From f201878306730677591d08ad6f09965910b97e61 Mon Sep 17 00:00:00 2001
From: Jacob Appelbaum <jacob@appelbaum.net>
Date: Thu, 18 Aug 2011 17:06:50 +0200
Subject: update torouter_config.sh to copy files

---
 ...3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key | Bin 0 -> 3742 bytes
 .../configs/apt-preferences.d-backports            |   3 +
 packages/torouter-prep/configs/armrc.sample.gz     | Bin 0 -> 3633 bytes
 packages/torouter-prep/configs/dnsmasq.conf        |   3 +-
 packages/torouter-prep/configs/inittab             |  70 +++++++++++++++++++++
 packages/torouter-prep/configs/interfaces          |  10 +--
 .../configs/modprobe.d-blacklist.conf              |  26 ++++++++
 packages/torouter-prep/configs/ntp.conf            |  55 ++++++++++++++++
 packages/torouter-prep/configs/torrc               |  31 ++++-----
 packages/torouter-prep/configs/ttdnsd-default      |  17 +++++
 10 files changed, 195 insertions(+), 20 deletions(-)
 create mode 100644 packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
 create mode 100644 packages/torouter-prep/configs/apt-preferences.d-backports
 create mode 100644 packages/torouter-prep/configs/armrc.sample.gz
 create mode 100644 packages/torouter-prep/configs/inittab
 create mode 100644 packages/torouter-prep/configs/modprobe.d-blacklist.conf
 create mode 100644 packages/torouter-prep/configs/ntp.conf
 create mode 100755 packages/torouter-prep/configs/ttdnsd-default

(limited to 'packages/torouter-prep/configs')

diff --git a/packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key b/packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
new file mode 100644
index 0000000..5b6a4d3
Binary files /dev/null and b/packages/torouter-prep/configs/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key differ
diff --git a/packages/torouter-prep/configs/apt-preferences.d-backports b/packages/torouter-prep/configs/apt-preferences.d-backports
new file mode 100644
index 0000000..8e9275b
--- /dev/null
+++ b/packages/torouter-prep/configs/apt-preferences.d-backports
@@ -0,0 +1,3 @@
+Package: *
+Pin: release a=squeeze-backports
+Pin-Priority: 200
diff --git a/packages/torouter-prep/configs/armrc.sample.gz b/packages/torouter-prep/configs/armrc.sample.gz
new file mode 100644
index 0000000..c86b6f1
Binary files /dev/null and b/packages/torouter-prep/configs/armrc.sample.gz differ
diff --git a/packages/torouter-prep/configs/dnsmasq.conf b/packages/torouter-prep/configs/dnsmasq.conf
index 8845e80..2711486 100644
--- a/packages/torouter-prep/configs/dnsmasq.conf
+++ b/packages/torouter-prep/configs/dnsmasq.conf
@@ -83,9 +83,10 @@ no-poll
 # interface (eg eth0) here.
 # Repeat the line for more than one interface.
 interface=eth1
-#interface=uap0
+interface=uap0
 # Or you can specify which interface _not_ to listen on
 except-interface=eth0
+except-interface=lo
 # Or which to listen on by address (remember to include 127.0.0.1 if
 # you use this.)
 #listen-address=
diff --git a/packages/torouter-prep/configs/inittab b/packages/torouter-prep/configs/inittab
new file mode 100644
index 0000000..98dca83
--- /dev/null
+++ b/packages/torouter-prep/configs/inittab
@@ -0,0 +1,70 @@
+# /etc/inittab: init(8) configuration.
+# $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
+
+# The default runlevel.
+id:2:initdefault:
+
+# Boot-time system configuration/initialization script.
+# This is run first except when booting in emergency (-b) mode.
+si::sysinit:/etc/init.d/rcS
+
+# What to do in single-user mode.
+~~:S:wait:/sbin/sulogin
+
+# /etc/init.d executes the S and K scripts upon change
+# of runlevel.
+#
+# Runlevel 0 is halt.
+# Runlevel 1 is single-user.
+# Runlevels 2-5 are multi-user.
+# Runlevel 6 is reboot.
+
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+
+# What to do when CTRL-ALT-DEL is pressed.
+ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
+
+# Action on special keypress (ALT-UpArrow).
+#kb::kbrequest:/bin/echo "Keyboard Request--edit /etc/inittab to let this work."
+
+# What to do when the power fails/returns.
+pf::powerwait:/etc/init.d/powerfail start
+pn::powerfailnow:/etc/init.d/powerfail now
+po::powerokwait:/etc/init.d/powerfail stop
+
+# /sbin/getty invocations for the runlevels.
+#
+# The "id" field MUST be the same as the last
+# characters of the device (after "tty").
+#
+# Format:
+#  <id>:<runlevels>:<action>:<process>
+#
+# Note that on most Debian systems tty7 is used by the X Window System,
+# so if you want to add more getty's go ahead but skip tty7 if you run X.
+#
+1:2345:respawn:/sbin/getty 38400 tty1
+#2:23:respawn:/sbin/getty 38400 tty2
+#3:23:respawn:/sbin/getty 38400 tty3
+#4:23:respawn:/sbin/getty 38400 tty4
+#5:23:respawn:/sbin/getty 38400 tty5
+#6:23:respawn:/sbin/getty 38400 tty6
+
+# Example how to put a getty on a serial line (for a terminal)
+#
+#T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
+#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
+
+# Example how to put a getty on a modem line.
+#
+#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
+
+T0:2345:respawn:/sbin/getty -L ttyS0 115200 linux
diff --git a/packages/torouter-prep/configs/interfaces b/packages/torouter-prep/configs/interfaces
index d1a5fa6..903bdb4 100644
--- a/packages/torouter-prep/configs/interfaces
+++ b/packages/torouter-prep/configs/interfaces
@@ -30,9 +30,9 @@ iface uap0 inet static
 	broadcast 172.16.23.255
         pre-up ifconfig uap0 hw ether 00:66:66:66:66:66
         post-up /etc/init.d/tor reload
-        #post-up /etc/init.d/udhcpd restart
         post-up /etc/init.d/dnsmasq restart
-        post-up /root/tor-wireless-firewall.sh
-	post-up /root/uaputl/uaputl sys_cfg_ssid "torproject" 
-	post-up /root/uaputl/uaputl bss_start 
-        pre-down /root/uaputl/uaputl bss_stop
+        post-up /etc/init.d/ttdnsd restart
+	post-up /usr/bin/uaputl sys_cfg_ssid "torproject" 
+	post-up /usr/bin/uaputl bss_start 
+        post-up /usr/share/torouter-prep/example-configs/tor-wireless-firewall.sh
+        pre-down /usr/bin/uaputl bss_stop
diff --git a/packages/torouter-prep/configs/modprobe.d-blacklist.conf b/packages/torouter-prep/configs/modprobe.d-blacklist.conf
new file mode 100644
index 0000000..87c6fbe
--- /dev/null
+++ b/packages/torouter-prep/configs/modprobe.d-blacklist.conf
@@ -0,0 +1,26 @@
+# This file lists modules which will not be loaded as the result of
+# alias expansion, with the purpose of preventing the hotplug subsystem
+# to load them. It does not affect autoloading of modules by the kernel.
+# This file is provided by the udev package.
+
+# evbug is a debug tool and should be loaded explicitly
+blacklist evbug
+
+# these drivers are very simple, the HID drivers are usually preferred
+blacklist usbmouse
+blacklist usbkbd
+
+# replaced by e100
+blacklist eepro100
+
+# replaced by tulip
+blacklist de4x5
+
+# replaced by tmscsim
+blacklist am53c974
+
+# these watchdog drivers break some systems
+blacklist iTCO_wdt
+
+
+blacklist ipv6
diff --git a/packages/torouter-prep/configs/ntp.conf b/packages/torouter-prep/configs/ntp.conf
new file mode 100644
index 0000000..cb7d021
--- /dev/null
+++ b/packages/torouter-prep/configs/ntp.conf
@@ -0,0 +1,55 @@
+# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
+
+driftfile /var/lib/ntp/ntp.drift
+
+
+# Enable this if you want statistics to be logged.
+#statsdir /var/log/ntpstats/
+
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+
+
+# You do need to talk to an NTP server or two (or three).
+#server ntp.your-provider.example
+
+# pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
+# pick a different set every time it starts up.  Please consider joining the
+# pool: <http://www.pool.ntp.org/join.html>
+server 0.debian.pool.ntp.org iburst
+server 1.debian.pool.ntp.org iburst
+server 2.debian.pool.ntp.org iburst
+server 3.debian.pool.ntp.org iburst
+
+
+# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
+# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
+# might also be helpful.
+#
+# Note that "restrict" applies to both servers and clients, so a configuration
+# that might be intended to block requests from certain clients could also end
+# up blocking replies from your own upstream servers.
+
+# By default, exchange time with everybody, but don't allow configuration.
+restrict -4 default kod notrap nomodify nopeer noquery
+restrict -6 default kod notrap nomodify nopeer noquery
+
+# Local users may interrogate the ntp server more closely.
+restrict 127.0.0.1
+restrict ::1
+
+# Clients from this (example!) subnet have unlimited access, but only if
+# cryptographically authenticated.
+#restrict 192.168.123.0 mask 255.255.255.0 notrust
+
+
+# If you want to provide time to your local subnet, change the next line.
+# (Again, the address is an example only.)
+#broadcast 192.168.123.255
+
+# If you want to listen to time broadcasts on your local subnet, de-comment the
+# next lines.  Please do this only if you trust everybody on the network!
+#disable auth
+#broadcastclient
diff --git a/packages/torouter-prep/configs/torrc b/packages/torouter-prep/configs/torrc
index b4c5de3..7a12e73 100644
--- a/packages/torouter-prep/configs/torrc
+++ b/packages/torouter-prep/configs/torrc
@@ -35,7 +35,7 @@ SocksListenAddress 127.0.0.1 # accept connections only from localhost
 ## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
 Log notice file /var/log/tor/notices.log
 ## Send every possible message to /var/log/tor/debug.log
-Log debug file /var/log/tor/debug.log
+#Log debug file /var/log/tor/debug.log
 ## Use the system log instead of Tor's logfiles
 #Log notice syslog
 ## To send all messages to stderr:
@@ -67,8 +67,9 @@ DataDirectory /var/lib/tor
 ## HiddenServicePort x y:z says to redirect requests on port x to the
 ## address y:z.
 
-HiddenServiceDir /var/lib/tor/hidden_service/
-HiddenServicePort 22 127.0.0.1:22
+# Uncomment this to allow ssh access to the Torouter over your own Hidden Service
+#HiddenServiceDir /var/lib/tor/hidden_service/
+#HiddenServicePort 22 127.0.0.1:22
 
 #HiddenServiceDir /var/lib/tor/other_hidden_service/
 #HiddenServicePort 80 127.0.0.1:80
@@ -78,16 +79,15 @@ HiddenServicePort 22 127.0.0.1:22
 #
 ## See https://www.torproject.org/docs/tor-doc-relay for details.
 
-## Required: what port to advertise for incoming Tor connections.
-ORPort 9001 
+### Required: what port to advertise for incoming Tor connections.
+ORPort 9001
 ## If you want to listen on a port other than the one advertised
 ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the
 ## line below too. You'll need to do ipchains or other port forwarding
 ## yourself to make this work.
 #ORListenAddress 0.0.0.0:9090
-
-## A handle for your relay, so people don't have to refer to it by key.
-#Nickname ididnteditheconfig
+#ORListenAddress 0.0.0.0:9090
+Nickname Torouter
 
 ## The IP address or full DNS name for your relay. Leave commented out
 ## and Tor will guess.
@@ -150,9 +150,10 @@ ORPort 9001
 ## ISP is filtering connections to all the known Tor relays, they probably
 ## won't be able to block all the bridges. Also, websites won't treat you
 ## differently because they won't know you're running Tor. If you can
-## be a real relay, please do; but if not, be a bridge!
-#BridgeRelay 1
+# be a real relay, please do; but if not, be a bridge!
 ExitPolicy reject *:*
+ExitPolicy accept *:*
+
 
 AvoidDiskWrites 1
 
@@ -160,14 +161,16 @@ AvoidDiskWrites 1
 VirtualAddrNetwork 10.192.0.0/10
 AutomapHostsOnResolve 1
 TransPort 9040
-TransListenAddress 172.16.23.1 
+TransListenAddress 172.16.23.1
 DNSPort 5353
-DNSListenAddress 172.16.23.1 
+DNSListenAddress 172.16.23.1
+DNSListenAddress 127.0.0.1:53
 
 User debian-tor
 
-PortForwarding 1
-PortForwardingHelper /usr/local/bin/tor-fw-helper
+# By default we do not have PortForwarding support
+# PortForwarding 1
+# PortForwardingHelper /usr/local/bin/tor-fw-helper
 
 PIDFile /var/run/tor/tor.pid
 
diff --git a/packages/torouter-prep/configs/ttdnsd-default b/packages/torouter-prep/configs/ttdnsd-default
new file mode 100755
index 0000000..0a22bc4
--- /dev/null
+++ b/packages/torouter-prep/configs/ttdnsd-default
@@ -0,0 +1,17 @@
+# /etc/default/ttdnsd
+
+# Address to bind to - usually this should be 127.0.0.1
+# unless a copy of ttdnsd runs on 127.0.0.n
+ADDR_ARG="-b 172.16.23.1"
+
+# Port to listen on - almost always this should be port 53
+# unless an additional local DNS cache (like unbound, dnscache, pdnsd)
+# listen on port 53 as system resolver and is used in front of ttdnsd
+# for caching purposes.
+PORT_ARG="-p 5354"
+
+# Debug logging
+# DEBUG_LOGGING="-l"
+
+# Glue all of it together below
+DEFAULTS="$ADDR_ARG $PORT_ARG"
-- 
cgit v1.2.3