aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorficus <ficus@robocracy.org>2012-09-27 23:30:57 +0200
committerficus <ficus@robocracy.org>2012-09-27 23:37:17 +0200
commit7dcf9aa0db8585eb3489bcf0903e67bdd9dee027 (patch)
tree6e0bf8d25509c9f4fa19d3ac67551489341002a6
parentd46a7182171c76330448166956344d18755cd8cc (diff)
downloadtorouter-7dcf9aa0db8585eb3489bcf0903e67bdd9dee027.zip
torouter-7dcf9aa0db8585eb3489bcf0903e67bdd9dee027.tar.gz
new dnsmasq schemesept28img
-rw-r--r--freedom-maker/multistrap-configs/torouter-base.conf2
-rw-r--r--packages/torouter-prep/configs/etc/default/dnsmasq2
-rw-r--r--packages/torouter-prep/configs/etc/dnsmasq.conf13
-rw-r--r--packages/torouter-prep/configs/etc/dnsmasq.d/lan2
-rw-r--r--packages/torouter-prep/configs/etc/dnsmasq.d/wifi2
-rw-r--r--packages/torouter-prep/configs/etc/dnsmasq_lan.conf6
-rw-r--r--packages/torouter-prep/configs/etc/dnsmasq_wifi.conf7
-rwxr-xr-xpackages/torouter-prep/configs/etc/init.d/dnsmasq_lan290
-rwxr-xr-xpackages/torouter-prep/configs/etc/init.d/dnsmasq_wifi290
-rw-r--r--packages/torouter-prep/configs/etc/network/interfaces13
-rwxr-xr-xpackages/torouter-prep/src/torouter_preboot.sh11
11 files changed, 618 insertions, 20 deletions
diff --git a/freedom-maker/multistrap-configs/torouter-base.conf b/freedom-maker/multistrap-configs/torouter-base.conf
index 286c7e1..5e51646 100644
--- a/freedom-maker/multistrap-configs/torouter-base.conf
+++ b/freedom-maker/multistrap-configs/torouter-base.conf
@@ -6,7 +6,7 @@ debootstrap=Debian torproject torouter
aptsources=Debian torproject torouter
[Debian]
-packages=base-files netbase openssh-server zile wget iproute net-tools hostname module-init-tools wget resolvconf udev isc-dhcp-client ifupdown devio initramfs-tools uboot-mkimage parted dosfstools apt iputils-ping haveged python pandoc python-simplejson make dialog locales-all uaputl uapevent dnsmasq iptables vim-nox less screen lsof tcptraceroute traceroute mtr-tiny openntpd dnsmasq unbound python-augeas python-flask python-daemon cron iw python-setuptools apt-utils dnsutils
+packages=base-files netbase openssh-server zile wget iproute net-tools hostname module-init-tools wget resolvconf udev isc-dhcp-client ifupdown devio initramfs-tools uboot-mkimage parted dosfstools apt iputils-ping haveged python pandoc python-simplejson make dialog locales-all uaputl uapevent dnsmasq iptables vim-nox less screen lsof tcptraceroute traceroute mtr-tiny openntpd dnsmasq python-augeas python-flask python-daemon cron iw python-setuptools apt-utils dnsutils torsocks
source=http://http.debian.net/debian/
keyring=debian-archive-keyring
suite=wheezy
diff --git a/packages/torouter-prep/configs/etc/default/dnsmasq b/packages/torouter-prep/configs/etc/default/dnsmasq
new file mode 100644
index 0000000..ddaa02b
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/default/dnsmasq
@@ -0,0 +1,2 @@
+
+ENABLED=0
diff --git a/packages/torouter-prep/configs/etc/dnsmasq.conf b/packages/torouter-prep/configs/etc/dnsmasq.conf
index 8e02834..806996e 100644
--- a/packages/torouter-prep/configs/etc/dnsmasq.conf
+++ b/packages/torouter-prep/configs/etc/dnsmasq.conf
@@ -15,7 +15,6 @@
# Never forward addresses in the non-routed address spaces.
#bogus-priv
-
# Uncomment this to filter useless windows-originated DNS requests
# which can trigger dial-on-demand links needlessly.
# Note that (amongst other things) this blocks all SRV requests,
@@ -82,11 +81,11 @@ no-poll
# specified interfaces (and the loopback) give the name of the
# interface (eg eth0) here.
# Repeat the line for more than one interface.
-interface=eth1
-interface=uap0
+#interface=eth1
+#interface=uap0
# Or you can specify which interface _not_ to listen on
-except-interface=eth0
-except-interface=lo
+#except-interface=eth0
+#except-interface=lo
# Or which to listen on by address (remember to include 127.0.0.1 if
# you use this.)
#listen-address=
@@ -102,7 +101,7 @@ except-interface=lo
# want dnsmasq to really bind only the interfaces it is listening on,
# uncomment this option. About the only time you may need this is when
# running another nameserver on the same machine.
-bind-interfaces
+#bind-interfaces
# If you don't want dnsmasq to read /etc/hosts, uncomment the
# following line.
@@ -553,4 +552,4 @@ bind-interfaces
# Include a another lot of configuration options.
#conf-file=/etc/dnsmasq.more.conf
-conf-dir=/etc/dnsmasq.d
+#conf-dir=/etc/dnsmasq.d
diff --git a/packages/torouter-prep/configs/etc/dnsmasq.d/lan b/packages/torouter-prep/configs/etc/dnsmasq.d/lan
deleted file mode 100644
index 1430733..0000000
--- a/packages/torouter-prep/configs/etc/dnsmasq.d/lan
+++ /dev/null
@@ -1,2 +0,0 @@
-
-dhcp-range=10.23.42.10,10.23.42.254,255.255.255.0,12h
diff --git a/packages/torouter-prep/configs/etc/dnsmasq.d/wifi b/packages/torouter-prep/configs/etc/dnsmasq.d/wifi
deleted file mode 100644
index d1bdb72..0000000
--- a/packages/torouter-prep/configs/etc/dnsmasq.d/wifi
+++ /dev/null
@@ -1,2 +0,0 @@
-
-dhcp-range=172.16.23.10,172.16.23.254,255.255.255.0,12h
diff --git a/packages/torouter-prep/configs/etc/dnsmasq_lan.conf b/packages/torouter-prep/configs/etc/dnsmasq_lan.conf
new file mode 100644
index 0000000..1143401
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/dnsmasq_lan.conf
@@ -0,0 +1,6 @@
+
+no-poll
+bind-interfaces
+interface=eth1
+except-interface=lo
+dhcp-range=10.23.42.10,10.23.42.254,255.255.255.0,12h
diff --git a/packages/torouter-prep/configs/etc/dnsmasq_wifi.conf b/packages/torouter-prep/configs/etc/dnsmasq_wifi.conf
new file mode 100644
index 0000000..56c268e
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/dnsmasq_wifi.conf
@@ -0,0 +1,7 @@
+
+no-poll
+bind-interfaces
+except-interface=lo
+interface=uap0
+server=172.16.23.1#5353
+dhcp-range=172.16.23.10,172.16.23.254,255.255.255.0,12h
diff --git a/packages/torouter-prep/configs/etc/init.d/dnsmasq_lan b/packages/torouter-prep/configs/etc/init.d/dnsmasq_lan
new file mode 100755
index 0000000..22f2557
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/init.d/dnsmasq_lan
@@ -0,0 +1,290 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: dnsmasq_lan
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop: $network $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Description: DHCP and DNS server
+### END INIT INFO
+
+set +e # Don't exit on error status
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/dnsmasq
+NAME=dnsmasq_lan
+DESC="DNS forwarder and DHCP server"
+
+# Most configuration options in /etc/default/dnsmasq are deprecated
+# but still honoured.
+ENABLED=1
+if [ -r /etc/default/$NAME ]; then
+ . /etc/default/$NAME
+fi
+
+# Get the system locale, so that messages are in the correct language, and the
+# charset for IDN is correct
+if [ -r /etc/default/locale ]; then
+ . /etc/default/locale
+ export LANG
+fi
+
+test -x $DAEMON || exit 0
+
+# Provide skeleton LSB log functions for backports which don't have LSB functions.
+if [ -f /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+else
+ log_warning_msg () {
+ echo "${@}."
+ }
+
+ log_success_msg () {
+ echo "${@}."
+ }
+
+ log_daemon_msg () {
+ echo -n "${1}: $2"
+ }
+
+ log_end_msg () {
+ if [ $1 -eq 0 ]; then
+ echo "."
+ elif [ $1 -eq 255 ]; then
+ /bin/echo -e " (warning)."
+ else
+ /bin/echo -e " failed!"
+ fi
+ }
+fi
+
+# RESOLV_CONF:
+# If the resolvconf package is installed then use the resolv conf file
+# that it provides as the default. Otherwise use /etc/resolv.conf as
+# the default.
+#
+# If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit
+# filename is set there then this inhibits the use of the resolvconf-provided
+# information.
+#
+# Note that if the resolvconf package is installed it is not possible to
+# override it just by configuration in /etc/dnsmasq.conf, it is necessary
+# to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq.
+
+if [ ! "$RESOLV_CONF" ] &&
+ [ "$IGNORE_RESOLVCONF" != "yes" ] &&
+ [ -x /sbin/resolvconf ]
+then
+ RESOLV_CONF=/var/run/dnsmasq/resolv.conf
+fi
+
+for INTERFACE in $DNSMASQ_INTERFACE; do
+ DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -i $INTERFACE"
+done
+
+for INTERFACE in $DNSMASQ_EXCEPT; do
+ DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -I $INTERFACE"
+done
+
+if [ ! "$DNSMASQ_USER" ]; then
+ DNSMASQ_USER="dnsmasq"
+fi
+
+start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+
+ # /var/run may be volatile, so we need to ensure that
+ # /var/run/dnsmasq exists here as well as in postinst
+ if [ ! -d /var/run/dnsmasq ]; then
+ mkdir /var/run/dnsmasq || return 2
+ chown dnsmasq:nogroup /var/run/dnsmasq || return 2
+ fi
+
+ start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test -- -C /etc/dnsmasq_lan.conf > /dev/null || return 1
+ start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON -- -C /etc/dnsmasq_lan.conf \
+ -x /var/run/dnsmasq/$NAME.pid \
+ ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
+ ${MAILTARGET:+ -t $MAILTARGET} \
+ ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
+ ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
+ ${DHCP_LEASE:+ -l $DHCP_LEASE} \
+ ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
+ ${RESOLV_CONF:+ -r $RESOLV_CONF} \
+ ${CACHESIZE:+ -c $CACHESIZE} \
+ ${CONFIG_DIR:+ -7 $CONFIG_DIR} \
+ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} \
+ || return 2
+}
+
+start_resolvconf()
+{
+# If interface "lo" is explicitly disabled in /etc/default/dnsmasq
+# Then dnsmasq won't be providing local DNS, so don't add it to
+# the resolvconf server set.
+ for interface in $DNSMASQ_EXCEPT
+ do
+ [ $interface = lo ] && return
+ done
+
+ if [ -x /sbin/resolvconf ] ; then
+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME
+ fi
+ return 0
+}
+
+stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /var/run/dnsmasq/$NAME.pid
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ return "$RETVAL"
+}
+
+stop_resolvconf()
+{
+ if [ -x /sbin/resolvconf ] ; then
+ /sbin/resolvconf -d lo.$NAME
+ fi
+ return 0
+}
+
+status()
+{
+ # Return
+ # 0 if daemon is running
+ # 1 if daemon is dead and pid file exists
+ # 3 if daemon is not running
+ # 4 if daemon status is unknown
+ start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null
+ case "$?" in
+ 0) [ -e "/var/run/dnsmasq/$NAME.pid" ] && return 1 ; return 3 ;;
+ 1) return 0 ;;
+ *) return 4 ;;
+ esac
+}
+
+case "$1" in
+ start)
+ test "$ENABLED" != "0" || exit 0
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start
+ case "$?" in
+ 0)
+ log_end_msg 0
+ start_resolvconf
+ exit 0
+ ;;
+ 1)
+ log_success_msg "(already running)"
+ exit 0
+ ;;
+ *)
+ log_end_msg 1
+ exit 1
+ ;;
+ esac
+ ;;
+ stop)
+ stop_resolvconf
+ if [ "$ENABLED" != "0" ]; then
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ fi
+ stop
+ RETVAL="$?"
+ if [ "$ENABLED" = "0" ]; then
+ case "$RETVAL" in
+ 0) log_daemon_msg "Stopping $DESC" "$NAME"; log_end_msg 0 ;;
+ esac
+ exit 0
+ fi
+ case "$RETVAL" in
+ 0) log_end_msg 0 ; exit 0 ;;
+ 1) log_warning_msg "(not running)" ; exit 0 ;;
+ *) log_end_msg 1; exit 1 ;;
+ esac
+ ;;
+ restart|force-reload)
+ test "$ENABLED" != "0" || exit 1
+ $DAEMON --test ${CONFIG_DIR:+ -7 $CONFIG_DIR} ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} >/dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ NAME="configuration syntax check"
+ RETVAL="2"
+ else
+ stop_resolvconf
+ stop
+ RETVAL="$?"
+ fi
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ case "$RETVAL" in
+ 0|1)
+ sleep 2
+ start
+ case "$?" in
+ 0)
+ log_end_msg 0
+ start_resolvconf
+ exit 0
+ ;;
+ *)
+ log_end_msg 1
+ exit 1
+ ;;
+ esac
+ ;;
+ *)
+ log_end_msg 1
+ exit 1
+ ;;
+ esac
+ ;;
+ status)
+ log_daemon_msg "Checking $DESC" "$NAME"
+ status
+ case "$?" in
+ 0) log_success_msg "(running)" ; exit 0 ;;
+ 1) log_success_msg "(dead, pid file exists)" ; exit 1 ;;
+ 3) log_success_msg "(not running)" ; exit 3 ;;
+ *) log_success_msg "(unknown)" ; exit 4 ;;
+ esac
+ ;;
+ dump-stats)
+ kill -s USR1 `cat /var/run/dnsmasq/$NAME.pid`
+ ;;
+ systemd-start-resolvconf)
+ start_resolvconf
+ ;;
+ systemd-stop-resolvconf)
+ stop_resolvconf
+ ;;
+ systemd-exec)
+# --pid-file without argument disables writing a PIDfile, we don't need one with sytemd.
+# Enable DBus by default because we use DBus activation with systemd.
+ exec $DAEMON --keep-in-foreground --pid-file --enable-dbus \
+ ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
+ ${MAILTARGET:+ -t $MAILTARGET} \
+ ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
+ ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
+ ${DHCP_LEASE:+ -l $DHCP_LEASE} \
+ ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
+ ${RESOLV_CONF:+ -r $RESOLV_CONF} \
+ ${CACHESIZE:+ -c $CACHESIZE} \
+ ${CONFIG_DIR:+ -7 $CONFIG_DIR} \
+ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}
+ ;;
+ *)
+ echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|dump-stats|status}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
+
diff --git a/packages/torouter-prep/configs/etc/init.d/dnsmasq_wifi b/packages/torouter-prep/configs/etc/init.d/dnsmasq_wifi
new file mode 100755
index 0000000..dfd103c
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/init.d/dnsmasq_wifi
@@ -0,0 +1,290 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: dnsmasq_wifi
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop: $network $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Description: DHCP and DNS server
+### END INIT INFO
+
+set +e # Don't exit on error status
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/dnsmasq
+NAME=dnsmasq_wifi
+DESC="DNS forwarder and DHCP server"
+
+# Most configuration options in /etc/default/dnsmasq are deprecated
+# but still honoured.
+ENABLED=1
+if [ -r /etc/default/$NAME ]; then
+ . /etc/default/$NAME
+fi
+
+# Get the system locale, so that messages are in the correct language, and the
+# charset for IDN is correct
+if [ -r /etc/default/locale ]; then
+ . /etc/default/locale
+ export LANG
+fi
+
+test -x $DAEMON || exit 0
+
+# Provide skeleton LSB log functions for backports which don't have LSB functions.
+if [ -f /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+else
+ log_warning_msg () {
+ echo "${@}."
+ }
+
+ log_success_msg () {
+ echo "${@}."
+ }
+
+ log_daemon_msg () {
+ echo -n "${1}: $2"
+ }
+
+ log_end_msg () {
+ if [ $1 -eq 0 ]; then
+ echo "."
+ elif [ $1 -eq 255 ]; then
+ /bin/echo -e " (warning)."
+ else
+ /bin/echo -e " failed!"
+ fi
+ }
+fi
+
+# RESOLV_CONF:
+# If the resolvconf package is installed then use the resolv conf file
+# that it provides as the default. Otherwise use /etc/resolv.conf as
+# the default.
+#
+# If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit
+# filename is set there then this inhibits the use of the resolvconf-provided
+# information.
+#
+# Note that if the resolvconf package is installed it is not possible to
+# override it just by configuration in /etc/dnsmasq.conf, it is necessary
+# to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq.
+
+if [ ! "$RESOLV_CONF" ] &&
+ [ "$IGNORE_RESOLVCONF" != "yes" ] &&
+ [ -x /sbin/resolvconf ]
+then
+ RESOLV_CONF=/var/run/dnsmasq/resolv.conf
+fi
+
+for INTERFACE in $DNSMASQ_INTERFACE; do
+ DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -i $INTERFACE"
+done
+
+for INTERFACE in $DNSMASQ_EXCEPT; do
+ DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -I $INTERFACE"
+done
+
+if [ ! "$DNSMASQ_USER" ]; then
+ DNSMASQ_USER="dnsmasq"
+fi
+
+start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+
+ # /var/run may be volatile, so we need to ensure that
+ # /var/run/dnsmasq exists here as well as in postinst
+ if [ ! -d /var/run/dnsmasq ]; then
+ mkdir /var/run/dnsmasq || return 2
+ chown dnsmasq:nogroup /var/run/dnsmasq || return 2
+ fi
+
+ start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test -- -C /etc/dnsmasq_wifi.conf > /dev/null || return 1
+ start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON -- -C /etc/dnsmasq_wifi.conf \
+ -x /var/run/dnsmasq/$NAME.pid \
+ ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
+ ${MAILTARGET:+ -t $MAILTARGET} \
+ ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
+ ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
+ ${DHCP_LEASE:+ -l $DHCP_LEASE} \
+ ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
+ ${RESOLV_CONF:+ -r $RESOLV_CONF} \
+ ${CACHESIZE:+ -c $CACHESIZE} \
+ ${CONFIG_DIR:+ -7 $CONFIG_DIR} \
+ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} \
+ || return 2
+}
+
+start_resolvconf()
+{
+# If interface "lo" is explicitly disabled in /etc/default/dnsmasq
+# Then dnsmasq won't be providing local DNS, so don't add it to
+# the resolvconf server set.
+ for interface in $DNSMASQ_EXCEPT
+ do
+ [ $interface = lo ] && return
+ done
+
+ if [ -x /sbin/resolvconf ] ; then
+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME
+ fi
+ return 0
+}
+
+stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /var/run/dnsmasq/$NAME.pid
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ return "$RETVAL"
+}
+
+stop_resolvconf()
+{
+ if [ -x /sbin/resolvconf ] ; then
+ /sbin/resolvconf -d lo.$NAME
+ fi
+ return 0
+}
+
+status()
+{
+ # Return
+ # 0 if daemon is running
+ # 1 if daemon is dead and pid file exists
+ # 3 if daemon is not running
+ # 4 if daemon status is unknown
+ start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null
+ case "$?" in
+ 0) [ -e "/var/run/dnsmasq/$NAME.pid" ] && return 1 ; return 3 ;;
+ 1) return 0 ;;
+ *) return 4 ;;
+ esac
+}
+
+case "$1" in
+ start)
+ test "$ENABLED" != "0" || exit 0
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start
+ case "$?" in
+ 0)
+ log_end_msg 0
+ start_resolvconf
+ exit 0
+ ;;
+ 1)
+ log_success_msg "(already running)"
+ exit 0
+ ;;
+ *)
+ log_end_msg 1
+ exit 1
+ ;;
+ esac
+ ;;
+ stop)
+ stop_resolvconf
+ if [ "$ENABLED" != "0" ]; then
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ fi
+ stop
+ RETVAL="$?"
+ if [ "$ENABLED" = "0" ]; then
+ case "$RETVAL" in
+ 0) log_daemon_msg "Stopping $DESC" "$NAME"; log_end_msg 0 ;;
+ esac
+ exit 0
+ fi
+ case "$RETVAL" in
+ 0) log_end_msg 0 ; exit 0 ;;
+ 1) log_warning_msg "(not running)" ; exit 0 ;;
+ *) log_end_msg 1; exit 1 ;;
+ esac
+ ;;
+ restart|force-reload)
+ test "$ENABLED" != "0" || exit 1
+ $DAEMON --test ${CONFIG_DIR:+ -7 $CONFIG_DIR} ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} >/dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ NAME="configuration syntax check"
+ RETVAL="2"
+ else
+ stop_resolvconf
+ stop
+ RETVAL="$?"
+ fi
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ case "$RETVAL" in
+ 0|1)
+ sleep 2
+ start
+ case "$?" in
+ 0)
+ log_end_msg 0
+ start_resolvconf
+ exit 0
+ ;;
+ *)
+ log_end_msg 1
+ exit 1
+ ;;
+ esac
+ ;;
+ *)
+ log_end_msg 1
+ exit 1
+ ;;
+ esac
+ ;;
+ status)
+ log_daemon_msg "Checking $DESC" "$NAME"
+ status
+ case "$?" in
+ 0) log_success_msg "(running)" ; exit 0 ;;
+ 1) log_success_msg "(dead, pid file exists)" ; exit 1 ;;
+ 3) log_success_msg "(not running)" ; exit 3 ;;
+ *) log_success_msg "(unknown)" ; exit 4 ;;
+ esac
+ ;;
+ dump-stats)
+ kill -s USR1 `cat /var/run/dnsmasq/$NAME.pid`
+ ;;
+ systemd-start-resolvconf)
+ start_resolvconf
+ ;;
+ systemd-stop-resolvconf)
+ stop_resolvconf
+ ;;
+ systemd-exec)
+# --pid-file without argument disables writing a PIDfile, we don't need one with sytemd.
+# Enable DBus by default because we use DBus activation with systemd.
+ exec $DAEMON --keep-in-foreground --pid-file --enable-dbus \
+ ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
+ ${MAILTARGET:+ -t $MAILTARGET} \
+ ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
+ ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
+ ${DHCP_LEASE:+ -l $DHCP_LEASE} \
+ ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
+ ${RESOLV_CONF:+ -r $RESOLV_CONF} \
+ ${CACHESIZE:+ -c $CACHESIZE} \
+ ${CONFIG_DIR:+ -7 $CONFIG_DIR} \
+ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}
+ ;;
+ *)
+ echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|dump-stats|status}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
+
diff --git a/packages/torouter-prep/configs/etc/network/interfaces b/packages/torouter-prep/configs/etc/network/interfaces
index 036eb4d..34b2f35 100644
--- a/packages/torouter-prep/configs/etc/network/interfaces
+++ b/packages/torouter-prep/configs/etc/network/interfaces
@@ -8,7 +8,6 @@ iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
- post-up ifup uap0
post-down ifdown uap0
auto eth1
@@ -17,10 +16,12 @@ iface eth1 inet static
netmask 255.255.255.0
network 10.23.42.0
broadcast 10.23.42.255
+ pre-up ip addr del 10.23.42.1/24 dev eth1 || true
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
+ post-up /etc/init.d/dnsmasq_lan start
# this must happen after have brought up uap0 because it clears the nat tables
post-up iptables -t nat -A POSTROUTING -s 10.23.42.0/24 -o eth0 -j MASQUERADE
- post-up /etc/init.d/dnsmasq restart
+ pre-down /etc/init.d/dnsmasq_lan stop
# The magic Tor wireless network
auto uap0
@@ -30,10 +31,14 @@ iface uap0 inet static
network 172.16.23.0
broadcast 172.16.23.255
pre-up ifconfig uap0 hw ether 00:66:66:66:66:66
- post-up /etc/init.d/tor reload
- post-up /etc/init.d/dnsmasq restart
+ pre-up ip addr del 172.16.23.1/24 dev uap0 || true
+ post-up /etc/init.d/tor start
+ post-up /etc/init.d/tor reload
+ post-up /etc/init.d/dnsmasq_wifi start
post-up /etc/init.d/ttdnsd restart
post-up /usr/bin/uaputl sys_cfg_ssid "torproject" || true
post-up /usr/bin/uaputl bss_start || true
post-up /usr/sbin/tor-wireless-firewall.sh || true
+ post-up /sbin/iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040
pre-down /usr/bin/uaputl bss_stop || true
+ pre-down /etc/init.d/dnsmasq_wifi stop
diff --git a/packages/torouter-prep/src/torouter_preboot.sh b/packages/torouter-prep/src/torouter_preboot.sh
index 18703a5..70c08aa 100755
--- a/packages/torouter-prep/src/torouter_preboot.sh
+++ b/packages/torouter-prep/src/torouter_preboot.sh
@@ -34,10 +34,13 @@ install -o root -g root -m 600 $config_dir/etc/network/interfaces /etc/network/i
# Configure dnsmasq
install -o root -g root -m 600 $config_dir/etc/dnsmasq.conf /etc/dnsmasq.conf
-mkdir -p /etc/dnsmasq.d
-chown root:root /etc/dnsmasq.d
-install -o root -g root -m 600 $config_dir/etc/dnsmasq.d/lan /etc/dnsmasq.d/lan
-install -o root -g root -m 600 $config_dir/etc/dnsmasq.d/wifi /etc/dnsmasq.d/wifi
+install -o root -g root -m 600 $config_dir/etc/dnsmasq_lan.conf /etc/dnsmasq_lan.conf
+install -o root -g root -m 600 $config_dir/etc/dnsmasq_wifi.conf /etc/dnsmasq_wifi.conf
+
+# new dns scheme
+install -o root -g root -m 600 $config_dir/etc/default/dnsmasq /etc/default/dnsmasq
+install -o root -g root -m 750 $config_dir/etc/init.d/dnsmasq_lan /etc/init.d/dnsmasq_lan
+install -o root -g root -m 750 $config_dir/etc/init.d/dnsmasq_wifi /etc/init.d/dnsmasq_wifi
# Configure ntp
install -o root -g root -m 600 $config_dir/etc/ntp.conf /etc/ntp.conf