aboutsummaryrefslogtreecommitdiffstats
path: root/packages/torouter-prep/configs
diff options
context:
space:
mode:
Diffstat (limited to 'packages/torouter-prep/configs')
-rw-r--r--packages/torouter-prep/configs/047E6A24.asc19
-rw-r--r--packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-keybin0 -> 3742 bytes
-rw-r--r--packages/torouter-prep/configs/apt-preferences.d-backports3
-rw-r--r--packages/torouter-prep/configs/apt.conf1
-rw-r--r--packages/torouter-prep/configs/armrc.sample.gzbin0 -> 3633 bytes
-rw-r--r--packages/torouter-prep/configs/dnsmasq.conf3
-rw-r--r--packages/torouter-prep/configs/inittab70
-rw-r--r--packages/torouter-prep/configs/interfaces10
-rw-r--r--packages/torouter-prep/configs/modprobe.d-blacklist.conf26
-rw-r--r--packages/torouter-prep/configs/ntp.conf55
-rw-r--r--packages/torouter-prep/configs/sources.list3
-rw-r--r--packages/torouter-prep/configs/torrc31
-rwxr-xr-xpackages/torouter-prep/configs/ttdnsd-default17
13 files changed, 218 insertions, 20 deletions
diff --git a/packages/torouter-prep/configs/047E6A24.asc b/packages/torouter-prep/configs/047E6A24.asc
new file mode 100644
index 0000000..e2a8303
--- /dev/null
+++ b/packages/torouter-prep/configs/047E6A24.asc
@@ -0,0 +1,19 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+mQENBE5MF30BCACy2Ywqme78KCxY0qEXxm0vpBYe9X2kTdaJMS65tLfjbuHJ+WO4
+OKCJ5AJc7NMvZGpVucn4JPTRN34oReXzYWrlm0yfmqnRHm9sEJhDqNbSV6RML+9E
+oikxj6w6uboVEnrbLPzsWEcSze28dLcqVzDMm3aHO0erjBMlUEN4a7rrU0MDf+SH
+4rz0kkEaBj8gzX+cJQEU5uIdlcINFtL34cNIZPAB3O2ZOjvrDbWJcI6wG/ZfefDk
+2z98eSzhJfTWKsjnPmSsp7QTu+lj+mJN7BBoLILLJ+xq1XPJfigiuQucK3k2xMBv
+eYEpK+11af6/bt5+yQec8dyH7+feYnpY2gW9ABEBAAG0H3RvcnJvdXRlciBhcmNo
+aXZlIGtleSAoMjAxMS0wOCmJAT4EEwECACgFAk5MF30CGwMFCQDtTgAGCwkIBwMC
+BhUIAgkKCwQWAgMBAh4BAheAAAoJEJGCGDUEfmokfYEH/RzFD2x5j1kJ+1+F2pTN
+bTochEBvT4gsKCcuT+i7Q4FaorVCePoAyjcW3HBGBNf6G0a37KmtPoQBqXZ2wxVN
+7SDFFG4nH27z+OdkrZkUmwnjr3O5QskMuiOfkvpD0aRKvmB/MznxjBW9brJr63Gx
+IGkdvvZad2V4+jEwTWiOAodWbYGX9A5CgWUL+SHFhsLe3B3ZMrvgbReJqbOGRBTR
+nGWYjLH5K0lNLPNb8spKOxT/h5gKib9p5680hQG672n9EJGixfmvrCQF/3cqy2SG
+CmfX5Tt7+l/C6LfyaHWHsQsjqVtCmwPjfQ1sRa1S9UPXjrZb/54kDUHfpUByB/ab
+kGU=
+=ZXbM
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key b/packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
new file mode 100644
index 0000000..5b6a4d3
--- /dev/null
+++ b/packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
Binary files differ
diff --git a/packages/torouter-prep/configs/apt-preferences.d-backports b/packages/torouter-prep/configs/apt-preferences.d-backports
new file mode 100644
index 0000000..8e9275b
--- /dev/null
+++ b/packages/torouter-prep/configs/apt-preferences.d-backports
@@ -0,0 +1,3 @@
+Package: *
+Pin: release a=squeeze-backports
+Pin-Priority: 200
diff --git a/packages/torouter-prep/configs/apt.conf b/packages/torouter-prep/configs/apt.conf
new file mode 100644
index 0000000..4143a94
--- /dev/null
+++ b/packages/torouter-prep/configs/apt.conf
@@ -0,0 +1 @@
+APT::Default-Release "stable";
diff --git a/packages/torouter-prep/configs/armrc.sample.gz b/packages/torouter-prep/configs/armrc.sample.gz
new file mode 100644
index 0000000..c86b6f1
--- /dev/null
+++ b/packages/torouter-prep/configs/armrc.sample.gz
Binary files differ
diff --git a/packages/torouter-prep/configs/dnsmasq.conf b/packages/torouter-prep/configs/dnsmasq.conf
index 8845e80..2711486 100644
--- a/packages/torouter-prep/configs/dnsmasq.conf
+++ b/packages/torouter-prep/configs/dnsmasq.conf
@@ -83,9 +83,10 @@ no-poll
# interface (eg eth0) here.
# Repeat the line for more than one interface.
interface=eth1
-#interface=uap0
+interface=uap0
# Or you can specify which interface _not_ to listen on
except-interface=eth0
+except-interface=lo
# Or which to listen on by address (remember to include 127.0.0.1 if
# you use this.)
#listen-address=
diff --git a/packages/torouter-prep/configs/inittab b/packages/torouter-prep/configs/inittab
new file mode 100644
index 0000000..98dca83
--- /dev/null
+++ b/packages/torouter-prep/configs/inittab
@@ -0,0 +1,70 @@
+# /etc/inittab: init(8) configuration.
+# $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
+
+# The default runlevel.
+id:2:initdefault:
+
+# Boot-time system configuration/initialization script.
+# This is run first except when booting in emergency (-b) mode.
+si::sysinit:/etc/init.d/rcS
+
+# What to do in single-user mode.
+~~:S:wait:/sbin/sulogin
+
+# /etc/init.d executes the S and K scripts upon change
+# of runlevel.
+#
+# Runlevel 0 is halt.
+# Runlevel 1 is single-user.
+# Runlevels 2-5 are multi-user.
+# Runlevel 6 is reboot.
+
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+
+# What to do when CTRL-ALT-DEL is pressed.
+ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
+
+# Action on special keypress (ALT-UpArrow).
+#kb::kbrequest:/bin/echo "Keyboard Request--edit /etc/inittab to let this work."
+
+# What to do when the power fails/returns.
+pf::powerwait:/etc/init.d/powerfail start
+pn::powerfailnow:/etc/init.d/powerfail now
+po::powerokwait:/etc/init.d/powerfail stop
+
+# /sbin/getty invocations for the runlevels.
+#
+# The "id" field MUST be the same as the last
+# characters of the device (after "tty").
+#
+# Format:
+# <id>:<runlevels>:<action>:<process>
+#
+# Note that on most Debian systems tty7 is used by the X Window System,
+# so if you want to add more getty's go ahead but skip tty7 if you run X.
+#
+1:2345:respawn:/sbin/getty 38400 tty1
+#2:23:respawn:/sbin/getty 38400 tty2
+#3:23:respawn:/sbin/getty 38400 tty3
+#4:23:respawn:/sbin/getty 38400 tty4
+#5:23:respawn:/sbin/getty 38400 tty5
+#6:23:respawn:/sbin/getty 38400 tty6
+
+# Example how to put a getty on a serial line (for a terminal)
+#
+#T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
+#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
+
+# Example how to put a getty on a modem line.
+#
+#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
+
+T0:2345:respawn:/sbin/getty -L ttyS0 115200 linux
diff --git a/packages/torouter-prep/configs/interfaces b/packages/torouter-prep/configs/interfaces
index d1a5fa6..903bdb4 100644
--- a/packages/torouter-prep/configs/interfaces
+++ b/packages/torouter-prep/configs/interfaces
@@ -30,9 +30,9 @@ iface uap0 inet static
broadcast 172.16.23.255
pre-up ifconfig uap0 hw ether 00:66:66:66:66:66
post-up /etc/init.d/tor reload
- #post-up /etc/init.d/udhcpd restart
post-up /etc/init.d/dnsmasq restart
- post-up /root/tor-wireless-firewall.sh
- post-up /root/uaputl/uaputl sys_cfg_ssid "torproject"
- post-up /root/uaputl/uaputl bss_start
- pre-down /root/uaputl/uaputl bss_stop
+ post-up /etc/init.d/ttdnsd restart
+ post-up /usr/bin/uaputl sys_cfg_ssid "torproject"
+ post-up /usr/bin/uaputl bss_start
+ post-up /usr/share/torouter-prep/example-configs/tor-wireless-firewall.sh
+ pre-down /usr/bin/uaputl bss_stop
diff --git a/packages/torouter-prep/configs/modprobe.d-blacklist.conf b/packages/torouter-prep/configs/modprobe.d-blacklist.conf
new file mode 100644
index 0000000..87c6fbe
--- /dev/null
+++ b/packages/torouter-prep/configs/modprobe.d-blacklist.conf
@@ -0,0 +1,26 @@
+# This file lists modules which will not be loaded as the result of
+# alias expansion, with the purpose of preventing the hotplug subsystem
+# to load them. It does not affect autoloading of modules by the kernel.
+# This file is provided by the udev package.
+
+# evbug is a debug tool and should be loaded explicitly
+blacklist evbug
+
+# these drivers are very simple, the HID drivers are usually preferred
+blacklist usbmouse
+blacklist usbkbd
+
+# replaced by e100
+blacklist eepro100
+
+# replaced by tulip
+blacklist de4x5
+
+# replaced by tmscsim
+blacklist am53c974
+
+# these watchdog drivers break some systems
+blacklist iTCO_wdt
+
+
+blacklist ipv6
diff --git a/packages/torouter-prep/configs/ntp.conf b/packages/torouter-prep/configs/ntp.conf
new file mode 100644
index 0000000..cb7d021
--- /dev/null
+++ b/packages/torouter-prep/configs/ntp.conf
@@ -0,0 +1,55 @@
+# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
+
+driftfile /var/lib/ntp/ntp.drift
+
+
+# Enable this if you want statistics to be logged.
+#statsdir /var/log/ntpstats/
+
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+
+
+# You do need to talk to an NTP server or two (or three).
+#server ntp.your-provider.example
+
+# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
+# pick a different set every time it starts up. Please consider joining the
+# pool: <http://www.pool.ntp.org/join.html>
+server 0.debian.pool.ntp.org iburst
+server 1.debian.pool.ntp.org iburst
+server 2.debian.pool.ntp.org iburst
+server 3.debian.pool.ntp.org iburst
+
+
+# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
+# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
+# might also be helpful.
+#
+# Note that "restrict" applies to both servers and clients, so a configuration
+# that might be intended to block requests from certain clients could also end
+# up blocking replies from your own upstream servers.
+
+# By default, exchange time with everybody, but don't allow configuration.
+restrict -4 default kod notrap nomodify nopeer noquery
+restrict -6 default kod notrap nomodify nopeer noquery
+
+# Local users may interrogate the ntp server more closely.
+restrict 127.0.0.1
+restrict ::1
+
+# Clients from this (example!) subnet have unlimited access, but only if
+# cryptographically authenticated.
+#restrict 192.168.123.0 mask 255.255.255.0 notrust
+
+
+# If you want to provide time to your local subnet, change the next line.
+# (Again, the address is an example only.)
+#broadcast 192.168.123.255
+
+# If you want to listen to time broadcasts on your local subnet, de-comment the
+# next lines. Please do this only if you trust everybody on the network!
+#disable auth
+#broadcastclient
diff --git a/packages/torouter-prep/configs/sources.list b/packages/torouter-prep/configs/sources.list
index f6c7c0b..c7e7e4a 100644
--- a/packages/torouter-prep/configs/sources.list
+++ b/packages/torouter-prep/configs/sources.list
@@ -12,3 +12,6 @@ deb http://backports.debian.org/debian-backports squeeze-backports main
# Tor project repo
deb http://deb.torproject.org/torproject.org/ squeeze main
deb-src http://deb.torproject.org/torproject.org squeeze main
+
+# Torouter project repo
+deb http://torrouter.torproject.org/torrouter torrouter main
diff --git a/packages/torouter-prep/configs/torrc b/packages/torouter-prep/configs/torrc
index b4c5de3..7a12e73 100644
--- a/packages/torouter-prep/configs/torrc
+++ b/packages/torouter-prep/configs/torrc
@@ -35,7 +35,7 @@ SocksListenAddress 127.0.0.1 # accept connections only from localhost
## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
Log notice file /var/log/tor/notices.log
## Send every possible message to /var/log/tor/debug.log
-Log debug file /var/log/tor/debug.log
+#Log debug file /var/log/tor/debug.log
## Use the system log instead of Tor's logfiles
#Log notice syslog
## To send all messages to stderr:
@@ -67,8 +67,9 @@ DataDirectory /var/lib/tor
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.
-HiddenServiceDir /var/lib/tor/hidden_service/
-HiddenServicePort 22 127.0.0.1:22
+# Uncomment this to allow ssh access to the Torouter over your own Hidden Service
+#HiddenServiceDir /var/lib/tor/hidden_service/
+#HiddenServicePort 22 127.0.0.1:22
#HiddenServiceDir /var/lib/tor/other_hidden_service/
#HiddenServicePort 80 127.0.0.1:80
@@ -78,16 +79,15 @@ HiddenServicePort 22 127.0.0.1:22
#
## See https://www.torproject.org/docs/tor-doc-relay for details.
-## Required: what port to advertise for incoming Tor connections.
-ORPort 9001
+### Required: what port to advertise for incoming Tor connections.
+ORPort 9001
## If you want to listen on a port other than the one advertised
## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the
## line below too. You'll need to do ipchains or other port forwarding
## yourself to make this work.
#ORListenAddress 0.0.0.0:9090
-
-## A handle for your relay, so people don't have to refer to it by key.
-#Nickname ididnteditheconfig
+#ORListenAddress 0.0.0.0:9090
+Nickname Torouter
## The IP address or full DNS name for your relay. Leave commented out
## and Tor will guess.
@@ -150,9 +150,10 @@ ORPort 9001
## ISP is filtering connections to all the known Tor relays, they probably
## won't be able to block all the bridges. Also, websites won't treat you
## differently because they won't know you're running Tor. If you can
-## be a real relay, please do; but if not, be a bridge!
-#BridgeRelay 1
+# be a real relay, please do; but if not, be a bridge!
ExitPolicy reject *:*
+ExitPolicy accept *:*
+
AvoidDiskWrites 1
@@ -160,14 +161,16 @@ AvoidDiskWrites 1
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 9040
-TransListenAddress 172.16.23.1
+TransListenAddress 172.16.23.1
DNSPort 5353
-DNSListenAddress 172.16.23.1
+DNSListenAddress 172.16.23.1
+DNSListenAddress 127.0.0.1:53
User debian-tor
-PortForwarding 1
-PortForwardingHelper /usr/local/bin/tor-fw-helper
+# By default we do not have PortForwarding support
+# PortForwarding 1
+# PortForwardingHelper /usr/local/bin/tor-fw-helper
PIDFile /var/run/tor/tor.pid
diff --git a/packages/torouter-prep/configs/ttdnsd-default b/packages/torouter-prep/configs/ttdnsd-default
new file mode 100755
index 0000000..0a22bc4
--- /dev/null
+++ b/packages/torouter-prep/configs/ttdnsd-default
@@ -0,0 +1,17 @@
+# /etc/default/ttdnsd
+
+# Address to bind to - usually this should be 127.0.0.1
+# unless a copy of ttdnsd runs on 127.0.0.n
+ADDR_ARG="-b 172.16.23.1"
+
+# Port to listen on - almost always this should be port 53
+# unless an additional local DNS cache (like unbound, dnscache, pdnsd)
+# listen on port 53 as system resolver and is used in front of ttdnsd
+# for caching purposes.
+PORT_ARG="-p 5354"
+
+# Debug logging
+# DEBUG_LOGGING="-l"
+
+# Glue all of it together below
+DEFAULTS="$ADDR_ARG $PORT_ARG"