pug ├── index.pug ├── info.pug ├── layout.pug ├── mode.pug ├── reboot.pug ├── shutdown.pug ├── system.pug ├── xerror.pug └── xresult.pug /README.RU.md: -------------------------------------------------------------------------------- 1 | # Orange TorBOX 2 | 3 | **Проект заморожен. Пожалуйста, переходите на [TorBOX Next Generation](https://github.com/znoxx/tbng)** 4 | 5 | Этот проект - набор скриптов, который позволит установить и настроить анонимизирующий TOR/I2P MidlleBox быстро и просто. 6 | 7 | [Файлы проекта на GitHUB](http://github.com/znoxx/torbox). 8 | 9 | [Новости по теме Tor/I2p MiddleBox](http://znoxx.me/tag/torbox/). 10 | 11 | ## Как это работает ? 12 | 13 | После установки ваше *Pi-устройство будет изображать точку доступа WiFi трафик _клиентов_ которой можно будет переключить на работу через TOR, а также использовать устройство для доступа к сети I2P. Устройство управляется через веб-интерфейс и не требует дополнительной настройки. Доступны режимы "всё через TOR", "всё через TOR+Privoxy (встроенный рекламорез)" и "прямое соединение". 14 | 15 | Для пользования I2P требуется настроить http-proxy, указывающий на IP адрес устройства. 16 | 17 | Установка TOR на оконечные устройства (компьютер, телефон, планшет) не требуется. 18 | 19 | 20 | Текст ниже - перевод руководства по установке и эксплуатации 21 | 22 | ## Системные требования 23 | Текущая версия поддерживает устройства OrangePI PC и Orange Pi One на базе процессора AllWinner H3, Orange Pi Zero на базе AllWinner H2+, платы Raspberry Pi 1, Raspberry Pi 2, Raspberry Pi 3 и подразумевает следующее: 24 | 25 | * Все работает на Debian-подобной ОС (Debian 8+ с работающим system) 26 | * У вас имеется совместимый USB WiFi адаптер (об этом ниже). 27 | * Интернет подключен через Ethernet и DHCP и интерфейс сконфигурирован, как eth0. 28 | 29 | | Плата | Название Hardware Target | Примечания | 30 | |-------|--------------------------|------------| 31 | | Orange Pi PC | orangepipc | 32 | | Orange Pi One | orangepipc | 33 | | Orange Pi Zero | orangepi0 | Поддержан только встроенный WiFi адаптер | 34 | | Raspberry Pi 1 (armv6) | raspberrypi1 | Поддержаны только адаптеры Realtek | 35 | | Raspberry Pi 2 (armv7) | raspberrypi2 | Поддержаны только адаптеры Realtek | 36 | | Raspberry Pi 3 (в режиме armv7) | raspberrypi3 | Поддержаны только собственный адаптер Broadcom, т.е. внешний донгл не требуется. | 37 | 38 | 39 | 40 | ## Аппаратные требования 41 | ### Подготовка образа 42 | #### Готовый образ 43 | ##### Для OrangePi PC и OrangePi One 44 | Базовый образ построен для OrangePI PC (AllWinner H3) на модифицированном ядре от Loboris. 45 | 46 | ##### Для OrangePi Zero 47 | Базовый образ построен для OrangePI Zero (AllWinner H2+) на дистрибутиве Armbian. По сравнению с оригинальным образом - отключена поддержка 3D за ненадобностью, а также Network Manager для обеспечения ручной настройки WiFi. 48 | 49 | ##### Для Raspberry Pi 1, Raspberry Pi 2 и Raspberry Pi 3 50 | Базовый образ базируется на проекте [Minibian](https://minibianpi.wordpress.com/), но увеличен до 2 ГБ и добавлен swap. 51 | 52 | Требуется карточка как минимиум 2GB. 53 | 54 | _Различные производители интерпретируют размер в 2GB по своему. Если вдруг вы увидели ошибку записи с информацией об окончании места - используйте карту либо от другого производителя, либо 4GB карту. Стоят они не дорого._ 55 | 56 | Готовый образ можно скачать: 57 | 58 | ##### Для OrangePi PC и OrangePi One 59 | Расположен [здесь](http://znoxx.me/cgi-bin/url.cgi?2jjcGns). 60 | 61 | 62 | ##### Для OrangePi Zero 63 | Расположен [здесь](http://znoxx.me/cgi-bin/url.cgi?2j55knh). 64 | 65 | ##### Для Raspberry Pi 1-3 66 | Расположен [здесь](http://znoxx.me/cgi-bin/url.cgi?2jjfwJb). 67 | 68 | Распакуйте и запишите его на microSD командой dd в Linux, или с помощью Win32DiskImager в Windows. 69 | 70 | ##### Для OrangePi PC и OrangePi One 71 | 72 | Подмонтируйте первую VFAT партицию (или просто переткните карту в Windows) для того, чтобы установить script.bin, соответствующей вашей плате. 73 | 74 | Этот образ изначально настроен для Orange Pi PC. Если вы используете Orange Pi One - эту операцию __нужно__ сделать. 75 | 76 | [![Orange Pi PC](docpics/orangepipc.png)](http://znoxx.me/cgi-bin/url.cgi?1NS4Fcm) 77 | 78 | ##### Для OrangePi Zero и Raspberry Pi 1-3 79 | Дополнительных действий с образом не требуется - можно загружать систему. 80 | 81 | 82 | #### Другие образы 83 | Вы вполне можете использовать свой собственный образ. 84 | Необходимо помнить следующее: 85 | 86 | * Интерфейс eth0 должен быть преднастроен и должен использовать DHCP 87 | * Network Manager должен быть отключен или вообще удален. Ну или хотя бы НЕ должен "рулить" вашими WiFi адаптерами. 88 | * Потребуется установить пакеты libnl - libnl3-200 и libnl-genl-3-200 для корректной работы hostapd. 89 | 90 | Проверьте Вашу карточку - вставьте в устройство, загрузитесь и попробуйте зайти по SSH. 91 | 92 | ### Поддержанные WiFi адаптеры 93 | 94 | Система поддерживает самые доступные и популярные адаптеры 95 | 96 | * 0bda:0179 Realtek Semiconductor Corp. RTL8188ETV Wireless LAN 802.11n Network Adapter 97 | 98 | [![Realtek](docpics/rtlwifi.png)](http://znoxx.me/cgi-bin/url.cgi?1qZe7Yl) 99 | 100 | * 0bda:8179 Realtek Semiconductor Corp. [RTL8188EUS](http://znoxx.me/cgi-bin/rurl.cgi?1UYTCqW) 802.11n Wireless Network Adapter 101 | * 148f:7601 Ralink Technology, Corp. MT7601U Wireless Adapter 102 | 103 | [![MTK](docpics/mtkwifi.png)](http://znoxx.me/cgi-bin/rurl.cgi?1R2y3op) 104 | 105 | **MTK НЕ ПОДДЕРЖИВАЕТСЯ В RASPBERRY PI (все версии) И ORANGE PI ZERO** 106 | 107 | Также поддержаны: 108 | 109 | * Собственный адаптер Raspberry Pi 3 110 | * Собственный адаптер в OrangePi Zero 111 | 112 | Вообще, список этот далеко не финальный. Другие адаптеры тоже будут работать, при условии, что для них есть во-первых драйвер, а во-вторых они умеют работать в режиме Access Point с драйверами hostapd __"nl80211"__ или __"rtl871xdrv"__. Ну или без hostapd, как например поддержанный mt7601. 113 | 114 | ## Запуск инсталляции 115 | Загрузите ваше устсройство, используя подготовленную SD-карту. 116 | 117 | Логин/Пароль для Orange Pi PC, Orange Pi One и Orange Pi Zero - orangepi/orangepi 118 | 119 | Логин/Пароль для Raspberry Pi 1-3 - pi/raspberry 120 | 121 | Войдите через SSH и дайте следующие команды: 122 | 123 | * `sudo apt-get update` 124 | * `sudo apt-get install git` 125 | * `git clone https://github.com/znoxx/torbox.git` 126 | 127 | Когда всё скачается, дайте команду: 128 | 129 | * `cd torbox` 130 | 131 | Теперь отредактируйте __config.inc__ под ваши нужды. 132 | 133 | Что менять помимо указания "hardware target" (см. таблицу выше): 134 | 135 | * USER - если вы используете учетную запись "orangepi" (в случае ***Orange Pi PC/Orange Pi One***) - просто оставьте её как есть. Для ***Raspberry Pi 1, Raspberry Pi 2 и Raspberry Pi 3*** следует использовать учетную запись "pi". Если свою собственную - замените orangepi на свою запись. 136 | * SSIDNAME - Собственно, ваш будущий WiFi. 137 | * SSIDPASSWORD - пароль к WiFi. 138 | * IPxxx and DHCPxxx- Это настройки сети. Если не нравятся чем-либо предустановленнные, просто отредактируйте их 139 | * WEBUIxxx - настройки WEB UI.Под этим пользователем будет запускаться интерфейс, ну и откуда он будет запускаться. 140 | * I2PUSER - наверное не надо его менять. I2P будет запускаться под вашим пользователем. 141 | * I2PLOCATION - куда будет установлена I2P. 142 | * USESTOCKTOR - какой TOR будем ставить. По умлочанию - тот, что живет в официальных репозитариях Ubuntu/Debian. Если хотите новейшую версию из torproject - установите этот параметр в "0". Правда, возможны проблемы совместимости с systemd. 143 | * HOSTADDR - Этот параметр позволяет обращаться к устройству, используя имя, а не адрес. Он генерируется из параметра "hostname", так, если пример не изменялся - на устройство можно зайти по адресу http://orangepi.torbox:3000. Для этого устройство должно быть в режиме "DIRECT". 144 | 145 | Если редактирование завершено, решительно запускайте инсталлятор. 146 | 147 | * `sudo ./installer.sh` 148 | 149 | Всё полностью автоматизированно - будут установлены нужные пакеты, а также будет настроен интерфейс __wlan0__. 150 | Инсталлятор работает довольно долго, поскольку качает и Java 8 и node.js из репозитариев. 151 | 152 | ## Тестирование системы 153 | Как только инсталлятор завершит работу - вставьте ваш USB WiFi в устройство и "передёрните" питание. Если устройство уже имеет встроенный WiFi - просто перезагрузите устройство. 154 | После загрузки должна быть доступна ваша новая WiFi сеть. 155 | Соединитесь с этой сетью и попробуйте открыть любой URL. 156 | 157 | Теперь проверьте в брауезере следующий адрес - http://IPADDRESS:3000 - тот самый адрес, который вы указали в конфигурации или имя хоста - http://yourhost.torbox:3000. WEB-интерфейс должен быть доступен. 158 | Логин/пароль по умлочанию - "orangepi/orangepi". Его можно сменить в самом WebUI. 159 | Переключите режим в TOR или Privoxy и откройте страницу http://check.torproject.org - и если все в порядке, вы увидите сообщение о том, что ваш браузер работает через TOR. 160 | 161 | 162 | ## Режимы работы 163 | Устройство поддерживает 3 режима работы: 164 | 165 | * _TOR_ - весь траффик от __WiFi клиентов__ направляется через TOR 166 | * _PRIVOXY_ - весь траффик от __WiFi клиентов__ направляется через TOR и PRIVOXY. Вы можете настроить правила для Privoxy, например для вырезания рекламы или кнопок "Like". Лучше свериться с [официальной документацией](http://privoxy.org). 167 | * _DIRECT_ - Весь траффик проходит через точку доступа без TOR/PRIVOXY, но можно задать http/https proxy в браузере, указав IPADDRESS и порт 8118 для анонимизации интернет-траффика. 168 | 169 | Эти настройки можно переключать в WebUI. Помните, что траффик самого устройства не перенаправляется через TOR. Так, например запуска "apt-get" на Pi будет использовать прямое соединение с Интернетом. Итак - через TOR работают только Wifi клиенты. 170 | 171 | 172 | ## Использование I2P 173 | После загрузки можно запустить демона I2P через WebUI. Где-то через пару минту от момента старта можно открыть URL http://IPADDRESS:7657, где, собственно и изменить настройки I2P. 174 | Для доступа к .i2p сайту - установите proxy в системе - в качестве адреса IPADDRESS и порта значение 8118. Где-то через несколько минут вы сможете открывать .i2p сайты. 175 | 176 | ## Завершение инсталляции 177 | После того, как все настройки проверены, в папке проекта запустите: 178 | 179 | * `sudo ./finalize_inst.sh` 180 | * Опционально: `sudo apt-get upgrade` 181 | 182 | Это "закроет" firewall и почистит временные файлы. 183 | После этого устройство доступно лишь по адресу IPADDRESS:22 в том случае, если вы соединены с вашей новой точкой доступа. 184 | 185 | ## Дополнительные сведения о драйверах 186 | 187 | Драйвера MediaTek/Ralink НЕ используют hostapd для создания точки доступа. То есть, если вы хотите изменить настройки точки доступа - делать это нужно в соответствующем месте. Для Mediatek - в настройках драйвера. Для остальных - /etc/hostapd/hostapd.conf. Во время инсталляции первичные настройки устанавливаются в обоих локациях. 188 | Таким образом, если ваш USB WiFi - Mediatek - hostapd просто "тихо" отключится, и точка доступа будет работать через драйвер. 189 | Для других WiFi устройств - используется hostapd. 190 | 191 | ## Использование других WiFi устройств 192 | 193 | Если у вас другой WiFi драйвер, имейте ввиду: 194 | 195 | * Убедитесь, что ваше устройство имеет как драйвер, так и firmware, если оно нужно. 196 | * Внестие нужные изменения в /etc/hostapd/hostapd.conf 197 | * Переименуйте ваш интерфейс беспроводной сети в wlan0 - это позволит минимизировать изменения. 198 | 199 | Я достаточно успешно проверил некоторые устройства TP-Link, так что никаких проблем не ожидается. 200 | 201 | ##### Для Orange Pi PC и Orange Pi One 202 | _Имейте ввиду, что инсталлятор перемещает некоторые драйвера от Realtek в /lib/modules-disabled_. Если ваш донгл от Realtek - проверьте нет ли вашего драйвера в этой папке. 203 | 204 | ## Использование других платформ 205 | В общем случае, в папке "hardware" нужно создать подпапку "myhardware" (например) и положить в нее специфичные для платформы "артефакты", такие как драйвера, скрипт для мониторинга температуры и скрипт _powersave.sh_, который сгенерирован через powertop. 206 | 207 | ## Ссылки и благодарности 208 | Спасибо Loboris за работающие и стабильные ядра для OrangepPI http://www.orangepi.org/orangepibbsen/forum.php?mod=viewthread&tid=342 209 | 210 | Спасибо bronco за исправление проблем с температурой на OrangePi http://www.orangepi.org/orangepibbsen/forum.php?mod=viewthread&tid=785 211 | 212 | Оригинальный hostapd http://w1.fi/hostapd/ с патчем для Realtek https://github.com/pritambaral/hostapd-rtl871xdrv также используется в системе. Он собран для архитектуры ARM. 213 | 214 | [Minibian](https://minibianpi.wordpress.com) с некоторыми изменениями для Raspberry Pi 215 | 216 | [Armbian](http://armbian.com) отличная ОС для кучи железа. 217 | 218 | Включенные драйвера: 219 | 220 | * Realtek 8188eu - https://github.com/lwfinger/rtl8188eu (для Raspberry Pi 1 и Raspberry Pi 2 используется staging драйвер из комплекта ядра) 221 | * Mediatek 7601 AP mode - https://github.com/eywalink/mt7601u (не поддерживается для Raspberry Pi и Orange Pi Zero) 222 | 223 | ## Отказ от отвественности 224 | Стоит упомянуть: 225 | 226 | * Скрипт протестирован и должен работать без проблем. Однако, нет никаких гарантий, что он подойдет под ваши нужды. 227 | * Автор не несет ответственности за любой прямой или косвенный вред от продукта нанесенный как вашему устройству, так и приватности. 228 | * TOR и I2P разработаны для защиты вашей приватности, но не являются панацеей. Использование подразумевает наличие некоторых фундаментальных знаний. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Orange TorBOX 2 | 3 | **Project is not maintained anymore. Please switch to [TorBOX Next Generation](https://github.com/znoxx/tbng)** 4 | 5 | This project is a set of installer scripts, which will allow to setup 6 | anonymizing TOR middlebox and I2p proxy quickly and easily. 7 | 8 | After installation your \*Pi device will get functionality of Access Point, which *clients* will connect to Internet through TOR completely. It supports 3 modes of 9 | operation: "all through TOR", "all through TOR+Privoxy (configurable web proxy with ads cutter)" and "direct mode". Also device will allow to run I2P daemon and 10 | access .i2p sites. In this case you have to setup http-proxy on your device. 11 | 12 | End-user devices ( Access Point clients) do not need TOR bundle to be installed - they work fully transparent via your new Access Point. 13 | 14 | [Russian Description/Описание на русском](README.RU.md) 15 | 16 | ## System requirements 17 | Current version is targeted for some OrangePI H3 hardware (Orange Pi PC, Orange Pi One), Raspberry Pi 1,2 and 3 hardware and assumes the following: 18 | 19 | * You run Debian-based OS with systemd enabled/working (Debian 8+) 20 | * You own compatible USB wifi dongle (see list below) 21 | * Your "Internets" are connected via Ethernet cable and DHCP is possible for eth0 wired interface 22 | 23 | There are still some new Orange Pi's to support, but this may be seriously postponed for some "vNext" version with major improvements. 24 | 25 | Currently supported hardware platforms: 26 | 27 | |Board|Hardware target name |Remarks| 28 | |:---|:---|:---| 29 | |Orange Pi PC|orangepipc| 30 | |Orange Pi One|orangepipc| 31 | |Orange Pi Zero|orangepi0|Only built-in wifi supported| 32 | |Raspberry Pi 1 (armv6)|raspberrypi1|Only Realtek WiFi is supported| 33 | |Raspberry Pi 2 (armv7)|raspberrypi2|Only Realtek WiFi is supported| 34 | |Raspberry Pi 3 (in armv7 mode)|raspberrypi3|Native RPI 3 WiFi only - no external dongle needed| 35 | 36 | 37 | ## Hardware requirements 38 | ### Media preparation 39 | #### Pre-made image 40 | ##### For Orange Pi PC and Orange Pi One 41 | Base image is build of OrangePI PC (AllWinner H3) with a modified Loboris kernel. 42 | ##### For Orange Pi Zero 43 | Base image is Armbian 5.24. Standart update procedure should work correctly. Actual version is tested on 256MB board, so 512MB version should work ok also. 44 | ##### For Raspberry Pi 1, Raspberry Pi 2 and Raspberry Pi 3 45 | Base image is derived from Mininian Image (https://minibianpi.wordpress.com/) - it resized to 2GB and swap partition added. 46 | 47 | It requires 2GB microSD card. 48 | 49 | _Different manufacturers use diffrent "2GB" size interpretation. In case you receive 50 | "out of space" error, change manufacturer or use 4GB card. They are cheap._ 51 | 52 | Prepared image can be downloaded here: 53 | ##### For Orange Pi PC and Orange Pi One 54 | 55 | Located [here](http://znoxx.me/cgi-bin/url.cgi?2jjcGns) 56 | 57 | ##### For Orange Pi Zero 58 | Located [here](http://znoxx.me/cgi-bin/url.cgi?2j55knh) 59 | 60 | ##### For Raspberry Pi 1, Raspberry Pi 2 and Raspberry Pi 3 61 | Located [here](http://znoxx.me/cgi-bin/url.cgi?2jjfwJb) 62 | 63 | Unpack it and "dd" to your microSD. Or use Win32DiskImager to write unpacked image on 64 | Windows-based systems. 65 | ##### For Orange Pi PC and Orange Pi One 66 | Mount first VFAT partition (or just re-insert your card on Windows) and copy your 67 | hardware-script.bin to script.bin. 68 | 69 | Initial image is targeted for Orange Pi PC. If you want to use it with Orange Pi One, you __have to__ do this. 70 | 71 | [![Orange Pi PC](docpics/orangepipc.png)](http://znoxx.me/cgi-bin/url.cgi?1NS4Fcm) 72 | 73 | ##### For Raspberry Pi 1,2,3 and Orange Pi Zero 74 | No additional actions needed - just boot your device 75 | 76 | 77 | #### Other images 78 | You can adapt your own image, you use. 79 | Things to keep in mind: 80 | 81 | * eth0 interface should be configured and set to use DHCP 82 | * Network Manager should be disabled or even completely uninstalled. Or it should not manage your WiFi. 83 | * You will need some libnl packages - consider installing libnl3-200 and libnl-genl-3-200 to allow hostapd operation. 84 | 85 | Now test it - insert SD, then power on and try to login to your system via SSH. 86 | 87 | ### Supported Wifi dongles 88 | 89 | I decided to suppport cheapest dongles "out of the box", which can run in AP mode. 90 | 91 | * 0bda:0179 Realtek Semiconductor Corp. RTL8188ETV Wireless LAN 802.11n Network Adapter 92 | 93 | [![Realtek](docpics/rtlwifi.png)](http://znoxx.me/cgi-bin/url.cgi?1qZe7Yl) 94 | 95 | * 0bda:8179 Realtek Semiconductor Corp. RTL8188EUS 802.11n Wireless Network Adapter (http://znoxx.me/cgi-bin/rurl.cgi?1UYTCqW) 96 | * 148f:7601 Ralink Technology, Corp. MT7601U Wireless Adapter 97 | 98 | [![MTK](docpics/mtkwifi.png)](http://znoxx.me/cgi-bin/rurl.cgi?1R2y3op) 99 | 100 | **MTK IS NOT SUPPORTED IN RASPBERRY PI VERSIONS** 101 | 102 | Also supported: 103 | 104 | * Onboard Raspberry Pi 3 Wifi (Broadcom) 105 | * Onboard Orange Pi Zero (AllWinner ?) 106 | 107 | However, it's not a "final" list. Other dongles are supported too, just make sure they can run with hostapd driver __"nl80211"__ or __"rtl871xdrv"__. Or even without hostapd, like listed Ralink/MTK one. 108 | 109 | ## Starting the installation 110 | Boot in your freshly prepared SD-card. 111 | 112 | Login for OrangePI is orangepi/orangepi, for Raspberry Pi - pi/raspberry. 113 | 114 | Login via SSH and run following commands: 115 | 116 | * `sudo apt-get update` 117 | * `sudo apt-get install git` 118 | * `git clone https://github.com/znoxx/torbox.git` 119 | 120 | After everything is downloaded: 121 | 122 | * `cd torbox` 123 | 124 | Now adjust __config.inc__ to your needs. 125 | 126 | What to tweak in addition to selection of "hardware target" (see table above): 127 | 128 | * USER - For Orange Pi PC and Orange Pi One if you use "orangepi" user, better leave it. Same for "pi" user on Raspberry. If you use your own - change the name. 129 | * SSID_NAME - name of your future WiFi. 130 | * SSID_PASSWORD - WiFi password 131 | * IP_xxx and DHCP_xxx- things that will go to interface file. If you have special requirements for IP to use, change them 132 | * WEBUI_xxx WEB UI related stuff. User and path. Think twice before changing, since default settings should be ok for everyone. 133 | * I2P_USER - don't think you should change it 134 | * I2P_LOCATION - where I2P will be installed. 135 | * USE_STOCK_TOR - this indicates, that TOR from official debian/ubuntu repo will be installed. In case you want one bleeding edge - set to "0" and torproject repos will be used. But keep in mind, that you will may have problems with systemd compatibility. 136 | * HOSTADDR - this one allow you to access system via name in browser. It is generated from "hostname", so in example you will have http://orangepi.torbox:3000. If your device in _direct_ mode - you can access it by name. 137 | 138 | When you are done, proceed with 139 | 140 | * `sudo ./installer.sh` 141 | 142 | It's completely automated and will install and configure software and also set __wlan0__ interface. 143 | Installer runs significant amount of time, since it's downloads packages, installs node.js for Web UI and Java 8 from Oracle repository. 144 | 145 | ## Testing the system 146 | After you are done, insert your WiFi dongle and powercycle the platform. 147 | After boot, your new Torred and I2Ped Access point will be visible. 148 | Connect to it, using the SSID and password, you set up on previous step. 149 | Being connected to your WiFi, open any URL in your browser. 150 | Now check URL http://IP_ADDRESS:3000 (or hostname http://yourhost.torbox:3000) - the IP or name you set in config. WEB UI should be accessible. 151 | Default username/password is "orangepi/orangepi". You can change them from the WebUI. 152 | Change mode to TOR or Privoxy and open http://check.torproject.org - and if everything is ok, you will see confirmation, that TOR is configured. 153 | 154 | ## Modes of operation 155 | Device has generally 3 modes of operation: 156 | 157 | 158 | * _TOR_ - all traffic from __WiFi clients__ is routed through TOR 159 | * _PRIVOXY_ - all traffic from __WiFi clients__ is routed thorough TOR and PRIVOXY. You can set some privoxy rules to get rid of ads and annoying "Like" buttons, for example .Better check with official privoxy documentation (http://privoxy.org) 160 | * _DIRECT_ - All traffic is routed directly without TOR or/and privoxy, but you can still setup http/https proxy in your browser, pointing IP_ADDRESS and port 8118 to use anonymous internet browsing. 161 | 162 | Those settings are switched via WebUI. Remember that traffic from torbox itself is not routed via TOR. E.g. running "apt-get" on system will go to internet directly. So, again - Wifi clients only are torred. 163 | 164 | 165 | ## Using the I2P 166 | After boot, run the I2P daemon via WebUI. In couple of minutes, you will be ready to connect to http://IP_ADDRESS:7657. Feel free to tweak settings and play. 167 | To access I2P site - set up a proxy on your system, pointing to IP_ADDRESS:8118 and after some time you will be able to open .i2p websites. 168 | 169 | ## Finalizing the installation 170 | After things are tested and you are happy, run 171 | 172 | * `sudo ./finalize_inst.sh` 173 | * Optional: `sudo apt-get upgrade` 174 | 175 | In project dir. It will adjust the firewall to close the access from outer world and clean some temp files. 176 | 177 | From this moment, you can only SSH your system via IP_ADDRESS:22 when you are connected to your fresh torred wifi network. 178 | 179 | ## Special note about drivers 180 | 181 | Bundled MediaTek/Ralink driver DOES NOT use hostapd to provide an access point. So if you want to change AP settings - change them in appropriate place. For Mediatek - in driver settings. For others - /etc/hostapd/hostapd.conf. During the install they are applied in both. 182 | So if your dongle is Mediatek - hostapd silently fails on start, but you still do have an access point via driver. 183 | For other dongles - hostapd is used. 184 | For Orange Pi Zero - onboard WiFi chip **only**. Realtek dongle also can be used, depends on driver availability. 185 | For Raspberry Pi 1 and 2 - **Realtek is only supported**. 186 | For Raspberry Pi 3 - onboard Broadcom **only**. You still can support Realtek like it done for Rpi2, check script internals. 187 | 188 | ## Using other WiFi dongles 189 | 190 | To use some other WiFi adapters, keep in mind following: 191 | 192 | * You should be sure that you have the appropriate driver and firmware if needed 193 | * You have to change /etc/hostapd/hostapd.conf 194 | * Better to rename your interface to wlan0 to make things running smoothly 195 | 196 | I've tested some TP-Link drivers successfully, so no limitations here. 197 | 198 | 199 | ##### For OrangePi PC and Orange Pi One 200 | _Beware, that installer script moves some Realtek default drivers to /lib/modules-disabled_. Better to check this dir, when you run into a problem with a WiFi dongle. 201 | 202 | ## Using other plarforms 203 | Generally, you need to create new hardware target and compile nescessary hardware drivers. 204 | 205 | ## Thanks and references 206 | Thanks to Loboris for providing working and stable kernels for OrangepPI http://www.orangepi.org/orangepibbsen/forum.php?mod=viewthread&tid=342 207 | 208 | Thanks to bronco for fixing temperature issues on OrangePi http://www.orangepi.org/orangepibbsen/forum.php?mod=viewthread&tid=785 209 | 210 | Original hostapd http://w1.fi/hostapd/ with Realtek patch https://github.com/pritambaral/hostapd-rtl871xdrv used in system and build for ARM arch. 211 | 212 | Minibian (https://minibianpi.wordpress.com) with some updates is used for Raspberry Pi images. 213 | 214 | Drivers bundled: 215 | 216 | * Realtek 8188eu - https://github.com/lwfinger/rtl8188eu (native staging driver is used for Raspberry Pi 1 and 2) 217 | * Mediatek 7601 AP mode - https://github.com/eywalink/mt7601u (not for Raspberry Pi boards) 218 | 219 | ## Disclaimer 220 | Things to keep in mind 221 | 222 | * Scripts are tested and supposed to be run ok. However, there is no warranty, that it will work for you or suite particular needs. 223 | * Also I'm not responsible for damage of any kind, caused directly or indirectly to your hardware or privacy. 224 | * TOR and I2P are not a silver bullet and designed to protect your privacy. The particular usage requires some fundamental knowledge. -------------------------------------------------------------------------------- /WHATSNEW.md: -------------------------------------------------------------------------------- 1 | # Changes for 10-10-2017 2 | 3 | **Project is not maintained anymore. Please switch to [TorBOX Next Generation](https://github.com/znoxx/tbng)** 4 | 5 | # Changes for 08-08-2017 6 | 7 | * Russian documentation moved to git repository 8 | * Added some images 9 | * English and Russian versions are aligned (well, almost). 10 | 11 | **NOTE: 12 | 13 | Project is no more supported. Heading to a whole new version. 14 | 15 | # Changes for 05-03-2017 16 | 17 | * Overall speedup of installer due to optimization of repository processing. 18 | * init.d support completely removed - everything is moved to systemd. 19 | * Systemd scripts and related binaries now have "-torbox" suffix to avoid conflicts with standard/other software 20 | * I2P updated to last version (for the time being) 21 | 22 | ***NOTE: 23 | 24 | This update is considered as last major one, next commits will be only bugfixes (critical ones) and third-party software updates 25 | (like node.js/i2p), since new version of anonymizing middlebox with much more flexible functionality is planned. 26 | 27 | # Changes for 15-01-2017 28 | 29 | * Added new hardware target and image link - Orange Pi Zero 30 | * Version of i2p software updated to 0.9.27 31 | * Some internal script optimizations 32 | 33 | 34 | # Changes for 07-08-2016 35 | 36 | * Added new hardware target - Raspberry Pi 3 37 | * Node.js for ARMv7+ repo updated to 6.x version 38 | 39 | # Changes for 25-06-2016 40 | 41 | * i2p updated to version 0.9.26 42 | 43 | # Changes for 14-05-2016: 44 | 45 | * Raspberry Pi 1 and Raspberry Pi 2 platforms supported. 46 | * Critical issue with Realtek 8188 firmware resolved - moved to correct folder. 47 | * Added haveged daemon to solve entropy issues and increase SoftAP speed/reliablilty. 48 | * Pug in WebUI updated to latest version from npmjs.org. 49 | * Overall code cleanup and refactoring. 50 | 51 | ## Manual adding of haveged daemon 52 | 53 | 1. Login to your device as root. 54 | 2. `apt-get install haveged` 55 | 3. Reboot. 56 | 57 | ## Fixing firmware issue (previous releases) 58 | 59 | 1. Login to your device as root. 60 | 2. `mv /lib/firmware/rtl8188eufw.bin /lib/firmware/rtlwifi/rtl8188eufw.bin` 61 | 3. Reboot. Speed of access point should increase dramatically. 62 | 63 | # Changes for 15-04-2016: 64 | * WebUI updated to 0.2.0 65 | * Jade->Pug migrated 66 | * Dependencies upgraded to latest npm versions 67 | * Fixed issues in templates to comply with Pug 68 | 69 | ## Manual update of webui 70 | 71 | 1. Fetch new version from GIT 72 | 2. Stop WebUI (usually - `sudo /etc/init.d/webui stop`) 73 | 3. Backup your /opt/webui somwhere (it is **important**) 74 | 4. Delete contents /opt/webui (but keep directory) 75 | 5. Copy webui contents of git copy to /opt/webui 76 | 6. `cd /opt/webui` 77 | 7. `sudo npm install` 78 | 8. `chown webui:webui -R *` (change webui to appropriate user you use to run WebUI) 79 | 9. Copy config dir from your saved backup (3) to /opt/webui 80 | 10. Start WebUI (usually - `sudo /etc/init.d/webui start`) 81 | 82 | # Changes for 01-04-2016: 83 | 84 | * Orange Pi One support 85 | * Initial image aligned to SD card 86 | * Only script.bin for OrangePi PC and Orange Pi One left - since operation is headless. 87 | * I2P update to .25 version 88 | * Default operation mode is DIRECT - this will allow to access freshly-boot device via name defined in config (e.g. http://orangepi.torbox:3000) 89 | -------------------------------------------------------------------------------- /config.inc: -------------------------------------------------------------------------------- 1 | ## Supported hardware targets: orangepipc (also for orangepi one),orangepi0,raspberrypi1,raspberrypi2,raspberrypi3. 2 | HARDWARE=orangepipc 3 | ## Put your hostname here 4 | HOSTNAME=OrangePi 5 | ## Active user (orangepi default one for orangepi, pi - for raspberry pi) 6 | USER=orangepi 7 | ## SSID name 8 | SSID_NAME=orangeBox 9 | ## SSID password 10 | SSID_PASSWORD=not4youreyes 11 | ## IP adddress 12 | IP_ADDRESS=192.168.110.1 13 | IP_NETMASK=255.255.255.0 14 | IP_NETWORK=192.168.110.0 15 | IP_BROADCAST=192.168.110.255 16 | DHCP_RANGE="192.168.110.50,192.168.110.150,255.255.255.0,12h" 17 | HOSTADDR="/${HOSTNAME}.torbox/${IP_ADDRESS}" 18 | 19 | 20 | ## below are settings of WEBUI. Don't change them, until you don't know what are you doing 21 | WEBUI_USER=webui 22 | WEBUI_LOCATION=/opt/webui 23 | 24 | ## below are settings of i2p. Don't change them, until you don't know, what are you doing 25 | I2P_USER=${USER} 26 | I2P_LOCATION=/opt/i2p 27 | 28 | ##Use offical debian (ubuntu) repo tor 29 | USE_STOCK_TOR=1 30 | 31 | 32 | -------------------------------------------------------------------------------- /contributors.txt: -------------------------------------------------------------------------------- 1 | znoxx 2 | -------------------------------------------------------------------------------- /docpics/mtkwifi.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/docpics/mtkwifi.png -------------------------------------------------------------------------------- /docpics/orangepipc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/docpics/orangepipc.png -------------------------------------------------------------------------------- /docpics/rtlwifi.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/docpics/rtlwifi.png -------------------------------------------------------------------------------- /finalize_inst.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | apt-get clean 3 | echo "firewall_incoming" >>/usr/local/bin/all_tor.sh 4 | -------------------------------------------------------------------------------- /hardware/orangepi0/usr/local/bin/cputemp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | cat /sys/devices/virtual/thermal/thermal_zone0/temp 3 | 4 | -------------------------------------------------------------------------------- /hardware/orangepipc/3.4.39-02-lobo/wifi/8188eu.ko: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/orangepipc/3.4.39-02-lobo/wifi/8188eu.ko -------------------------------------------------------------------------------- /hardware/orangepipc/3.4.39-02-lobo/wifi/mt7601Uap.ko: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/orangepipc/3.4.39-02-lobo/wifi/mt7601Uap.ko -------------------------------------------------------------------------------- /hardware/orangepipc/3.4.39-02-lobo/wifi/rtnet7601Uap.ko: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/orangepipc/3.4.39-02-lobo/wifi/rtnet7601Uap.ko -------------------------------------------------------------------------------- /hardware/orangepipc/3.4.39-02-lobo/wifi/rtutil7601Uap.ko: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/orangepipc/3.4.39-02-lobo/wifi/rtutil7601Uap.ko -------------------------------------------------------------------------------- /hardware/orangepipc/usr/local/bin/cputemp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | cat /sys/devices/virtual/thermal/thermal_zone0/temp 3 | 4 | -------------------------------------------------------------------------------- /hardware/orangepipc/usr/local/bin/powersave.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo '1500' > '/proc/sys/vm/dirty_writeback_centisecs' 3 | echo '0' > '/proc/sys/kernel/nmi_watchdog' 4 | echo '1' > '/sys/devices/system/cpu/sched_mc_power_savings' 5 | 6 | -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/etc/Wireless/RT2870AP/RT2870AP.dat: -------------------------------------------------------------------------------- 1 | Default 2 | CountryRegion=5 3 | CountryCode=RU 4 | SSID=orangeBox 5 | NetworkType=Infra 6 | WirelessMode=5 7 | Channel=4 8 | BasicRate=15 9 | WmmCapable=1 10 | HT_BW=1 11 | HT_GI=1 12 | HT_MCS=33 13 | HT_RDG=1 14 | HT_MIMOPSMode=3 15 | HT_DisallowTKIP=1 16 | HT_STBC=0 17 | HT_BADecline=0 18 | HT_AutoBA=1 19 | HT_AMSDU=0 20 | HT_BAWinSize=64 21 | HT_EXTCHA=0 22 | HT_OpMode=0 23 | HT_MpduDensity=4 24 | PSMode=CAM 25 | 26 | AuthMode=WPA2PSK 27 | EncrypType=TKIP;AES 28 | WPAPSK=not4youreyes 29 | BssidNum=1 30 | 31 | -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/etc/Wireless/RT2870AP/RT2870AP.dat.old: -------------------------------------------------------------------------------- 1 | #The word of "Default" must not be removed 2 | Default 3 | CountryRegion=5 4 | CountryRegionABand=7 5 | CountryCode=RU 6 | BssidNum=1 7 | SSID=OrangeBoxTest 8 | WirelessMode=9 9 | TxRate=0 10 | Channel=4 11 | BasicRate=15 12 | BeaconPeriod=100 13 | DtimPeriod=1 14 | TxPower=100 15 | DisableOLBC=0 16 | BGProtection=0 17 | TxAntenna= 18 | RxAntenna= 19 | TxPreamble=0 20 | RTSThreshold=2347 21 | FragThreshold=2346 22 | TxBurst=1 23 | PktAggregate=0 24 | TurboRate=0 25 | WmmCapable=0 26 | APSDCapable=0 27 | DLSCapable=0 28 | APAifsn=3;7;1;1 29 | APCwmin=4;4;3;2 30 | APCwmax=6;10;4;3 31 | APTxop=0;0;94;47 32 | APACM=0;0;0;0 33 | BSSAifsn=3;7;2;2 34 | BSSCwmin=4;4;3;2 35 | BSSCwmax=10;10;4;3 36 | BSSTxop=0;0;94;47 37 | BSSACM=0;0;0;0 38 | AckPolicy=0;0;0;0 39 | NoForwarding=0 40 | NoForwardingBTNBSSID=0 41 | HideSSID=0 42 | StationKeepAlive=0 43 | ShortSlot=1 44 | AutoChannelSelect=0 45 | IEEE8021X=0 46 | IEEE80211H=0 47 | CSPeriod=10 48 | WirelessEvent=0 49 | IdsEnable=0 50 | AuthFloodThreshold=32 51 | AssocReqFloodThreshold=32 52 | ReassocReqFloodThreshold=32 53 | ProbeReqFloodThreshold=32 54 | DisassocFloodThreshold=32 55 | DeauthFloodThreshold=32 56 | EapReqFooldThreshold=32 57 | PreAuth=0 58 | AuthMode=WPA2PSK 59 | EncrypType=AES 60 | RekeyInterval=0 61 | RekeyMethod=DISABLE 62 | PMKCachePeriod=10 63 | WPAPSK=not4youreyes 64 | DefaultKeyID=1 65 | Key1Type=0 66 | Key1Str= 67 | Key2Type=0 68 | Key2Str= 69 | Key3Type=0 70 | Key3Str= 71 | Key4Type=0 72 | Key4Str= 73 | HSCounter=0 74 | AccessPolicy0=0 75 | AccessControlList0= 76 | AccessPolicy1=0 77 | AccessControlList1= 78 | AccessPolicy2=0 79 | AccessControlList2= 80 | AccessPolicy3=0 81 | AccessControlList3= 82 | WdsEnable=0 83 | WdsEncrypType=NONE 84 | WdsList= 85 | WdsKey= 86 | #RADIUS_Server=192.168.2.3 87 | #RADIUS_Port=1812 88 | #RADIUS_Key=ralink 89 | #own_ip_addr=192.168.5.234 90 | #EAPifname=br0 91 | #PreAuthifname=br0 92 | HT_HTC=0 93 | HT_RDG=0 94 | HT_EXTCHA=0 95 | HT_LinkAdapt=0 96 | HT_OpMode=0 97 | HT_MpduDensity=5 98 | HT_BW=1 99 | HT_AutoBA=1 100 | HT_AMSDU=0 101 | HT_BAWinSize=64 102 | HT_GI=1 103 | HT_MCS=33 104 | MeshId=MESH 105 | MeshAutoLink=1 106 | MeshAuthMode=OPEN 107 | MeshEncrypType=NONE 108 | MeshWPAKEY= 109 | MeshDefaultkey=1 110 | MeshWEPKEY= 111 | WscManufacturer= 112 | WscModelName= 113 | WscDeviceName= 114 | WscModelNumber= 115 | WscSerialNumber= 116 | RadioOn=1 117 | PMFMFPC=0 118 | PMFMFPR=0 119 | PMFSHA256=0 120 | -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/etc/Wireless/RT2870AP/RT2870APCard.dat: -------------------------------------------------------------------------------- 1 | #The word of "Default" must not be removed, maximum 32 cards, 00 ~ 31 2 | Default 3 | 4 | #CARDID, MAC, CARDTYPE 5 | SELECT=CARDTYPE 6 | 7 | 00CARDID=/etc/Wireless/RT2870AP/RT2870AP1.dat 8 | 01CARDID=/etc/Wireless/RT2870AP/RT2870AP2.dat 9 | 02CARDID=/etc/Wireless/RT2870AP/RT2870AP3.dat 10 | 11 | 00MAC00:0E:2E:C3:D0:48=/etc/Wireless/RT2870AP/RT2870AP1.dat 12 | 01MAC00:40:F4:FF:AA:40=/etc/Wireless/RT2870AP/RT2870AP2.dat 13 | 02MAC00:0C:43:10:11:5C=/etc/Wireless/RT2870AP/RT2870AP3.dat 14 | 15 | 00CARDTYPEbgn=/etc/Wireless/RT2870AP/RT2870AP1.dat 16 | 01CARDTYPEbgn=/etc/Wireless/RT2870AP/RT2870AP2.dat 17 | 02CARDTYPEabgn=/etc/Wireless/RT2870AP/RT2870AP3.dat 18 | 19 | 20 | -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/etc/Wireless/RT2870AP/RT2870STA.dat: -------------------------------------------------------------------------------- 1 | #The word of "Default" must not be removed 2 | Default 3 | CountryRegion=5 4 | CountryRegionABand=7 5 | CountryCode= 6 | ChannelGeography=1 7 | SSID=11n-AP 8 | NetworkType=Infra 9 | WirelessMode=9 10 | Channel=0 11 | BeaconPeriod=100 12 | TxPower=100 13 | BGProtection=0 14 | TxPreamble=0 15 | RTSThreshold=2347 16 | FragThreshold=2346 17 | TxBurst=1 18 | PktAggregate=0 19 | WmmCapable=1 20 | AckPolicy=0;0;0;0 21 | AuthMode=OPEN 22 | EncrypType=NONE 23 | WPAPSK= 24 | DefaultKeyID=1 25 | Key1Type=0 26 | Key1Str= 27 | Key2Type=0 28 | Key2Str= 29 | Key3Type=0 30 | Key3Str= 31 | Key4Type=0 32 | Key4Str= 33 | PSMode=CAM 34 | AutoRoaming=0 35 | RoamThreshold=70 36 | APSDCapable=0 37 | APSDAC=0;0;0;0 38 | HT_RDG=1 39 | HT_EXTCHA=0 40 | HT_OpMode=0 41 | HT_MpduDensity=4 42 | HT_BW=1 43 | HT_BADecline=0 44 | HT_AutoBA=1 45 | HT_AMSDU=0 46 | HT_BAWinSize=64 47 | HT_GI=1 48 | HT_MCS=33 49 | HT_MIMOPSMode=3 50 | HT_DisallowTKIP=1 51 | HT_STBC=0 52 | EthConvertMode= 53 | EthCloneMac= 54 | IEEE80211H=0 55 | TGnWifiTest=0 56 | WirelessEvent=0 57 | MeshId=MESH 58 | MeshAutoLink=1 59 | MeshAuthMode=OPEN 60 | MeshEncrypType=NONE 61 | MeshWPAKEY= 62 | MeshDefaultkey=1 63 | MeshWEPKEY= 64 | CarrierDetect=0 65 | AntDiversity=0 66 | BeaconLostTime=4 67 | FtSupport=0 68 | Wapiifname=ra0 69 | WapiPsk= 70 | WapiPskType= 71 | WapiUserCertPath= 72 | WapiAsCertPath= 73 | PSP_XLINK_MODE=0 74 | WscManufacturer= 75 | WscModelName= 76 | WscDeviceName= 77 | WscModelNumber= 78 | WscSerialNumber= 79 | RadioOn=1 80 | WIDIEnable=1 81 | P2P_L2SD_SCAN_TOGGLE=3 82 | Wsc4digitPinCode=0 83 | P2P_WIDIEnable=0 84 | PMFMFPC=0 85 | PMFMFPR=0 86 | PMFSHA256=0 87 | -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/etc/Wireless/RT2870AP/RT2870STACard.dat: -------------------------------------------------------------------------------- 1 | #The word of "Default" must not be removed, maximum 32 cards, 00 ~ 31 2 | Default 3 | 4 | #CARDID, MAC, CARDTYPE 5 | SELECT=CARDTYPE 6 | 7 | 00CARDID=/etc/Wireless/RT2870STA/RT2870STA1.dat 8 | 01CARDID=/etc/Wireless/RT2870STA/RT2870STA2.dat 9 | 02CARDID=/etc/Wireless/RT2870STA/RT2870STA3.dat 10 | 11 | 00MAC00:0E:2E:C3:D0:48=/etc/Wireless/RT2870STA/RT2870STA1.dat 12 | 01MAC00:40:F4:FF:AA:40=/etc/Wireless/RT2870STA/RT2870STA2.dat 13 | 02MAC00:0C:43:10:11:5C=/etc/Wireless/RT2870STA/RT2870STA3.dat 14 | 15 | 00CARDTYPEbgn=/etc/Wireless/RT2870STA/RT2870STA1.dat 16 | 01CARDTYPEbgn=/etc/Wireless/RT2870STA/RT2870STA2.dat 17 | 02CARDTYPEabgn=/etc/Wireless/RT2870STA/RT2870STA3.dat 18 | 19 | 20 | -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/etc/Wireless/RT2870AP/SingleSKU.dat: -------------------------------------------------------------------------------- 1 | # Single SKU Max Power Table 2 | # |CCK 1~11 | | OFDM 6 ~ 54 | | HT20 MCS 0 ~ 15 | | HT40 MCS 0 ~ 15 | 3 | ch1 16 16 16 16 14 14 14 14 14 14 14 14 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 4 | ch2 18 18 18 18 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 5 | ch3 19 19 19 19 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 6 | ch4 19 19 19 19 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 7 | ch5 19 19 19 19 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 18 18 18 18 17 17 17 17 18 18 18 18 17 17 17 17 8 | ch6 19 19 19 19 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 18 18 18 18 17 17 17 17 18 18 18 18 17 17 17 17 9 | ch7 19 19 19 19 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 18 18 18 18 17 17 17 17 18 18 18 18 17 17 17 17 10 | ch8 19 19 19 19 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 19 19 19 19 17 17 17 17 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 11 | ch9 19 19 19 19 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 17 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 | ch10 18 18 18 18 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 13 | ch11 16 16 16 16 14 14 14 14 14 14 14 14 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 14 | ch12 16 16 16 16 14 14 14 14 14 14 14 14 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 15 | ch13 14 14 14 14 14 14 14 14 14 14 14 14 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 13 16 | ch14 14 14 14 14 17 | # End of Single SKU Table -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/etc/modprobe.d/8188eu.conf: -------------------------------------------------------------------------------- 1 | options 8188eu rtw_power_mgnt=0 rtw_enusbss=0 rtw_ips_mode=1 2 | 3 | 4 | -------------------------------------------------------------------------------- /hardware/orangepipc/wifi/firmware/rtlwifi/rtl8188eufw.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/orangepipc/wifi/firmware/rtlwifi/rtl8188eufw.bin -------------------------------------------------------------------------------- /hardware/raspberrypi1/usr/local/bin/cputemp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | vcgencmd measure_temp | sed -e "s/temp=//" | sed -e "s/'C//" 3 | 4 | -------------------------------------------------------------------------------- /hardware/raspberrypi1/wifi/etc/modprobe.d/r8188eu.conf: -------------------------------------------------------------------------------- 1 | options r8188eu rtw_power_mgnt=0 rtw_enusbss=0 rtw_ips_mode=1 2 | 3 | 4 | -------------------------------------------------------------------------------- /hardware/raspberrypi1/wifi/firmware/mt7601u.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/raspberrypi1/wifi/firmware/mt7601u.bin -------------------------------------------------------------------------------- /hardware/raspberrypi1/wifi/firmware/rtlwifi/rtl8188eufw.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/raspberrypi1/wifi/firmware/rtlwifi/rtl8188eufw.bin -------------------------------------------------------------------------------- /hardware/raspberrypi2/usr/local/bin/cputemp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | vcgencmd measure_temp | sed -e "s/temp=//" | sed -e "s/'C//" 3 | 4 | -------------------------------------------------------------------------------- /hardware/raspberrypi2/wifi/etc/modprobe.d/r8188eu.conf: -------------------------------------------------------------------------------- 1 | options r8188eu rtw_power_mgnt=0 rtw_enusbss=0 rtw_ips_mode=1 2 | 3 | 4 | -------------------------------------------------------------------------------- /hardware/raspberrypi2/wifi/firmware/mt7601u.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/raspberrypi2/wifi/firmware/mt7601u.bin -------------------------------------------------------------------------------- /hardware/raspberrypi2/wifi/firmware/rtlwifi/rtl8188eufw.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hardware/raspberrypi2/wifi/firmware/rtlwifi/rtl8188eufw.bin -------------------------------------------------------------------------------- /hardware/raspberrypi3/usr/local/bin/cputemp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | vcgencmd measure_temp | sed -e "s/temp=//" | sed -e "s/'C//" 3 | 4 | -------------------------------------------------------------------------------- /hostapd/hostapd_arm.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hostapd/hostapd_arm.tar.gz -------------------------------------------------------------------------------- /hostapd/hostapd_pi_arm6.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/hostapd/hostapd_pi_arm6.tar.gz -------------------------------------------------------------------------------- /installer.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ "$(id -u)" != 0 ]; then 4 | echo "This script must be run as root" 1>&2 5 | exit 1 6 | fi 7 | 8 | 9 | echo "Starting installer..." 10 | . ./config.inc 11 | 12 | ## 13 | echo "Copying needed scripts to /usr/local/bin..." 14 | chmod a+x ./scripts/usr/local/bin/* 15 | cp ./scripts/usr/local/bin/* /usr/local/bin/ 16 | chmod a+x ./hardware/${HARDWARE}/usr/local/bin/* 17 | cp -r ./hardware/${HARDWARE}/usr/local/bin/* /usr/local/bin/ 18 | 19 | 20 | if [ -f /usr/local/bin/powersave.sh ]; then 21 | echo "Setting powersave script..." 22 | cp ./scripts/etc/systemd/system/powersave-torbox.service /etc/systemd/system/powersave-torbox.service 23 | systemctl daemon-reload 24 | systemctl enable powersave-torbox 25 | fi 26 | 27 | ## 28 | echo "Setting up repositories..." 29 | ./scripts/install/setuprepos.sh 30 | 31 | ## 32 | echo "Installing tor..." 33 | ./scripts/install/torinst.sh 34 | 35 | ## 36 | echo "Installing privoxy..." 37 | ./scripts/install/privoxyinst.sh 38 | 39 | ## 40 | echo "Installing Java 8 for ARM..." 41 | ./scripts/install/java8inst.sh 42 | 43 | 44 | ## 45 | echo "Installing i2p..." 46 | ./scripts/install/i2pinst.sh 47 | 48 | ## 49 | 50 | echo "Installing nescessary hardware modules..." 51 | 52 | KERNEL_VERSION=`uname -r` 53 | 54 | 55 | mkdir /lib/modules/${KERNEL_VERSION}/wifiap 56 | cp ./hardware/${HARDWARE}/${KERNEL_VERSION}/wifi/*.ko /lib/modules/${KERNEL_VERSION}/wifiap 57 | 58 | 59 | if [ ${HARDWARE} = "orangepipc" ]; then 60 | echo "Enabling crypto module" 61 | echo "ss" >>/etc/modules 62 | echo "8188eu" >>/etc/modules 63 | echo "rtutil7601Uap" >>/etc/modules 64 | echo "mt7601Uap" >>/etc/modules 65 | echo "rtnet7601Uap" >>/etc/modules 66 | 67 | echo "Disabling old 8188eu modules" 68 | mkdir /lib/modules-disabled 69 | mv /lib/modules/${KERNEL_VERSION}/kernel/drivers/net/wireless/rtl8188eu /lib/modules-disabled/ 70 | 71 | fi 72 | 73 | 74 | mkdir -p /lib/firmware/rtlwifi 75 | 76 | cp -r ./hardware/${HARDWARE}/wifi/etc/* /etc/ 77 | cp -r ./hardware/${HARDWARE}/wifi/firmware/* /lib/firmware/ 78 | 79 | depmod -a 80 | 81 | echo "Setting up network and access point..." 82 | ./scripts/install/setupnet.sh 83 | 84 | echo "Installing WebGUI..." 85 | ./scripts/install/webuiinst.sh 86 | 87 | 88 | -------------------------------------------------------------------------------- /scripts/etc/hostapd/hostapd-torbox.conf: -------------------------------------------------------------------------------- 1 | # Basic configuration 2 | 3 | interface=wlan0 4 | ssid=orangeBox 5 | channel=4 6 | #bridge=br0 7 | 8 | # WPA and WPA2 configuration 9 | 10 | macaddr_acl=0 11 | auth_algs=1 12 | ignore_broadcast_ssid=0 13 | wpa=3 14 | wpa_passphrase=not4youreyes 15 | wpa_key_mgmt=WPA-PSK 16 | wpa_pairwise=TKIP 17 | rsn_pairwise=CCMP 18 | 19 | # Hardware configuration 20 | 21 | #driver=nl80211 22 | driver=rtl871xdrv 23 | hw_mode=g 24 | ieee80211n=1 25 | 26 | -------------------------------------------------------------------------------- /scripts/etc/systemd/system/hostapd-torbox.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=hostapd-torbox 3 | Wants=network.target 4 | Before=network.target 5 | BindsTo=sys-subsystem-net-devices-wlan0.device 6 | After=sys-subsystem-net-devices-wlan0.device 7 | 8 | [Service] 9 | Type=oneshot 10 | RemainAfterExit=yes 11 | ExecStart=/usr/local/bin/hostapd-torbox -B /etc/hostapd/hostapd-torbox.conf 12 | 13 | 14 | ExecStop=/sbin/ip addr flush dev wlan0 15 | ExecStop=/sbin/ip link set dev wlan0 down 16 | 17 | [Install] 18 | WantedBy=multi-user.target -------------------------------------------------------------------------------- /scripts/etc/systemd/system/i2p-torbox.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=I2P for TorBOX 3 | [Service] 4 | ExecStart=I2PLOCATION/runplain.sh 5 | User=I2PUSER 6 | Group=I2PUSER 7 | Type=forking 8 | 9 | [Install] 10 | WantedBy=multi-user.target 11 | -------------------------------------------------------------------------------- /scripts/etc/systemd/system/powersave-torbox.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Powersave script for TORBox 3 | 4 | [Service] 5 | ExecStart=/usr/local/bin/powersave.sh 6 | 7 | [Install] 8 | WantedBy=default.target -------------------------------------------------------------------------------- /scripts/etc/systemd/system/webui-torbox.service: -------------------------------------------------------------------------------- 1 | [Service] 2 | ExecStart=/usr/bin/node WEBUI_ROOT/bin/www 3 | Restart=always 4 | StandardOutput=syslog 5 | StandardError=syslog 6 | SyslogIdentifier=webui-torbox 7 | User=WEBUI_USER 8 | Group=WEBUI_GROUP 9 | Environment=NODE_ENV=production 10 | 11 | [Install] 12 | WantedBy=multi-user.target -------------------------------------------------------------------------------- /scripts/etc/udev/rules.d/70-persistent-net.rules: -------------------------------------------------------------------------------- 1 | #realtek rename 2 | ACTION=="add", SUBSYSTEM=="net", ATTR{type}=="1", KERNEL=="wlan*", NAME="wlan0" 3 | 4 | #ralink rename 5 | ACTION=="add", SUBSYSTEM=="net", ATTR{type}=="1", KERNEL=="ra*", NAME="wlan0" 6 | -------------------------------------------------------------------------------- /scripts/install/hostapdinst.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . ./config.inc 3 | 4 | echo "Installing hostapd..." 5 | apt-get install -y haveged >/dev/null 6 | 7 | if [ ${HARDWARE} = "orangepi0" ]; then 8 | apt-get -y purge hostapd >/dev/null 9 | fi 10 | 11 | if [ ${HARDWARE} = "raspberrypi1" ]; then 12 | tar -xzvf ./hostapd/hostapd_pi_arm6.tar.gz -C /usr/local/bin 13 | else 14 | tar -xzvf ./hostapd/hostapd_arm.tar.gz -C /usr/local/bin 15 | fi 16 | 17 | 18 | mkdir /etc/hostapd 19 | cp ./scripts/etc/hostapd/hostapd-torbox.conf /etc/hostapd/hostapd-torbox.conf 20 | echo "Applying hostapd conf..." 21 | sed -i "s/ssid=orangeBox/ssid=${SSID_NAME}/" /etc/hostapd/hostapd-torbox.conf 22 | sed -i "s/wpa_passphrase=not4youreyes/wpa_passphrase=${SSID_PASSWORD}/" /etc/hostapd/hostapd-torbox.conf 23 | 24 | if [ ${HARDWARE} = "raspberrypi3" ] || [ ${HARDWARE} = "orangepi0" ]; then 25 | sed -i "s/driver=rtl871xdrv/#driver=rtl871xdrv/" /etc/hostapd/hostapd-torbox.conf 26 | sed -i "s/#driver=nl80211/driver=nl80211/" /etc/hostapd/hostapd-torbox.conf 27 | fi 28 | 29 | echo "Adding to systemd..." 30 | cp ./scripts/etc/systemd/system/hostapd-torbox.service /etc/systemd/system/hostapd-torbox.service 31 | systemctl daemon-reload 32 | systemctl enable hostapd-torbox 33 | 34 | -------------------------------------------------------------------------------- /scripts/install/i2pinst.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . ./config.inc 3 | I2PVERSION=0.9.28 4 | I2PJAR=i2pinstall_${I2PVERSION}.jar 5 | I2PURL=http://download.i2p2.de/releases/${I2PVERSION}/i2pinstall_${I2PVERSION}.jar 6 | 7 | 8 | apt-get -y install unzip expect > /dev/null 9 | wget -t0 -c ${I2PURL} 10 | mkdir ${I2P_LOCATION} 11 | expect </dev/null 5 | 6 | -------------------------------------------------------------------------------- /scripts/install/nodejsinst.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . ./config.inc 3 | 4 | 5 | if [ ${HARDWARE} = "raspberrypi1" ]; then 6 | wget http://node-arm.herokuapp.com/node_latest_armhf.deb 7 | dpkg -i node_latest_armhf.deb 8 | ln -s /usr/local/bin/node /usr/bin/node 9 | ln -s /usr/local/bin/npm /usr/bin/npm 10 | rm -f node_latest_armhf.deb 11 | else 12 | apt-get -y install curl > /dev/null 13 | curl --silent --location https://deb.nodesource.com/setup_6.x | sudo bash - 14 | apt-get -y install nodejs > /dev/null 15 | fi 16 | 17 | -------------------------------------------------------------------------------- /scripts/install/privoxyinst.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | apt-get -y remove privoxy > /dev/null 3 | apt-get -y clean privoxy > /dev/null 4 | apt-get -y install privoxy > /dev/null 5 | echo "Configuring privoxy..." 6 | /etc/init.d/privoxy stop 7 | sed -i 's/listen-address\s.*localhost:8118/listen-address 0.0.0.0:8118/' /etc/privoxy/config 8 | sed -i 's/enable-remote-toggle\s.*0/enable-remote-toggle 1/' /etc/privoxy/config 9 | sed -i 's/enable-edit-actions\s.*0/enable-edit-actions 1/' /etc/privoxy/config 10 | sed -i 's/accept-intercepted-requests\s.*0/accept-intercepted-requests 1/' /etc/privoxy/config 11 | echo "forward-socks4a / 127.0.0.1:9050 .">>/etc/privoxy/config 12 | echo "forward .i2p 127.0.0.1:4444">>/etc/privoxy/config 13 | echo "forward-socks4a .onion 127.0.0.1:9050 .">>/etc/privoxy/config 14 | update-rc.d privoxy defaults 15 | update-rc.d privoxy enable 16 | /etc/init.d/privoxy start 17 | -------------------------------------------------------------------------------- /scripts/install/setupnet.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . ./config.inc 3 | echo "Setting up network..." 4 | 5 | 6 | echo "Setting network rules to rename all wireless interfaces to wlan0..." 7 | 8 | cp ./scripts/etc/udev/rules.d/70-persistent-net.rules /etc/udev/rules.d/70-persistent-net.rules 9 | 10 | if [ ${HARDWARE} = "raspberrypi3" ]; then 11 | apt-get -y install firmware-brcm80211 >/dev/null 12 | fi 13 | 14 | echo "Setting wlan0 interface..." 15 | WLANFILE="/etc/network/interfaces.d/wlan0" 16 | 17 | if [ ${HARDWARE} = "orangepi0" ]; then 18 | ###Armbian workaround 19 | WLANFILE="/etc/network/interfaces" 20 | fi 21 | echo "##wlan0 autoadded by torbox installer" >>${WLANFILE} 22 | echo "auto wlan0" >>${WLANFILE} 23 | echo "iface wlan0 inet static" >>${WLANFILE} 24 | echo " address $IP_ADDRESS" >>${WLANFILE} 25 | echo " netmask $IP_NETMASK" >>${WLANFILE} 26 | echo " network $IP_NETWORK" >>${WLANFILE} 27 | echo " broadcast $IP_BROADCAST" >>${WLANFILE} 28 | 29 | 30 | apt-get -y install iptables > /dev/null 31 | apt-get -y remove dnsmasq > /dev/null 32 | apt-get -y purge dnsmasq > /dev/null 33 | apt-get -y install dnsmasq > /dev/null 34 | 35 | echo "Applying dnsmasq conf rules..." 36 | echo " " >>/etc/dnsmasq.conf 37 | echo "interface=wlan0" >> /etc/dnsmasq.conf 38 | echo "dhcp-range=${DHCP_RANGE}" >> /etc/dnsmasq.conf 39 | echo "address=${HOSTADDR}" >> /etc/dnsmasq.conf 40 | 41 | echo "Setting script to start AP..." 42 | 43 | ln -s /usr/local/bin/ap.sh /etc/network/if-up.d/ap 44 | 45 | echo "Setting SSID info to the mediatek driver" 46 | 47 | if [ -f /etc/Wireless/RT2870AP/RT2870AP.dat ]; then 48 | sed -i "s/SSID=orangeBox/SSID=${SSID_NAME}/" /etc/Wireless/RT2870AP/RT2870AP.dat 49 | sed -i "s/WPAPSK=not4youreyes/WPAPSK=${SSID_PASSWORD}/" /etc/Wireless/RT2870AP/RT2870AP.dat 50 | fi 51 | 52 | 53 | echo "Installing arm verison of hostapd..." 54 | ./scripts/install/hostapdinst.sh 55 | -------------------------------------------------------------------------------- /scripts/install/setuprepos.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . ./config.inc 3 | 4 | ## 5 | echo "Install TOR repos..." 6 | 7 | if [ ${USE_STOCK_TOR} = "1" ]; then 8 | #### This part is for installing stock tor 9 | echo "For stock tor..." 10 | rm /etc/apt/sources.list.d/tor-repo.list 11 | 12 | else 13 | ####This part is for installing from tor offical repo. 14 | echo "For torproject repo..." 15 | echo "deb http://deb.torproject.org/torproject.org jessie main" | tee /etc/apt/sources.list.d/tor-repo.list 16 | echo "deb-src http://deb.torproject.org/torproject.org jessie main" | tee -a /etc/apt/sources.list.d/tor-repo.list 17 | gpg --keyserver keys.gnupg.net --recv 886DDD89 18 | gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add - 19 | fi 20 | 21 | echo "Install Java8 repos..." 22 | 23 | echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee /etc/apt/sources.list.d/webupd8team-java.list 24 | echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee -a /etc/apt/sources.list.d/webupd8team-java.list 25 | apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys EEA14886 >/dev/null 26 | 27 | apt-get update -y > /dev/null 28 | -------------------------------------------------------------------------------- /scripts/install/torinst.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . ./config.inc 3 | apt-get -y remove tor > /dev/null 4 | apt-get -y remove torsocks > /dev/null 5 | apt-get -y purge tor > /dev/null 6 | apt-get -y remove deb.torproject.org-keyring > /dev/null 7 | apt-get -y purge deb.torproject.org-keyring > /dev/null 8 | 9 | if [ ${USE_STOCK_TOR} = "1" ]; then 10 | #### This part is for installing stock tor 11 | echo "Installing stock tor..." 12 | apt-get -y install tor > /dev/null 13 | else 14 | ####This part is for installing from tor offical repo. 15 | echo "Installing tor from torproject repo..." 16 | apt-get -y install tor deb.torproject.org-keyring > /dev/null 17 | fi 18 | 19 | 20 | 21 | 22 | 23 | /etc/init.d/tor stop 24 | 25 | echo "Configuring tor..." 26 | 27 | echo "Log notice syslog" >>/etc/tor/torrc 28 | echo "VirtualAddrNetworkIPv4 10.192.0.0/10" >>/etc/tor/torrc 29 | echo "AutomapHostsOnResolve 1" >>/etc/tor/torrc 30 | echo "TransPort 9040" >>/etc/tor/torrc 31 | echo "DNSPort 9053" >>/etc/tor/torrc 32 | echo "CircuitBuildTimeout 30" >>/etc/tor/torrc 33 | echo "KeepAlivePeriod 60" >>/etc/tor/torrc 34 | echo "NewCircuitPeriod 15" >>/etc/tor/torrc 35 | echo "NumEntryGuards 8" >>/etc/tor/torrc 36 | echo "ConstrainedSockets 1" >>/etc/tor/torrc 37 | echo "ConstrainedSockSize 8192" >>/etc/tor/torrc 38 | echo "AvoidDiskWrites 1" >>/etc/tor/torrc 39 | echo "DNSListenAddress 0.0.0.0" >>/etc/tor/torrc 40 | 41 | echo "TransListenAddress 0.0.0.0" >>/etc/tor/torrc 42 | 43 | update-rc.d tor enable 44 | /etc/init.d/tor start 45 | -------------------------------------------------------------------------------- /scripts/install/webuiinst.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . ./config.inc 3 | ./scripts/install/nodejsinst.sh 4 | 5 | echo "Installing sudo..." 6 | apt-get -y install sudo > /dev/null 7 | 8 | echo "Adding user ${WEBUI_USER} to system and adding it to sudoers..." 9 | useradd ${WEBUI_USER} -s /bin/false 10 | 11 | echo " " >>/etc/sudoers 12 | 13 | echo "${WEBUI_USER} ALL = (root) NOPASSWD: /sbin/shutdown" >>/etc/sudoers 14 | echo "${WEBUI_USER} ALL = (root) NOPASSWD: /usr/local/bin/all_tor.sh" >>/etc/sudoers 15 | echo "${WEBUI_USER} ALL = (root) NOPASSWD: /usr/local/bin/cputemp.sh" >>/etc/sudoers 16 | echo "${WEBUI_USER} ALL = (root) NOPASSWD: /etc/init.d/i2p" >>/etc/sudoers 17 | echo "${WEBUI_USER} ALL = (root) NOPASSWD: /usr/local/bin/sysctl_i2p.sh" >>/etc/sudoers 18 | 19 | mkdir ${WEBUI_LOCATION} 20 | 21 | echo "Copying Web UI script to location..." 22 | 23 | cp -r ./webui/* ${WEBUI_LOCATION} 24 | 25 | 26 | CURRENTDIR=`pwd` 27 | 28 | cd ${WEBUI_LOCATION} 29 | 30 | npm install 31 | 32 | cd $CURRENTDIR 33 | 34 | chown -R ${WEBUI_USER}:${WEBUI_USER} ${WEBUI_LOCATION} 35 | 36 | echo "Enabling webui" 37 | 38 | cp ./scripts/etc/systemd/system/webui-torbox.service /etc/systemd/system/webui-torbox.service 39 | 40 | echo "Applying settings to webui script" 41 | sed -i "s~WEBUI_ROOT~${WEBUI_LOCATION}~" /etc/systemd/system/webui-torbox.service 42 | sed -i "s/WEBUI_GROUP/${WEBUI_USER}/" /etc/systemd/system/webui-torbox.service 43 | sed -i "s/WEBUI_USER/${WEBUI_USER}/" /etc/systemd/system/webui-torbox.service 44 | 45 | 46 | systemctl daemon-reload 47 | systemctl enable webui-torbox 48 | systemctl start webui-torbox 49 | sync 50 | 51 | 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /scripts/usr/local/bin/all_tor.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | IPTABLES=/sbin/iptables 4 | LAN=wlan0 5 | WAN=eth0 6 | 7 | firewall_pass () 8 | { 9 | echo "Applying pass-through firewall rules..." 10 | $IPTABLES -t nat -A PREROUTING -i $LAN -p tcp --dport 8118 -j REDIRECT --to-port 8118 11 | $IPTABLES -t nat -A PREROUTING -i $LAN -p tcp --dport 7657 -j REDIRECT --to-ports 7657 12 | $IPTABLES -t nat -A PREROUTING -i $LAN -p tcp --dport 22 -j REDIRECT --to-ports 22 13 | $IPTABLES -t nat -A PREROUTING -i $LAN -p tcp --dport 3000 -j REDIRECT --to-ports 3000 14 | } 15 | 16 | firewall_tor () 17 | { 18 | echo "Applying tor firewall rules..." 19 | $IPTABLES -t nat -A PREROUTING -i $LAN -p udp --dport 53 -j REDIRECT --to-ports 9053 20 | $IPTABLES -t nat -A PREROUTING -i $LAN -p tcp --syn -j REDIRECT --to-ports 9040 21 | } 22 | 23 | firewall_privoxy () 24 | { 25 | echo "Applying privoxy firewall rules..." 26 | $IPTABLES -t nat -A PREROUTING -i $LAN -p tcp --dport 80 -j REDIRECT --to-port 8118 27 | } 28 | 29 | firewall_incoming () 30 | { 31 | echo "Blocking incoming connections..." 32 | $IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 33 | $IPTABLES -A INPUT -i $WAN -j DROP 34 | } 35 | 36 | 37 | /usr/local/bin/clean_firewall.sh 38 | /sbin/sysctl -w net.ipv4.ip_forward=1 39 | firewall_pass 40 | 41 | MODE="${1}" 42 | 43 | case $MODE in 44 | tor) 45 | firewall_tor 46 | echo "TOR" >/run/apmode 47 | echo "TOR mode enabled..." 48 | ;; 49 | privoxy) 50 | firewall_privoxy 51 | firewall_tor 52 | echo "PRIVOXY" >/run/apmode 53 | echo "Privoxy mode enabled..." 54 | ;; 55 | direct) 56 | masquerade.sh $LAN $WAN 57 | echo "DIRECT" >/run/apmode 58 | echo "Direct mode enabled..." 59 | ;; 60 | *) echo "Usage: all_tor.sh tor|privoxy|direct" 61 | ;; 62 | esac 63 | 64 | 65 | 66 | -------------------------------------------------------------------------------- /scripts/usr/local/bin/ap.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | wireless=`cat /sys/class/net/wlan0/operstate` 3 | wired=`cat /sys/class/net/eth0/operstate` 4 | if [ "$wireless" != "down" ] || [ "$wired" = "up" ]; then 5 | /usr/local/bin/start_ap.sh 6 | fi 7 | -------------------------------------------------------------------------------- /scripts/usr/local/bin/clean_firewall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | IPTABLES=/sbin/iptables 3 | $IPTABLES -F 4 | $IPTABLES -X 5 | $IPTABLES -t nat -F 6 | $IPTABLES -t nat -X 7 | $IPTABLES -t mangle -F 8 | $IPTABLES -t mangle -X 9 | $IPTABLES -t raw -F 10 | $IPTABLES -t raw -X 11 | $IPTABLES -P INPUT ACCEPT 12 | $IPTABLES -P FORWARD ACCEPT 13 | $IPTABLES -P OUTPUT ACCEPT 14 | 15 | -------------------------------------------------------------------------------- /scripts/usr/local/bin/masquerade.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ "$#" -ne 2 ]; then 4 | echo "Usage: $0 wlan0(local) eth0(internet)" >&2 5 | exit 1 6 | fi 7 | 8 | /usr/local/bin/clean_firewall.sh 9 | 10 | IPTABLES=/sbin/iptables 11 | $IPTABLES --table nat --append POSTROUTING --out-interface $2 -j MASQUERADE 12 | $IPTABLES --append FORWARD --in-interface $1 -j ACCEPT 13 | $IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 14 | $IPTABLES -A INPUT -i $2 -j DROP 15 | /sbin/sysctl -w net.ipv4.ip_forward=1 16 | 17 | -------------------------------------------------------------------------------- /scripts/usr/local/bin/start_ap.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | /usr/local/bin/masquerade.sh wlan0 eth0 3 | /usr/local/bin/all_tor.sh direct 4 | touch /var/log/ap.log 5 | DATE=`date` 6 | echo "$DATE Access point started..." >/run/ap_stamp.log 7 | 8 | -------------------------------------------------------------------------------- /scripts/usr/local/bin/sysctl_i2p.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | systemctl $1 i2p-torbox 3 | -------------------------------------------------------------------------------- /webui/_startapp.bat: -------------------------------------------------------------------------------- 1 | set DEBUG=webui:* & npm start 2 | -------------------------------------------------------------------------------- /webui/app.js: -------------------------------------------------------------------------------- 1 | var express = require('express'); 2 | var path = require('path'); 3 | var favicon = require('serve-favicon'); 4 | var logger = require('morgan'); 5 | var cookieParser = require('cookie-parser'); 6 | var bodyParser = require('body-parser'); 7 | var basicAuth = require('basic-auth-connect'); 8 | 9 | 10 | var routes = require('./routes/index'); 11 | var mode = require('./routes/mode'); 12 | var system = require('./routes/system'); 13 | var i2p = require('./routes/i2p'); 14 | 15 | var app = express(); 16 | 17 | // view engine setup 18 | app.set('views', path.join(__dirname, 'views')); 19 | app.set('view engine', 'pug'); 20 | 21 | // uncomment after placing your favicon in /public 22 | //app.use(favicon(path.join(__dirname, 'public', 'favicon.ico'))); 23 | var user=require("./config/user.json"); 24 | app.use(basicAuth(user.username, user.password)); //TODO - Init from json 25 | app.use(logger('dev')); 26 | app.use(bodyParser.json()); 27 | app.use(bodyParser.urlencoded({ extended: false })); 28 | app.use(cookieParser()); 29 | app.use(express.static(path.join(__dirname, 'public'))); 30 | 31 | app.use('/', routes); 32 | app.use('/mode', mode); 33 | app.use('/system', system); 34 | app.use('/i2p', i2p); 35 | 36 | // catch 404 and forward to error handler 37 | app.use(function(req, res, next) { 38 | var err = new Error('Not Found'); 39 | err.status = 404; 40 | next(err); 41 | }); 42 | 43 | // error handlers 44 | 45 | // development error handler 46 | // will print stacktrace 47 | if (app.get('env') === 'development') { 48 | app.use(function(err, req, res, next) { 49 | res.status(err.status || 500); 50 | res.render('error', { 51 | message: err.message, 52 | error: err 53 | }); 54 | }); 55 | } 56 | 57 | // production error handler 58 | // no stacktraces leaked to user 59 | app.use(function(err, req, res, next) { 60 | res.status(err.status || 500); 61 | res.render('error', { 62 | message: err.message, 63 | error: {} 64 | }); 65 | }); 66 | 67 | 68 | module.exports = app; 69 | -------------------------------------------------------------------------------- /webui/bin/www: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env node 2 | 3 | /** 4 | * Module dependencies. 5 | */ 6 | 7 | var app = require('../app'); 8 | var debug = require('debug')('webui:server'); 9 | var http = require('http'); 10 | 11 | /** 12 | * Get port from environment and store in Express. 13 | */ 14 | 15 | var port = normalizePort(process.env.PORT || '3000'); 16 | app.set('port', port); 17 | 18 | /** 19 | * Create HTTP server. 20 | */ 21 | 22 | var server = http.createServer(app); 23 | 24 | /** 25 | * Listen on provided port, on all network interfaces. 26 | */ 27 | 28 | server.listen(port); 29 | server.on('error', onError); 30 | server.on('listening', onListening); 31 | 32 | /** 33 | * Normalize a port into a number, string, or false. 34 | */ 35 | 36 | function normalizePort(val) { 37 | var port = parseInt(val, 10); 38 | 39 | if (isNaN(port)) { 40 | // named pipe 41 | return val; 42 | } 43 | 44 | if (port >= 0) { 45 | // port number 46 | return port; 47 | } 48 | 49 | return false; 50 | } 51 | 52 | /** 53 | * Event listener for HTTP server "error" event. 54 | */ 55 | 56 | function onError(error) { 57 | if (error.syscall !== 'listen') { 58 | throw error; 59 | } 60 | 61 | var bind = typeof port === 'string' 62 | ? 'Pipe ' + port 63 | : 'Port ' + port; 64 | 65 | // handle specific listen errors with friendly messages 66 | switch (error.code) { 67 | case 'EACCES': 68 | console.error(bind + ' requires elevated privileges'); 69 | process.exit(1); 70 | break; 71 | case 'EADDRINUSE': 72 | console.error(bind + ' is already in use'); 73 | process.exit(1); 74 | break; 75 | default: 76 | throw error; 77 | } 78 | } 79 | 80 | /** 81 | * Event listener for HTTP server "listening" event. 82 | */ 83 | 84 | function onListening() { 85 | var addr = server.address(); 86 | var bind = typeof addr === 'string' 87 | ? 'pipe ' + addr 88 | : 'port ' + addr.port; 89 | debug('Listening on ' + bind); 90 | } 91 | -------------------------------------------------------------------------------- /webui/config/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "strStatusFile": "/run/apmode", 3 | "strWrapper": "sudo", 4 | "strCommand": "/usr/local/bin/all_tor.sh", 5 | "strReboot": "/sbin/shutdown -r now", 6 | "strShutdown": "/sbin/shutdown -h now", 7 | "strTemperature": "/usr/local/bin/cputemp.sh", 8 | "strI2PCtl": "/usr/local/bin/sysctl_i2p.sh" 9 | } 10 | -------------------------------------------------------------------------------- /webui/config/user.json: -------------------------------------------------------------------------------- 1 | {"username":"orangepi","password":"orangepi"} -------------------------------------------------------------------------------- /webui/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "webui", 3 | "version": "0.2.0", 4 | "private": true, 5 | "scripts": { 6 | "start": "node ./bin/www" 7 | }, 8 | "dependencies": { 9 | "body-parser": "~1.15.0", 10 | "cookie-parser": "~1.4.1", 11 | "debug": "~2.2.0", 12 | "express": "~4.13.4", 13 | "pug": "~2.0.0-alpha6", 14 | "morgan": "~1.7.0", 15 | "serve-favicon": "~2.3.0", 16 | "basic-auth-connect": "~1.0.0" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /webui/public/images/.delme: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/webui/public/images/.delme -------------------------------------------------------------------------------- /webui/public/javascripts/.delme: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/znoxx/torbox/49161913350a76bf23956d8a433f344aa765765f/webui/public/javascripts/.delme -------------------------------------------------------------------------------- /webui/public/stylesheets/style.css: -------------------------------------------------------------------------------- 1 | body { 2 | padding: 50px; 3 | font: 14px "Lucida Grande", Helvetica, Arial, sans-serif; 4 | } 5 | 6 | a { 7 | color: #00B7FF; 8 | } 9 | label, legend { 10 | display: block; 11 | margin-bottom: 10px; 12 | } 13 | 14 | input[type="submit"] { 15 | display: inline-block; 16 | } 17 | 18 | input[type="password"] { 19 | display: block; 20 | } 21 | 22 | fieldset { 23 | margin-bottom: 20px; 24 | border: 0; 25 | } 26 | 27 | li { 28 | margin: 1em 0; 29 | } 30 | 31 | .tg {border-collapse:collapse;border-spacing:0;} 32 | .tg td{padding:10px 5px;border-style:solid;border-width:1px;overflow:hidden;word-break:normal;} 33 | .tg th{padding:10px 5px;border-style:solid;border-width:1px;overflow:hidden;word-break:normal;} 34 | .tg .tg-yw4l{vertical-align:top} -------------------------------------------------------------------------------- /webui/routes/i2p.js: -------------------------------------------------------------------------------- 1 | var express = require('express'); 2 | var functions = require('./lib/functions.js'); 3 | var router = express.Router(); 4 | 5 | router.get('/', function(req, res, next) { 6 | var strStatus; 7 | try 8 | { 9 | res.render('i2p', { title: 'Select i2p action'}); 10 | } 11 | catch(e) 12 | { 13 | var strError = e.toString(); 14 | res.render('xerror', { message: 'Error occured', description: strError+"\nReboot the device. If error persists, please fix it via SSH"}); 15 | } 16 | 17 | }); 18 | 19 | router.post('/', function(req, res, next) { 20 | console.log(req.body.i2p); 21 | try 22 | { 23 | var result = functions.i2pAction(req.body.i2p); 24 | res.render('xresult', { title: 'Operation status', message: result }); 25 | } 26 | catch(e) 27 | { 28 | var strError = e.toString(); 29 | res.render('xerror', { message: 'Error occured',description: strError}); 30 | } 31 | }); 32 | 33 | 34 | module.exports = router; 35 | -------------------------------------------------------------------------------- /webui/routes/index.js: -------------------------------------------------------------------------------- 1 | var express = require('express'); 2 | var router = express.Router(); 3 | 4 | /* GET home page. */ 5 | router.get('/', function(req, res, next) { 6 | res.render('index', { title: 'TOR Middlebox' }); 7 | }); 8 | 9 | module.exports = router; 10 | -------------------------------------------------------------------------------- /webui/routes/lib/functions.js: -------------------------------------------------------------------------------- 1 | //globals 2 | 3 | var path = require('path'); 4 | var config_path=path.join(__dirname,'../../config/config.json'); 5 | var config=require(config_path); 6 | 7 | 8 | this.readStatus = function() 9 | { 10 | var res; 11 | var fs=require('fs'); 12 | res = fs.readFileSync(config.strStatusFile, 'utf8'); 13 | if (res.match("TOR")) 14 | return "TOR"; 15 | if (res.match("PRIVOXY")) 16 | return "PRIVOXY"; 17 | if (res.match("DIRECT")) 18 | return "DIRECT"; 19 | 20 | return "ERROR"; 21 | } 22 | 23 | this.switchMode = function(modeNew) 24 | { 25 | 26 | var execSync = require('child_process').execSync; 27 | script = execSync(config.strWrapper+" "+config.strCommand+" "+modeNew.toLowerCase()); 28 | console.log("Called switchMode with parameter: ",modeNew); 29 | return script 30 | 31 | 32 | } 33 | 34 | this.changePassword = function(oldPass,newPass,confirmPass) 35 | { 36 | path = require('path'); 37 | var pathToPass =path.join(__dirname,'../../config/user.json'); 38 | var user=require(pathToPass); 39 | if (oldPass!=user.password) 40 | { 41 | throw "Wrong password!"; 42 | } 43 | 44 | if (!isAscii(newPass)) 45 | { 46 | throw "Password should contain only ASCII symbols" 47 | } 48 | 49 | if (newPass!=confirmPass) 50 | { 51 | throw "Passwords do not match!"; 52 | } 53 | 54 | user.password=newPass; 55 | var fs = require('fs'); 56 | var toFile = JSON.stringify(user); 57 | console.log(user); 58 | fs.truncateSync(pathToPass,0); 59 | fs.writeFileSync(pathToPass,toFile,"UTF-8",{'flags': 'w+'}); 60 | 61 | } 62 | 63 | this.reboot = function() 64 | { 65 | 66 | var execSync = require('child_process').execSync; 67 | var reboot = execSync(config.strWrapper+" "+config.strReboot); 68 | console.log("Called reboot..."); 69 | 70 | } 71 | 72 | this.shutdown = function() 73 | { 74 | 75 | var execSync = require('child_process').execSync; 76 | var shutdown = execSync(config.strWrapper+" "+config.strShutdown); 77 | console.log("Called shutdown..."); 78 | 79 | } 80 | 81 | this.sysInfo = function() 82 | { 83 | 84 | var os = require('os'); 85 | var ifaces = os.networkInterfaces(); 86 | var interfaces=[]; 87 | 88 | //collecting interfaces 89 | Object.keys(ifaces).forEach(function (ifname) { 90 | 91 | 92 | ifaces[ifname].forEach(function (iface) { 93 | if ('IPv4' !== iface.family || iface.internal !== false) { 94 | // skip over internal (i.e. 127.0.0.1) and non-ipv4 addresses 95 | return; 96 | } 97 | var single_interface = 98 | { 99 | name:ifname, 100 | address:iface.address, 101 | netmask:iface.netmask, 102 | mac:iface.mac, 103 | } 104 | interfaces.push(single_interface); 105 | }); 106 | }); 107 | 108 | 109 | var temperature = "Not supported "; 110 | if (doesExist(config.strTemperature)) 111 | { 112 | var execSync = require('child_process').execSync; 113 | temperature = execSync(config.strWrapper+" "+config.strTemperature); 114 | } 115 | 116 | 117 | var system_info = { 118 | 119 | network : interfaces, 120 | ram : os.freemem()/1024, 121 | systemLoad : os.loadavg(), 122 | hostName : os.hostname(), 123 | platform : os.platform(), 124 | arch : os.arch(), 125 | release: os.release(), 126 | cpuCount : os.cpus().length, 127 | cpuTemp : temperature 128 | 129 | }; 130 | 131 | 132 | return system_info; 133 | 134 | } 135 | 136 | function isAscii(text) 137 | { 138 | var ascii=/^[ -~\t\n\r]+$/; 139 | 140 | if(ascii.test(text)) 141 | return true; 142 | 143 | return false; 144 | } 145 | 146 | function doesExist(path) { 147 | var fs=require('fs'); 148 | try { 149 | fs.statSync(path) 150 | return true 151 | } catch(err) { 152 | return !(err && err.code === 'ENOENT'); 153 | } 154 | } 155 | 156 | this.i2pAction = function(i2p) 157 | { 158 | 159 | var execSync = require('child_process').execSync; 160 | script = execSync(config.strWrapper+" "+config.strI2PCtl+" "+i2p.toLowerCase()); 161 | return "Command successfully passed to system"; 162 | 163 | } 164 | 165 | -------------------------------------------------------------------------------- /webui/routes/mode.js: -------------------------------------------------------------------------------- 1 | var express = require('express'); 2 | var functions = require('./lib/functions.js'); 3 | var router = express.Router(); 4 | 5 | /* GET users listing. */ 6 | router.get('/', function(req, res, next) { 7 | var strStatus; 8 | try 9 | { 10 | strStatus = functions.readStatus(); 11 | res.render('mode', { title: 'Select operation mode', status: strStatus }); 12 | } 13 | catch(e) 14 | { 15 | var strError = e.toString(); 16 | res.render('xerror', { message: 'Error occured', description: strError+"\nReboot the device. If error persists, please fix it via SSH"}); 17 | } 18 | 19 | }); 20 | 21 | router.post('/', function(req, res, next) { 22 | console.log(req.body.mode); 23 | try 24 | { 25 | var result = functions.switchMode(req.body.mode); 26 | res.render('xresult', { title: 'Operation status', message: 'Current operation mode is '+req.body.mode }); 27 | } 28 | catch(e) 29 | { 30 | var strError = e.toString(); 31 | res.render('xerror', { message: 'Error occured',description: strError}); 32 | } 33 | }); 34 | 35 | 36 | module.exports = router; 37 | -------------------------------------------------------------------------------- /webui/routes/system.js: -------------------------------------------------------------------------------- 1 | var express = require('express'); 2 | var router = express.Router(); 3 | 4 | var functions = require('./lib/functions.js'); 5 | 6 | /* GET home page. */ 7 | router.get('/', function(req, res, next) { 8 | res.render('system', { title: 'System' }); 9 | }); 10 | /* GET password change. */ 11 | router.get('/access', function(req, res, next) { 12 | res.render('access', { title: 'Change password', message: 'Enter current password, new password and confirmation' }); 13 | }); 14 | /* POST password change. */ 15 | router.post('/access', function(req, res, next) { 16 | try 17 | { 18 | var result = functions.changePassword(req.body.current_password, req.body.new_password,req.body.confirm_password); 19 | res.render('xresult', { title: 'Password successfully changed', message: 'Reboot device to take effect' }); 20 | } 21 | catch(e) 22 | { 23 | var strError = e.toString(); 24 | res.render('xerror', { message: "Error occured", description: strError}); 25 | } 26 | }); 27 | 28 | /* GET reboot. */ 29 | router.get('/reboot', function(req, res, next) { 30 | res.render('reboot', { title: 'Reboot system', message: 'Press button to reboot system' }); 31 | }); 32 | /* POST reboot. */ 33 | router.post('/reboot', function(req, res, next) { 34 | try 35 | { 36 | setInterval(function(){ 37 | functions.reboot(); 38 | },10000); 39 | res.render('xresult', { title: 'Reboot', message: 'Reboot in progress...' }); 40 | } 41 | catch(e) 42 | { 43 | var strError = e.toString(); 44 | res.render('xerror', { message: "Error occured", description: strError}); 45 | } 46 | }); 47 | 48 | 49 | /* GET shutdown. */ 50 | router.get('/shutdown', function(req, res, next) { 51 | res.render('shutdown', { title: 'Shutdown system', message: 'Press button to shutdown system' }); 52 | }); 53 | /* POST shutdown. */ 54 | router.post('/shutdown', function(req, res, next) { 55 | try 56 | { 57 | setInterval(function(){ 58 | functions.shutdown(); 59 | },10000); 60 | res.render('xresult', { title: 'Shutdown', message: 'Shutdown in progress...' }); 61 | } 62 | catch(e) 63 | { 64 | var strError = e.toString(); 65 | res.render('xerror', { message: "Error occured", description: strError}); 66 | } 67 | }); 68 | 69 | /* GET sysinfo. */ 70 | router.get('/info', function(req, res, next) { 71 | res.render('info', { title: 'System info', sysinfo: functions.sysInfo() }); 72 | }); 73 | 74 | 75 | 76 | module.exports = router; 77 | -------------------------------------------------------------------------------- /webui/views/access.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | if message 6 | h2= message 7 | form(name="access", action="/system/access", method="post") 8 | fieldset 9 | label(for="current_password") 10 | span Current password 11 | input(type="password", name="current_password", required="required") 12 | 13 | label(for="new_password") 14 | span New password 15 | input(type="password", name="new_password", required="required") 16 | 17 | label(for="confirm_password") 18 | span Confirm password 19 | input(type="password", name="confirm_password", required="required") 20 | 21 | fieldset 22 | input(type="submit", value="Apply") 23 | br 24 | a(href="/") Main page 25 | -------------------------------------------------------------------------------- /webui/views/error.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= message 5 | h2= error.status 6 | pre #{error.stack} 7 | -------------------------------------------------------------------------------- /webui/views/i2p.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | if message 6 | h2= message 7 | form(name="i2p", action="/i2p", method="post") 8 | fieldset 9 | label(for="restart") 10 | input(type="radio", name="i2p", value="restart" checked=1) 11 | span (re)Start i2p 12 | label(for="stop") 13 | input(type="radio", name="i2p", value="stop" checked=0) 14 | span Stop i2p 15 | fieldset 16 | input(type="submit", value="Select") 17 | br 18 | a(href="/") Main page 19 | 20 | -------------------------------------------------------------------------------- /webui/views/index.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | p Choose your setting 6 | ul#options 7 | li 8 | a(href="/mode") Mode selection 9 | li 10 | a(href="/i2p") I2P settings 11 | li 12 | a(href="/system") System settings 13 | 14 | -------------------------------------------------------------------------------- /webui/views/info.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | h2 System Temperature: #{sysinfo.cpuTemp}C 6 | h2 Host 7 | 8 | table(class="tg") 9 | tr 10 | th(class="tg-yw41") Name 11 | th(class="tg-yw41") Platform 12 | th(class="tg-yw41") Release 13 | th(class="tg-yw41") Architecture 14 | tr 15 | td(class="tg-yw41")= sysinfo.hostName 16 | td(class="tg-yw41")= sysinfo.platform 17 | td(class="tg-yw41")= sysinfo.release 18 | td(class="tg-yw41")= sysinfo.arch 19 | 20 | h2 Resources 21 | table(class="tg") 22 | tr 23 | th(class="tg-yw41") RAM Free (Kb) 24 | th(class="tg-yw41") Load 1 minute 25 | th(class="tg-yw41") Load 5 minutes 26 | th(class="tg-yw41") Load 15 minutes 27 | tr 28 | td(class="tg-yw41")= sysinfo.ram 29 | td(class="tg-yw41")= sysinfo.systemLoad[0] 30 | td(class="tg-yw41")= sysinfo.systemLoad[1] 31 | td(class="tg-yw41")= sysinfo.systemLoad[2] 32 | 33 | h2 Network 34 | table(class="tg") 35 | tr 36 | th(class="tg-yw41") Interface 37 | th(class="tg-yw41") Address 38 | th(class="tg-yw41") Netmask 39 | th(class="tg-yw41") Mac 40 | for network in sysinfo.network 41 | tr 42 | td(class="tg-yw41")= network.name 43 | td(class="tg-yw41")= network.address 44 | td(class="tg-yw41")= network.netmask 45 | td(class="tg-yw41")= network.mac 46 | 47 | br 48 | a(href="/") Main page 49 | -------------------------------------------------------------------------------- /webui/views/layout.pug: -------------------------------------------------------------------------------- 1 | doctype html 2 | html 3 | head 4 | title= title 5 | link(rel='stylesheet', href='/stylesheets/style.css') 6 | body 7 | block content 8 | -------------------------------------------------------------------------------- /webui/views/mode.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | if message 6 | h2= message 7 | form(name="modeswitch", action="/mode", method="post") 8 | fieldset 9 | label(for="TOR") 10 | input(type="radio", name="mode", value="TOR" checked=status=="TOR") 11 | span TOR 12 | label(for="PRIVOXY") 13 | input(type="radio", name="mode", value="PRIVOXY" checked=status=="PRIVOXY") 14 | span Privoxy 15 | label(for="DIRECT") 16 | input(type="radio", name="mode", value="DIRECT" checked=status=="DIRECT") 17 | span Direct (No TOR/Privoxy) 18 | fieldset 19 | input(type="submit", value="Select") 20 | br 21 | a(href="/") Main page 22 | 23 | -------------------------------------------------------------------------------- /webui/views/reboot.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | if message 6 | h2= message 7 | form(name="reboot", action="/system/reboot", method="post") 8 | input(type="submit", value="Reboot") 9 | br 10 | a(href="/") Main page 11 | -------------------------------------------------------------------------------- /webui/views/shutdown.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | if message 6 | h2= message 7 | form(name="shutdown", action="/system/shutdown", method="post") 8 | input(type="submit", value="Shutdown") 9 | br 10 | a(href="/") Main page 11 | -------------------------------------------------------------------------------- /webui/views/system.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | p Select an action 6 | ul#options 7 | li 8 | a(href="/system/info") System info 9 | li 10 | a(href="/system/access") Change WEBUI password 11 | li 12 | a(href="/system/reboot") Reboot 13 | li 14 | a(href="/system/shutdown") Shutdown 15 | br 16 | a(href="/") Main page 17 | 18 | -------------------------------------------------------------------------------- /webui/views/xerror.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= message 5 | if description 6 | pre #{description} 7 | if !description 8 | h2 Reboot the device. If error persists, please fix it via SSH. 9 | br 10 | a(href="/") Main page 11 | -------------------------------------------------------------------------------- /webui/views/xresult.pug: -------------------------------------------------------------------------------- 1 | extends layout 2 | 3 | block content 4 | h1= title 5 | if message 6 | h2= message 7 | br 8 | a(href="/") Main page 9 | 10 | --------------------------------------------------------------------------------