LoveIsGrief
29d8d5c945
We only want i2p to create a tunnel to the requested host on i2p. There's no need to modify any other packets at the moment #1 - Forward using iptables, pr0xy and custom DNS
50 lines
1.3 KiB
Bash
50 lines
1.3 KiB
Bash
#!/bin/bash
|
|
set -euo pipefail
|
|
IFS=$'\n\t'
|
|
|
|
DNS_PORT=5353
|
|
I2PD_IP="172.16.200.10"
|
|
I2PD_PORT=4444
|
|
LOCAL_PROXY_PORT=10080
|
|
|
|
# Flush the nat table to have a clean start
|
|
# without docker messing around with that
|
|
iptables -t nat -F
|
|
|
|
# https://websistent.com/linux-iptables-log-everything/
|
|
iptables -I INPUT 1 -s $I2PD_IP -j NFLOG
|
|
iptables -t nat -I INPUT 1 -s $I2PD_IP -j NFLOG
|
|
iptables -I OUTPUT 1 -j NFLOG
|
|
iptables -t nat -I OUTPUT 1 -j NFLOG
|
|
|
|
# Make sure traffic to I2P isn't redirected elsewhere
|
|
iptables -t nat -A OUTPUT -o eth0 \
|
|
-p tcp --dport $I2PD_PORT \
|
|
-j ACCEPT
|
|
|
|
# Redirect all other traffic on eth0 to pr0cks
|
|
iptables -t nat -A OUTPUT -o eth0 \
|
|
-p tcp \
|
|
-j REDIRECT --to-ports $LOCAL_PROXY_PORT
|
|
|
|
# Reject outgoing DNS requests for now
|
|
# We don't want them to leak
|
|
iptables -A OUTPUT -o eth0 \
|
|
-p udp -m udp --dport 53 \
|
|
-j DROP
|
|
# Redirect DNS requests to fake-dns
|
|
# -j REDIRECT --to-port $DNS_PORT
|
|
|
|
# Set the default DNS nameserver to the localhost
|
|
echo "nameserver 127.0.0.1" > /etc/resolv.conf
|
|
|
|
ulogd -d
|
|
tcpdump -i any -w /mount/tcp.dmp &
|
|
|
|
#python3 /opt/pr0cks/pr0cks.py --proxy socks5:172.16.200.10:4447
|
|
python3 /opt/bin/fake-dns.py -s "/tmp/fake-dns" &
|
|
python3 /opt/pr0cks/pr0cks.py \
|
|
--proxy "http:${I2PD_IP}:${I2PD_PORT}" \
|
|
--verbose
|
|
# > /mount/pr0xy.log
|