mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-22 20:41:26 +00:00
security/dns-proxy-tor
security/trans-proxy-tor: trans-proxy-tor is rendered obsolete by Tor\'s TransPort option (currently only available in tor-devel) Approved by: maintainer
This commit is contained in:
parent
4eba9b4e2b
commit
604e70e0af
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=239202
2
MOVED
2
MOVED
@ -4136,3 +4136,5 @@ lang/tinycobol||2009-08-08|Has expired: no longer being developed; consider usin
|
||||
net/ppptraf||2009-08-08|Removed: "author has abandoned this program"
|
||||
www/zope-guf||2009-08-08|Removed: "no longer being developed: use SimpleUserFolder or exUserFolder instead"
|
||||
misc/xenmenu||2009-08-08|Removed: Project abandoned in 1998
|
||||
security/dns-proxy-tor||2009-08-09|Removed
|
||||
security/trans-proxy-tor||2009-08-09|Removed: trans-proxy-tor is rendered obsolete by Tor\'s TransPort option (currently only available in tor-devel)
|
||||
|
@ -101,7 +101,6 @@
|
||||
SUBDIR += distcache
|
||||
SUBDIR += distcache-devel
|
||||
SUBDIR += dmitry
|
||||
SUBDIR += dns-proxy-tor
|
||||
SUBDIR += donkey
|
||||
SUBDIR += doorman
|
||||
SUBDIR += doscan
|
||||
@ -818,7 +817,6 @@
|
||||
SUBDIR += tlswrap
|
||||
SUBDIR += tor
|
||||
SUBDIR += tor-devel
|
||||
SUBDIR += trans-proxy-tor
|
||||
SUBDIR += trinokiller
|
||||
SUBDIR += tripwire
|
||||
SUBDIR += tripwire-131
|
||||
|
@ -1,75 +0,0 @@
|
||||
# ports collection makefile for: dns-proxy-tor
|
||||
# Date created: 2006-06-11
|
||||
# Whom: Fabian Keil <fk@fabiankeil.de>
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PORTNAME= dns-proxy-tor
|
||||
PORTVERSION= 0.1.0
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= security dns
|
||||
MASTER_SITES= http://p56soo2ibjkx23xo.onion/ \
|
||||
http://www.fabiankeil.de/sourcecode/freebsd/
|
||||
DISTNAME= trans-proxy-tor-${PORTVERSION}
|
||||
|
||||
MAINTAINER= fk@fabiankeil.de
|
||||
COMMENT= Resolves DNS requests through Tor
|
||||
|
||||
USE_PERL5_RUN= yes
|
||||
USE_RC_SUBR= ${PORTNAME}
|
||||
|
||||
NO_BUILD= yes
|
||||
|
||||
SUB_FILES= pkg-message
|
||||
|
||||
HAVE_TOR!= if pkg_info -I tor-\* >/dev/null 2>&1 ; then ${ECHO} YES; fi
|
||||
|
||||
.if (${HAVE_TOR} == "YES")
|
||||
HAVE_TOR_DEVEL!= if pkg_info -I tor-devel\* >/dev/null 2>&1 ; then ${ECHO} YES; fi
|
||||
|
||||
.if (${HAVE_TOR_DEVEL} == "YES")
|
||||
OPTIONS= TOR_DEVEL "Depend on tor-devel (already installed)" On
|
||||
.else
|
||||
OPTIONS= TOR "Depend on tor (already installed)" On
|
||||
.endif
|
||||
|
||||
.else
|
||||
|
||||
OPTIONS= TOR_DEVEL "Depend on tor-devel" On \
|
||||
TOR "Depend on tor" Off
|
||||
|
||||
.endif
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if defined(WITH_TOR_DEVEL)
|
||||
.if defined(WITH_TOR)
|
||||
IGNORE= cannot depend on tor and tor-devel at the same time
|
||||
.endif
|
||||
RUN_DEPENDS+= ${LOCALBASE}/bin/tor:${PORTSDIR}/security/tor-devel
|
||||
.elif defined(WITH_TOR)
|
||||
RUN_DEPENDS+= ${LOCALBASE}/bin/tor:${PORTSDIR}/security/tor
|
||||
.endif
|
||||
|
||||
pre-install:
|
||||
PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
|
||||
|
||||
do-install:
|
||||
${INSTALL} ${WRKSRC}/${PORTNAME} ${PREFIX}/bin/
|
||||
|
||||
.if !defined(NOPORTDOCS)
|
||||
${MKDIR} ${DOCSDIR}
|
||||
.for file in LICENSE README changelog filter-examples
|
||||
${INSTALL_MAN} ${WRKSRC}/${file} ${DOCSDIR}
|
||||
.endfor
|
||||
${CHOWN} -R _dns-proxy-tor:_dns-proxy-tor ${DOCSDIR}
|
||||
|
||||
.endif
|
||||
|
||||
post-install:
|
||||
${MKDIR} ${PREFIX}/var/run/${PORTNAME}
|
||||
${CHOWN} _dns-proxy-tor:_dns-proxy-tor ${PREFIX}/var/run/${PORTNAME}
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
|
||||
.include <bsd.port.post.mk>
|
@ -1,3 +0,0 @@
|
||||
MD5 (trans-proxy-tor-0.1.0.tar.gz) = 8466ce417405a60394c22bdc2b837d43
|
||||
SHA256 (trans-proxy-tor-0.1.0.tar.gz) = 876b6ff00cc2b60e432ffd19aae09e0fcf509ae11977b1ac73894052e9946717
|
||||
SIZE (trans-proxy-tor-0.1.0.tar.gz) = 25752
|
@ -1,70 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# PROVIDE: dns-proxy-tor
|
||||
# REQUIRE: tor
|
||||
# BEFORE: LOGIN
|
||||
#
|
||||
# This rc script understands the following options which are read from /etc/rc.conf:
|
||||
#
|
||||
# dns_proxy_tor_enable (bool): Set to "NO" by default.
|
||||
# Set it to "YES" to enable dns-proxy-tor.
|
||||
# dns_proxy_tor_user (str): dns-proxy-tor Daemon user. Default is _dns-proxy-tor.
|
||||
# dns_proxy_tor_group (str): dns-proxy-tor Daemon group. Default is _dns-proxy-tor.
|
||||
# dns_proxy_tor_start_privileged (bool): Set to "NO" by default. If set to "YES", dns-proxy-tor
|
||||
# will be started as root and drop privileges itself.
|
||||
# You need to set this option if you want dns-proxy-tor
|
||||
# to bind to a reserved port. Do not set dns_proxy_user
|
||||
# to "root".
|
||||
# dns_proxy_tor_bind_port (str): Set to 5353 by default.
|
||||
# dns_proxy_tor_socks_resolve (bool): Set to "NO" by default.
|
||||
# Set it to "YES" to let dns-proxy-tor return real
|
||||
# IP adresses instead of virtual ones that only work
|
||||
# through Tor.
|
||||
# dns_proxy_tor_logfile (str): Default is "/var/log/dns-proxy-tor.log". Created if necessary.
|
||||
# dns_proxy_tor_loglevel (str): Default is "info". For other values read perldoc dns-proxy-tor.
|
||||
#
|
||||
# dns_proxy_tor_ctrl_addr_and_port( str): Tor's IP and control port. Default is "127.0.0.1:9051".
|
||||
# dns_proxy_tor_socks_addr_and_port(str): Tor's IP and socks port. Default is "127.0.0.1:9050".
|
||||
|
||||
. %%RC_SUBR%%
|
||||
|
||||
name="dns_proxy_tor"
|
||||
rcvar=${name}_enable
|
||||
command_interpreter="/usr/bin/perl"
|
||||
load_rc_config ${name}
|
||||
|
||||
: ${dns_proxy_tor_enable="NO"}
|
||||
: ${dns_proxy_tor_user="_dns-proxy-tor"}
|
||||
: ${dns_proxy_tor_group="_dns-proxy-tor"}
|
||||
: ${dns_proxy_tor_bind_addr="127.0.0.1"}
|
||||
: ${dns_proxy_tor_bind_port="5353"}
|
||||
: ${dns_proxy_tor_start_privileged="NO"}
|
||||
: ${dns_proxy_tor_logfile="/var/log/dns-proxy-tor.log"}
|
||||
: ${dns_proxy_tor_loglevel="info"}
|
||||
: ${dns_proxy_tor_socks_resolve="NO"}
|
||||
: ${dns_proxy_tor_ctrl_addr_and_port="127.0.0.1:9051"}
|
||||
: ${dns_proxy_tor_socks_addr_and_port="127.0.0.1:9050"}
|
||||
: ${pidfile="%%PREFIX%%/var/run/dns-proxy-tor/dns-proxy-tor.pid"}
|
||||
|
||||
start_precmd="if [ ! -e ${dns_proxy_tor_logfile} ]; then\
|
||||
echo Creating ${dns_proxy_tor_logfile};\
|
||||
touch ${dns_proxy_tor_logfile};\
|
||||
chown ${dns_proxy_tor_user}:${dns_proxy_tor_group} ${dns_proxy_tor_logfile};\
|
||||
fi"
|
||||
|
||||
command="%%PREFIX%%/bin/dns-proxy-tor"
|
||||
command_args="-b ${dns_proxy_tor_bind_addr}:${dns_proxy_tor_bind_port} -p ${pidfile}\
|
||||
-v ${dns_proxy_tor_loglevel} -l ${dns_proxy_tor_logfile} -t ${dns_proxy_tor_ctrl_addr_and_port}"
|
||||
|
||||
if [ x$dns_proxy_tor_socks_resolve != xNO ]; then
|
||||
command_args="${command_args} -s ${dns_proxy_tor_socks_addr_and_port}"
|
||||
fi
|
||||
|
||||
if [ x$dns_proxy_tor_start_privileged != xNO ]; then
|
||||
command_args="${command_args} -u ${dns_proxy_tor_user}:${dns_proxy_tor_user}"
|
||||
dns_proxy_tor_user="root"
|
||||
fi
|
||||
|
||||
run_rc_command "$1"
|
@ -1,48 +0,0 @@
|
||||
|
||||
Before running dns-proxy-tor you have to add:
|
||||
|
||||
ControlPort 9051
|
||||
|
||||
in Tor's configuration file (usually: %%PREFIX%%/etc/tor/torrc).
|
||||
|
||||
By default dns-proxy-tor binds to port 5353,
|
||||
you can use PF to make sure DNS requests get there:
|
||||
|
||||
# Example taken from %%DOCSDIR%%/filter-examples
|
||||
# redirect dns traffic from both into the dns proxy
|
||||
rdr pass on { lo1 $int_if } inet proto udp to port domain \
|
||||
-> 127.0.0.1 port $dns_proxy
|
||||
# reroute loopback dns queries
|
||||
pass out quick on lo0 route-to lo1 inet proto udp to port domain keep state
|
||||
# skip all other loopback traffic
|
||||
pass quick on lo0 keep state
|
||||
# reroute locally generated dns trying to leave on the external interface
|
||||
pass out on $ext_if route-to lo1 inet proto udp to port domain keep state
|
||||
|
||||
Add:
|
||||
|
||||
cloned_interfaces="lo1"
|
||||
ifconfig_lo1="127.0.0.2 up"
|
||||
|
||||
to /etc/rc.conf to create and configure lo1 on boot, add
|
||||
|
||||
dns_proxy_tor_enable="YES"
|
||||
|
||||
to start dns-proxy-tor on boot as well. If you want dns-proxy-tor
|
||||
to bind to the standard port 53, additionally use:
|
||||
|
||||
dns_proxy_tor_start_privileged="YES"
|
||||
dns_proxy_tor_bind_port="53"
|
||||
|
||||
Have a look at %%PREFIX%%/etc/rc.d/dns-proxy-tor
|
||||
to see the other optional variables you can use.
|
||||
|
||||
dns-proxy-tor's README, LICENSE and changelog were copied to
|
||||
%%DOCSDIR%%, note that they also contain
|
||||
information about trans-proxy-tor which has its own port.
|
||||
|
||||
Run:
|
||||
|
||||
perldoc dns-proxy-tor
|
||||
|
||||
to see how to use dns-proxy-tor without the rc file.
|
@ -1,62 +0,0 @@
|
||||
#! /bin/sh
|
||||
#
|
||||
# Taken from net/cvsup-mirror
|
||||
|
||||
PATH=/bin:/usr/sbin
|
||||
|
||||
DNS_PROXY_TOR_USER=_dns-proxy-tor
|
||||
DNS_PROXY_TOR_GROUP=_dns-proxy-tor
|
||||
|
||||
ask() {
|
||||
local question default answer
|
||||
|
||||
question=$1
|
||||
default=$2
|
||||
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
|
||||
read -p "${question} [${default}]? " answer
|
||||
fi
|
||||
if [ x${answer} = x ]; then
|
||||
answer=${default}
|
||||
fi
|
||||
echo ${answer}
|
||||
}
|
||||
|
||||
yesno() {
|
||||
local dflt question answer
|
||||
|
||||
question=$1
|
||||
dflt=$2
|
||||
while :; do
|
||||
answer=$(ask "${question}" "${dflt}")
|
||||
case "${answer}" in
|
||||
[Yy]*) return 0;;
|
||||
[Nn]*) return 1;;
|
||||
esac
|
||||
echo "Please answer yes or no."
|
||||
done
|
||||
}
|
||||
|
||||
delete_account() {
|
||||
local u g home
|
||||
|
||||
u=$1
|
||||
g=$2
|
||||
if yesno "Do you want me to remove group \"${g}\"" y; then
|
||||
pw groupdel -n ${g}
|
||||
echo "Done."
|
||||
fi
|
||||
if yesno "Do you want me to remove user \"${u}\"" y; then
|
||||
eval home=~${u}
|
||||
pw userdel -n ${u}
|
||||
echo "Done."
|
||||
if [ -d "${home}" ]; then
|
||||
echo "Please remember to remove the home directory \"${home}\""
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
if [ x$2 != xDEINSTALL ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
delete_account ${DNS_PROXY_TOR_USER} ${DNS_PROXY_TOR_GROUP}
|
@ -1,9 +0,0 @@
|
||||
dns-proxy-tor is a DNS server that stops
|
||||
DNS leaks with applications that don't support
|
||||
or aren't configured to use socks4a or Tor's DNS
|
||||
resolution.
|
||||
|
||||
WWW: http://p56soo2ibjkx23xo.onion/
|
||||
(Hidden service, only accessible through Tor)
|
||||
Author: tup <tup at mailvault.com>
|
||||
License: None (dns-proxy-tor is in the public domain)
|
@ -1,36 +0,0 @@
|
||||
#!/bin/sh
|
||||
# Taken from security/tor
|
||||
|
||||
if [ x"$2" = xPRE-INSTALL ]; then
|
||||
USER="_dns-proxy-tor"
|
||||
UID="257"
|
||||
GROUP="_dns-proxy-tor"
|
||||
GID="257"
|
||||
|
||||
if /usr/sbin/pw groupshow "${GROUP}" 2>/dev/null; then
|
||||
echo "You already have a group \"${GROUP}\", so I will use it."
|
||||
else
|
||||
if /usr/sbin/pw groupadd ${GROUP} -g ${GID}; then
|
||||
echo "Added group \"${GROUP}\"."
|
||||
else
|
||||
echo "Adding group \"${GROUP}\" failed..."
|
||||
echo "Please create it, and try again."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if /usr/sbin/pw user show "${USER}" 2>/dev/null; then
|
||||
echo "You already have a user \"${USER}\", so I will use it."
|
||||
else
|
||||
if /usr/sbin/pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
|
||||
-d /nonexistent \
|
||||
-s /sbin/nologin \
|
||||
-c "dns-proxy-tor user"; then
|
||||
echo "Added user \"${USER}\"."
|
||||
else
|
||||
echo "Adding user \"${USER}\" failed..."
|
||||
echo "Please create it, and try again."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
fi
|
@ -1,9 +0,0 @@
|
||||
bin/dns-proxy-tor
|
||||
%%PORTDOCS%%%%DOCSDIR%%/LICENSE
|
||||
%%PORTDOCS%%%%DOCSDIR%%/README
|
||||
%%PORTDOCS%%%%DOCSDIR%%/changelog
|
||||
%%PORTDOCS%%%%DOCSDIR%%/filter-examples
|
||||
%%PORTDOCS%%@dirrmtry %%DOCSDIR%%
|
||||
@exec mkdir -p %D/var/run/dns-proxy-tor
|
||||
@exec chown _dns-proxy-tor:_dns-proxy-tor %D/var/run/dns-proxy-tor
|
||||
@dirrmtry var/run/dns-proxy-tor
|
@ -1,88 +0,0 @@
|
||||
# ports collection makefile for: trans-proxy-tor
|
||||
# Date created: 2006-06-11
|
||||
# Whom: Fabian Keil <fk@fabiankeil.de>
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PORTNAME= trans-proxy-tor
|
||||
PORTVERSION= 0.1.0
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= security net
|
||||
MASTER_SITES= http://p56soo2ibjkx23xo.onion/ \
|
||||
http://www.fabiankeil.de/sourcecode/freebsd/
|
||||
|
||||
MAINTAINER= fk@fabiankeil.de
|
||||
COMMENT= Transparent proxy used to redirect TCP connections into Tor
|
||||
|
||||
RUN_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/Event/Lib.pm:${PORTSDIR}/devel/p5-Event-Lib
|
||||
|
||||
USE_PERL5_RUN= yes
|
||||
USE_RC_SUBR= ${PORTNAME}
|
||||
|
||||
SUB_FILES= pkg-message
|
||||
|
||||
NO_BUILD= yes
|
||||
|
||||
DEPRECATED= trans-proxy-tor is rendered obsolete by Tor\'s TransPort option \
|
||||
(currently only available in tor-devel)
|
||||
|
||||
OPTIONS= DNS_PROXY_TOR "Depend on dns-proxy-tor" On
|
||||
|
||||
HAVE_TOR!= if pkg_info -I tor-\* >/dev/null 2>&1 ; then ${ECHO} YES; fi
|
||||
.if ${HAVE_TOR} == "YES"
|
||||
HAVE_TOR_DEVEL!= if pkg_info -I tor-devel\* >/dev/null 2>&1 ; then ${ECHO} YES; fi
|
||||
|
||||
.if ${HAVE_TOR_DEVEL} == "YES"
|
||||
OPTIONS+= TOR_DEVEL "Depend on tor-devel (already installed)" Off
|
||||
.else
|
||||
OPTIONS+= TOR "Depend on tor (already installed)" Off
|
||||
.endif
|
||||
|
||||
.else
|
||||
|
||||
OPTIONS+= TOR_DEVEL "Depend on tor-devel" Off
|
||||
OPTIONS+= TOR "Depend on tor" Off
|
||||
|
||||
.endif
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if defined(WITH_DNS_PROXY_TOR)
|
||||
RUN_DEPENDS+= ${LOCALBASE}/bin/dns-proxy-tor:${PORTSDIR}/security/dns-proxy-tor
|
||||
.endif
|
||||
|
||||
.if defined(WITH_TOR_DEVEL)
|
||||
.if defined(WITH_TOR)
|
||||
IGNORE= cannot depend on tor and tor-devel at the same time
|
||||
.endif
|
||||
|
||||
RUN_DEPENDS+= ${LOCALBASE}/bin/tor:${PORTSDIR}/security/tor-devel
|
||||
.elif defined(WITH_TOR)
|
||||
RUN_DEPENDS+= ${LOCALBASE}/bin/tor:${PORTSDIR}/security/tor
|
||||
.endif
|
||||
|
||||
.if defined(NO_PF)
|
||||
IGNORE= requires PF
|
||||
.endif
|
||||
|
||||
pre-install:
|
||||
PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
|
||||
do-install:
|
||||
${INSTALL} ${WRKSRC}/${PORTNAME} ${PREFIX}/bin/
|
||||
|
||||
.if !defined(NOPORTDOCS)
|
||||
${MKDIR} ${DOCSDIR}
|
||||
.for file in LICENSE README changelog filter-examples
|
||||
${INSTALL_MAN} ${WRKSRC}/${file} ${DOCSDIR}
|
||||
.endfor
|
||||
${CHOWN} -R _trans-proxy-tor:_trans-proxy-tor ${DOCSDIR}
|
||||
|
||||
.endif
|
||||
|
||||
post-install:
|
||||
${MKDIR} ${PREFIX}/var/run/${PORTNAME}
|
||||
${CHOWN} _trans-proxy-tor:_trans-proxy-tor ${PREFIX}/var/run/${PORTNAME}
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
|
||||
.include <bsd.port.post.mk>
|
@ -1,3 +0,0 @@
|
||||
MD5 (trans-proxy-tor-0.1.0.tar.gz) = 8466ce417405a60394c22bdc2b837d43
|
||||
SHA256 (trans-proxy-tor-0.1.0.tar.gz) = 876b6ff00cc2b60e432ffd19aae09e0fcf509ae11977b1ac73894052e9946717
|
||||
SIZE (trans-proxy-tor-0.1.0.tar.gz) = 25752
|
@ -1,39 +0,0 @@
|
||||
--- trans-proxy-tor.orig Wed Jun 21 03:17:50 2006
|
||||
+++ trans-proxy-tor Thu Jun 22 14:53:59 2006
|
||||
@@ -121,9 +121,21 @@
|
||||
|
||||
BEGIN {
|
||||
if ($^O =~ /^(?:open|net|free)bsd\z/) {
|
||||
- require 'sys/ioctl.ph';
|
||||
- require 'netinet/in.ph';
|
||||
- require 'net/pfvar.ph';
|
||||
+
|
||||
+# These perl headers can be created on FreeBSD as well,
|
||||
+# but it leads to headaches if the user compiled world
|
||||
+# and kernel without IPv6 support or has incomplete headers
|
||||
+# installed.
|
||||
+#
|
||||
+# As the port maintainer was too lazy anyway, the values
|
||||
+# for PF_OUT and IPPROTO_TCP are now hard coded instead.
|
||||
+# The information how to do that came from tun,
|
||||
+# the creator of trans-proxy-tor.
|
||||
+#
|
||||
+# require 'sys/ioctl.ph';
|
||||
+# require 'netinet/in.ph';
|
||||
+# require 'net/pfvar.ph';
|
||||
+
|
||||
*_get_original_destination = \&_get_original_destination_pf;
|
||||
if ($^O eq 'openbsd') {
|
||||
sysopen $Pf, '/dev/pf', O_RDONLY
|
||||
@@ -159,9 +171,9 @@
|
||||
|
||||
my %pnl = map { $_ => 0 } @pfioc_natlook;
|
||||
|
||||
- $pnl{direction} = PF_OUT();
|
||||
+ $pnl{direction} = 2; #PF_OUT();
|
||||
$pnl{af} = AF_INET;
|
||||
- $pnl{proto} = IPPROTO_TCP();
|
||||
+ $pnl{proto} = 6; #IPPROTO_TCP();
|
||||
|
||||
@pnl{qw/sport saddr/} = sockaddr_in $self->{client}{sockaddr};
|
||||
@pnl{qw/dport daddr/} = sockaddr_in getsockname $self->{client}{handle};
|
@ -1,49 +0,0 @@
|
||||
|
||||
trans-proxy-tor works together with PF and requires a custom
|
||||
configuration. You probably want to use one of the example configurations
|
||||
from %%DOCSDIR%%/filter-examples.
|
||||
|
||||
You will need to add:
|
||||
|
||||
cloned_interfaces="lo1"
|
||||
ifconfig_lo1="127.0.0.2 up"
|
||||
|
||||
to /etc/rc.conf to create and configure lo1 on boot,
|
||||
additionally add:
|
||||
|
||||
trans_proxy_tor_enable="YES"
|
||||
|
||||
to start trans-proxy-tor on boot as well.
|
||||
|
||||
Have a look at %%PREFIX%%/etc/rc.d/trans-proxy-tor
|
||||
to see the optional variables you can use.
|
||||
|
||||
trans-proxy-tor must be able to access /dev/pf,
|
||||
adding:
|
||||
|
||||
own pf root:_trans-proxy-tor
|
||||
perm pf 0660
|
||||
|
||||
in /etc/devfs.conf will take care of that.
|
||||
|
||||
trans-proxy-tor's README, LICENSE and changelog were copied to
|
||||
%%DOCSDIR%%.
|
||||
|
||||
Run:
|
||||
|
||||
perldoc trans-proxy-tor
|
||||
|
||||
to see how to use trans-proxy-tor without the rc file.
|
||||
|
||||
WARNING: trans-proxy-tor's purpose can easily be defeated
|
||||
by using a broken browser configuration that allows code
|
||||
execution or saves and sends cookies behind the user's back.
|
||||
Unfortunately most browser's do that by default.
|
||||
|
||||
If you aren't already using Privoxy, now would be a good time
|
||||
to start. Additionally you might want to use the minor improvements
|
||||
from: http://www.fabiankeil.de/sourcecode/privoxy/
|
||||
|
||||
Note that the broken browser configuration is just an example,
|
||||
the same is true for a lot of other programs you might be using!
|
||||
|
@ -1,49 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# PROVIDE: trans-proxy-tor
|
||||
# REQUIRE: tor dns-proxy-tor
|
||||
# BEFORE: LOGIN
|
||||
#
|
||||
# Add the following lines to /etc/rc.conf to enable dns-proxy-tor
|
||||
#
|
||||
# trans_proxy_tor_enable (bool): Set to "NO" by default.
|
||||
# Set it to "YES" to enable trans-proxy-tor
|
||||
# trans_proxy_tor_user (str): trans-proxy-tor Daemon user. Default _trans-proxy-tor
|
||||
# trans_proxy_tor_group (str): trans-proxy-tor Daemon group. Default _trans-proxy-tor
|
||||
# trans_proxy_tor_bind_port (str): Set to 1112 by default.
|
||||
# trans_proxy_tor_logfile (str): Default is "/var/log/trans-proxy-tor.log". Created if necessary.
|
||||
# trans_proxy_tor_loglevel (str): Default is "info". For other values read perldoc trans-proxy-tor.
|
||||
#
|
||||
# trans_proxy_tor_socks_addr_and_port (str): Tor's IP and socks port. Default is "127.0.0.1:9050".
|
||||
|
||||
. %%RC_SUBR%%
|
||||
|
||||
name="trans_proxy_tor"
|
||||
rcvar=${name}_enable
|
||||
load_rc_config ${name}
|
||||
command_interpreter="/usr/bin/perl"
|
||||
|
||||
: ${trans_proxy_tor_enable="NO"}
|
||||
: ${trans_proxy_tor_user="_trans-proxy-tor"}
|
||||
: ${trans_proxy_tor_group="_trans-proxy-tor"}
|
||||
: ${trans_proxy_tor_bind_addr="127.0.0.1"}
|
||||
: ${trans_proxy_tor_bind_port="1112"}
|
||||
: ${trans_proxy_tor_logfile="/var/log/trans-proxy-tor.log"}
|
||||
: ${trans_proxy_tor_loglevel="debug"}
|
||||
: ${trans_proxy_tor_socks_resolve="NO"}
|
||||
: ${trans_proxy_tor_socks_addr_and_port="127.0.0.1:9050"}
|
||||
: ${pidfile="%%PREFIX%%/var/run/trans-proxy-tor/trans-proxy-tor.pid"}
|
||||
|
||||
start_precmd="if [ ! -e ${trans_proxy_tor_logfile} ]; then\
|
||||
echo Creating ${trans_proxy_tor_logfile};\
|
||||
touch ${trans_proxy_tor_logfile};\
|
||||
chown ${trans_proxy_tor_user}:${trans_proxy_tor_group} ${trans_proxy_tor_logfile};\
|
||||
fi"
|
||||
|
||||
command="%%PREFIX%%/bin/trans-proxy-tor"
|
||||
command_args="-b ${trans_proxy_tor_bind_addr}:${trans_proxy_tor_bind_port} -p ${pidfile}\
|
||||
-v ${trans_proxy_tor_loglevel} -l ${trans_proxy_tor_logfile} -s ${trans_proxy_tor_socks_addr_and_port}"
|
||||
|
||||
run_rc_command "$1"
|
@ -1,62 +0,0 @@
|
||||
#! /bin/sh
|
||||
#
|
||||
# Taken from net/cvsup-mirror
|
||||
|
||||
PATH=/bin:/usr/sbin
|
||||
|
||||
TRANS_PROXY_TOR_USER=_trans-proxy-tor
|
||||
TRANS_PROXY_TOR_GROUP=_trans-proxy-tor
|
||||
|
||||
ask() {
|
||||
local question default answer
|
||||
|
||||
question=$1
|
||||
default=$2
|
||||
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
|
||||
read -p "${question} [${default}]? " answer
|
||||
fi
|
||||
if [ x${answer} = x ]; then
|
||||
answer=${default}
|
||||
fi
|
||||
echo ${answer}
|
||||
}
|
||||
|
||||
yesno() {
|
||||
local dflt question answer
|
||||
|
||||
question=$1
|
||||
dflt=$2
|
||||
while :; do
|
||||
answer=$(ask "${question}" "${dflt}")
|
||||
case "${answer}" in
|
||||
[Yy]*) return 0;;
|
||||
[Nn]*) return 1;;
|
||||
esac
|
||||
echo "Please answer yes or no."
|
||||
done
|
||||
}
|
||||
|
||||
delete_account() {
|
||||
local u g home
|
||||
|
||||
u=$1
|
||||
g=$2
|
||||
if yesno "Do you want me to remove group \"${g}\"" y; then
|
||||
pw groupdel -n ${g}
|
||||
echo "Done."
|
||||
fi
|
||||
if yesno "Do you want me to remove user \"${u}\"" y; then
|
||||
eval home=~${u}
|
||||
pw userdel -n ${u}
|
||||
echo "Done."
|
||||
if [ -d "${home}" ]; then
|
||||
echo "Please remember to remove the home directory \"${home}\""
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
if [ x$2 != xDEINSTALL ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
delete_account ${TRANS_PROXY_TOR_USER} ${TRANS_PROXY_TOR_GROUP}
|
@ -1,17 +0,0 @@
|
||||
trans-proxy-tor is a transparent proxy
|
||||
that uses PF to redirect TCP connections
|
||||
through Tor (http://tor.eff.org/).
|
||||
|
||||
Programs that aren't aware of Tor
|
||||
will use it without their knowledge,
|
||||
and their traffic no longer leaves the
|
||||
system unencrypted.
|
||||
|
||||
Using trans-proxy-tor makes anonymous
|
||||
net usage a lot easier, as you no longer
|
||||
have to configure every program for itself.
|
||||
|
||||
WWW: http://p56soo2ibjkx23xo.onion/
|
||||
(Hidden service, only accessible through Tor)
|
||||
Author: tup <tup at mailvault.com>
|
||||
License: None (trans-proxy-tor is in the public domain)
|
@ -1,36 +0,0 @@
|
||||
#!/bin/sh
|
||||
# Taken from security/tor
|
||||
|
||||
if [ x"$2" = xPRE-INSTALL ]; then
|
||||
USER="_trans-proxy-tor"
|
||||
UID="258"
|
||||
GROUP="_trans-proxy-tor"
|
||||
GID="258"
|
||||
|
||||
if /usr/sbin/pw groupshow "${GROUP}" 2>/dev/null; then
|
||||
echo "You already have a group \"${GROUP}\", so I will use it."
|
||||
else
|
||||
if /usr/sbin/pw groupadd ${GROUP} -g ${GID}; then
|
||||
echo "Added group \"${GROUP}\"."
|
||||
else
|
||||
echo "Adding group \"${GROUP}\" failed..."
|
||||
echo "Please create it, and try again."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if /usr/sbin/pw user show "${USER}" 2>/dev/null; then
|
||||
echo "You already have a user \"${USER}\", so I will use it."
|
||||
else
|
||||
if /usr/sbin/pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
|
||||
-d /nonexistent \
|
||||
-s /sbin/nologin \
|
||||
-c "dns-proxy-tor user"; then
|
||||
echo "Added user \"${USER}\"."
|
||||
else
|
||||
echo "Adding user \"${USER}\" failed..."
|
||||
echo "Please create it, and try again."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
fi
|
@ -1,9 +0,0 @@
|
||||
bin/trans-proxy-tor
|
||||
%%PORTDOCS%%%%DOCSDIR%%/LICENSE
|
||||
%%PORTDOCS%%%%DOCSDIR%%/README
|
||||
%%PORTDOCS%%%%DOCSDIR%%/changelog
|
||||
%%PORTDOCS%%%%DOCSDIR%%/filter-examples
|
||||
%%PORTDOCS%%@dirrmtry %%DOCSDIR%%
|
||||
@exec mkdir -p %D/var/run/trans-proxy-tor
|
||||
@exec chown _trans-proxy-tor:_trans-proxy-tor %D/var/run/trans-proxy-tor
|
||||
@dirrmtry var/run/trans-proxy-tor
|
Loading…
Reference in New Issue
Block a user