From d2ce18954f19edccf23dddf76c737cd76ca7881e Mon Sep 17 00:00:00 2001 From: root Date: Fri, 27 May 2011 02:15:17 +0200 Subject: prepare .scripts for import into krebscode --- .pubkeys/Lassulus | 9 - .pubkeys/Shepherd | 9 - .pubkeys/alphalabs | 9 - .pubkeys/exile | 9 - .pubkeys/krebs | 9 - .pubkeys/miefda901 | 9 - .pubkeys/miefdahome | 9 - .pubkeys/miefdat | 9 - .pubkeys/pornocauster | 9 - .scripts/README | 16 - .scripts/adv_graphgen/README | 28 -- .scripts/adv_graphgen/parse.py | 91 ------ .scripts/adv_graphgen/sanitize.sh | 13 - .scripts/autostart/Makefile | 8 - .scripts/autostart/tinc | 94 ------ .scripts/tinc_multicast/retiolum | 34 -- .scripts/tinc_multicast/retiolum.py | 349 --------------------- .scripts/tinc_setup/README | 18 -- .scripts/tinc_setup/bootstrap.sh | 11 - .scripts/tinc_setup/build_arch.sh | 14 - .scripts/tinc_setup/build_debian.sh | 32 -- .scripts/tinc_setup/build_debian_clean.sh | 31 -- .scripts/tinc_setup/build_ec2.sh | 16 - .scripts/tinc_setup/build_no.de.sh | 1 - .scripts/tinc_setup/install.sh | 67 ---- Lassulus | 11 - Shepherd | 9 - UTART | 9 - alphalabs | 11 - also | 9 - c2ft | 9 - exile | 9 - kaah | 11 - krebs | 9 - miefda901 | 10 - miefdahome | 9 - miefdat | 10 - modules/retiolum/scripts/README | 16 + modules/retiolum/scripts/adv_graphgen/README | 28 ++ modules/retiolum/scripts/adv_graphgen/parse.py | 91 ++++++ modules/retiolum/scripts/adv_graphgen/sanitize.sh | 13 + modules/retiolum/scripts/autostart/Makefile | 8 + modules/retiolum/scripts/autostart/tinc | 94 ++++++ modules/retiolum/scripts/tinc_multicast/retiolum | 34 ++ .../retiolum/scripts/tinc_multicast/retiolum.py | 349 +++++++++++++++++++++ modules/retiolum/scripts/tinc_setup/README | 18 ++ modules/retiolum/scripts/tinc_setup/bootstrap.sh | 11 + modules/retiolum/scripts/tinc_setup/build_arch.sh | 14 + .../retiolum/scripts/tinc_setup/build_debian.sh | 32 ++ .../scripts/tinc_setup/build_debian_clean.sh | 31 ++ modules/retiolum/scripts/tinc_setup/build_ec2.sh | 16 + modules/retiolum/scripts/tinc_setup/build_no.de.sh | 1 + modules/retiolum/scripts/tinc_setup/install.sh | 67 ++++ no_omo | 9 - pa_sharepoint | 7 - pfleidi | 9 - pornocauster | 9 - supernode | 11 - upm | 9 - ytart | 9 - 60 files changed, 823 insertions(+), 1083 deletions(-) delete mode 100644 .pubkeys/Lassulus delete mode 100644 .pubkeys/Shepherd delete mode 100644 .pubkeys/alphalabs delete mode 100644 .pubkeys/exile delete mode 100644 .pubkeys/krebs delete mode 100644 .pubkeys/miefda901 delete mode 100644 .pubkeys/miefdahome delete mode 100644 .pubkeys/miefdat delete mode 100644 .pubkeys/pornocauster delete mode 100644 .scripts/README delete mode 100644 .scripts/adv_graphgen/README delete mode 100755 .scripts/adv_graphgen/parse.py delete mode 100755 .scripts/adv_graphgen/sanitize.sh delete mode 100644 .scripts/autostart/Makefile delete mode 100755 .scripts/autostart/tinc delete mode 100755 .scripts/tinc_multicast/retiolum delete mode 100755 .scripts/tinc_multicast/retiolum.py delete mode 100644 .scripts/tinc_setup/README delete mode 100644 .scripts/tinc_setup/bootstrap.sh delete mode 100755 .scripts/tinc_setup/build_arch.sh delete mode 100755 .scripts/tinc_setup/build_debian.sh delete mode 100755 .scripts/tinc_setup/build_debian_clean.sh delete mode 100755 .scripts/tinc_setup/build_ec2.sh delete mode 100644 .scripts/tinc_setup/build_no.de.sh delete mode 100755 .scripts/tinc_setup/install.sh delete mode 100644 Lassulus delete mode 100644 Shepherd delete mode 100644 UTART delete mode 100644 alphalabs delete mode 100644 also delete mode 100644 c2ft delete mode 100644 exile delete mode 100644 kaah delete mode 100644 krebs delete mode 100644 miefda901 delete mode 100644 miefdahome delete mode 100644 miefdat create mode 100644 modules/retiolum/scripts/README create mode 100644 modules/retiolum/scripts/adv_graphgen/README create mode 100755 modules/retiolum/scripts/adv_graphgen/parse.py create mode 100755 modules/retiolum/scripts/adv_graphgen/sanitize.sh create mode 100644 modules/retiolum/scripts/autostart/Makefile create mode 100755 modules/retiolum/scripts/autostart/tinc create mode 100755 modules/retiolum/scripts/tinc_multicast/retiolum create mode 100755 modules/retiolum/scripts/tinc_multicast/retiolum.py create mode 100644 modules/retiolum/scripts/tinc_setup/README create mode 100644 modules/retiolum/scripts/tinc_setup/bootstrap.sh create mode 100755 modules/retiolum/scripts/tinc_setup/build_arch.sh create mode 100755 modules/retiolum/scripts/tinc_setup/build_debian.sh create mode 100755 modules/retiolum/scripts/tinc_setup/build_debian_clean.sh create mode 100755 modules/retiolum/scripts/tinc_setup/build_ec2.sh create mode 100644 modules/retiolum/scripts/tinc_setup/build_no.de.sh create mode 100755 modules/retiolum/scripts/tinc_setup/install.sh delete mode 100644 no_omo delete mode 100644 pa_sharepoint delete mode 100644 pfleidi delete mode 100644 pornocauster delete mode 100644 supernode delete mode 100644 upm delete mode 100644 ytart diff --git a/.pubkeys/Lassulus b/.pubkeys/Lassulus deleted file mode 100644 index b782f07f..00000000 --- a/.pubkeys/Lassulus +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj1PCibKOfF68gmFQ+ww -yfhUWpqKqpznrJX1dZ+daae7l7nBHvsEH0QwkiMmk3aZy1beq3quM6gX13aT+/wM -fWnLyuvT11T5C9JEf/IS91STpM2BRN+R+P/DhbuDcW4UsdEe6uwQDGEJbXRN5ZA7 -GI0bmcYcwHJ9SQmW5v7P9Z3oZ+09hMD+1cZ3HkPN7weSdMLMPpUpmzCsI92cXGW0 -xRC4iBEt1ZeBwjkLCRsBFBGcUMuKWwVa9sovca0q3DUar+kikEKVrVy26rZUlGuB -LobMetDGioSawWkRSxVlfZvTHjAK5JzUO6y6hj0yQ1sp6W2JjU8ntDHf63aM71dB -9QIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/Shepherd b/.pubkeys/Shepherd deleted file mode 100644 index 8939b894..00000000 --- a/.pubkeys/Shepherd +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW0Pbgvl+hATKqQR6H4y -Pg1kphMsxrXvh/CMQY8dXVVD2mDWBHaLY/yXCanDxyYRGu80SVwdIUWQIwjGD0Si -ESRGqABl2qPsD1uIbbqI5SlSwzb8UrJk+oCszLxZrhD14HWTjAduQ5GcBNZ8Ht13 -3rR07s+XRAYcKJOMauod3yD3g3IfZw6L/MAQ8GSptSa+JPm5Kk1/QBZi8oH0aIse -aVH9b6l8+P27LwxdwJG+S/82iKOUvszwqocqNbKJ0iySs3ZPZTDpKa/MPAN9H/m/ -OqM66w6IG4iwIttqix5mET+kM2TUaH29tApWA1ChYy61aKBykdcT+IbJHl/0unOU -6QIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/alphalabs b/.pubkeys/alphalabs deleted file mode 100644 index d44083f9..00000000 --- a/.pubkeys/alphalabs +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUAbMmmOFn+4kOvJAvmi -0R/XCQa1YBlkjUvC6Pmt0Q8gV1DodXjBDgwP8yhLcxaVy2Hk82aJvNTUrfMeB2sd -t1RJHQiEPQkHthdp8Spm0Px4uTiMjmFBev91xi00eCCGIKsXdh/qso1K7EDHt9ME -VHOvSlkawWzoyJ6AaHStW1ElwDdGjZpl0YWrhx4Gk5X7pCp3LKkQJFfGtqoqGOVg -2JjqK3qMsAdRo6QvYDqjFzARed/D0k55kcKXjBJAVxoU/CqGfS/Lr0fL8tdYgXaA -XvPO9dbr1t0KyOUY2KRNBePeSvRp/etbH0LBPsO9F7PQiPI3DBoWCYgsuj/hBXap -vwIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/exile b/.pubkeys/exile deleted file mode 100644 index 76fefb05..00000000 --- a/.pubkeys/exile +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H+DslKV6EDCZWBCJs+M -FyvTR9Ej0yWthIHKzFrA4qI8rxskrGGPxhb16keQLPCAgBVVVmikh3pQVMq1K6ry -5Of0uM7rU7crBzRfJ8zpGZXfYlBDFDAdVg8wwDvEYsYCAKrZbYIKb88WR0mT7K47 -ipTbXd9utzmoWGa/SuGtPkYOigcWYMRN4QClPDLdICQvdohVvfd7/LXRNuwrWOJc -mtLitTEZY9lo2hhv+ZKs7PBrmpTBhTMYN2Et69tVPQh1t7cljf3Esij5AUczv979 -C9Lvukj8Kb51Et0T9qcGAs/M3b64X7FOKjWVVQttj3AkjgLZ5OdYlm7uRRmYmKQ9 -5wIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/krebs b/.pubkeys/krebs deleted file mode 100644 index 8a58ee7e..00000000 --- a/.pubkeys/krebs +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6vUmUL8w8r2gUTpUF8Q -Wx0U3nzDPao2I7l0WU1NnGcR8DVug7YN595guvDkRGcM4eYGizgVYVvDCmjTQRXR -n57ucVud2bGE1NGtdomVs6wggpgzLiafm9BJwsigoCyMv+8ewGfc+D10TupulcIi -ZSp/RAewYlX0rhmgdsEGnCt+TWvXRsIakY1pvt4YeKjs2ctib3OmaPuNokK4ophx -SpdZ5arjHCaiVMj2O6pPAQbU7WFY63FwUP64cAmtqBM+uMteT7bdG1jT3KZS6W7D -y8rIBd+pp+vB656A5PhrDcGEUMFSXqPDBwIxhV7OAejSn4XjrZyd5eNtMOQKopIM -QwIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/miefda901 b/.pubkeys/miefda901 deleted file mode 100644 index 740af30d..00000000 --- a/.pubkeys/miefda901 +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbEYmHf0vEDYa/2aVvWV -xEGgC+JJlXcArdxkQooSIpnZfSAfsH0SMFz8v7UkM7EJSwDsFWf+gxyoAORdFpdQ -m+XQoDqWVZ1e0isYtNluP2C/51s3lu2FkVLZ+86el7zd4unHG+6CHmyaBcO5yV6V -U8WFeuinB2+ojnujOWlHgOipMOrxsab8vwcH/0k/iR9BjH9xzo+kwhzqG0plLkQn -vsvVyDN/gQj0Euz6YHfgo5c2gxQKKH7hBv6prIxCbpY7WMMtg0z+OlyGkQefVRl1 -8kZwoNtOFlh5NBe7imYcH+wyhhQ9rqnNVoHpJw4lNOuWfy3Af28kYDQ7KnPGYFq4 -nwIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/miefdahome b/.pubkeys/miefdahome deleted file mode 100644 index 8e453787..00000000 --- a/.pubkeys/miefdahome +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopwKn000XAcoI61OqQ7c -jgrPHm/jHmuB1LHeCUggWMOD78WDFNzq8/l9ASlU9kbSZFhoMuBR5BPWgciYWsC1 -EqY1nRAc/Si1rUHnJw+Xcyl0MNsZ7CefWaFRvC1VNC3qlQp5/e+fi46oOp4i+Bql -FSxe7Jrr0EVyBVTOw8rMGToqDsOih6M9SFvmVMOnqh7n8LEOUtAL4nID59k7CTXz -oNhXc0cEJoBkC2YCexonb4ru/J8F2BRGY3yzHYVskBrrPie1JNhfUHGCABIbtODT -iHQYH8NFTYzdBnVV88IWqiTBbmKcRf+jzEyGyXu/3YLFfjmsi7ysT+BWLIPvkyr7 -/wIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/miefdat b/.pubkeys/miefdat deleted file mode 100644 index 07ffc57e..00000000 --- a/.pubkeys/miefdat +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCestFRcrr10nzSzc1l4 -Flkv6ZG5ijGneZBeDaP+bB3GhFx0BYzPCQjcCFTcExVVAorknjX1/rjT60+dSBuJ -oH/pEeloPowtwm6YVgfhcQD/5qRHmAPFSs1pdiTVtyi0BmcqDGoOTcR/tR4v2LBE -DnxK89wWIFWbeDeR6UyjD2psbFBal8ZdTmkuBTg1OGPVhB+BmuKSqPBt6AtLV+0f -KHdrTOVNwF2W/8lCVTd3uCVtnUEeTLrWKA8h9C0K2gAxxhJTF3pJtR/YQPpgwXRg -3CfzMKsvHNOsqfMnnk/WFM0vrSJSi2ElxCD5Pm/BPZyA8B4vhz8im4hWofOP2/Ji -NwIDAQAB ------END PUBLIC KEY----- diff --git a/.pubkeys/pornocauster b/.pubkeys/pornocauster deleted file mode 100644 index 18e45a73..00000000 --- a/.pubkeys/pornocauster +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnztrijsfao+fmNtwAjqw -IDKsRaMP3ECsq2T2zqKvxwCyXk69G9bGRFhWjgaawS9ZhnHSlgWK/vtoR0O9Nxpz -dU/mvdQijbVGxM02DegjO9qDSIe8EGmAkscW4nDqYtw4rtjOVPfnNiWXbcWD8eiY -R0kcSWmSvfOpVvdhTETqduTx5HRHyEFDJRQYR/tJSvVWXmM670PENAPNJFJ4VSJR -60s5A+bFT7J/uw7HzJXX28LygJz73Dj22a4ev0WcZQngLq072h/91R/TOpg+ogUD -VhXkQtKyFj7im0287JTL4bXGofZBhzaf+h9dFGs1QLoNyhG/cgt9fog7boSXTelA -iQIDAQAB ------END PUBLIC KEY----- diff --git a/.scripts/README b/.scripts/README deleted file mode 100644 index 4dbb42af..00000000 --- a/.scripts/README +++ /dev/null @@ -1,16 +0,0 @@ -This Folder contains all the cool scripts created for tinc_retiolum - -currently the following functions are deployed: - -adv_graphgen/ - makefu - this folder contains a script suite which parses the interesting - parameters from the syslog file by sending SIGUSR2 to the tinc process - -tinc_multicast/ - Miefda,Lassulus - A tinc multicast script suite which provides automagic-discovery in a - local network by utilizing multicast - -tinc_setup/ - makefu (i am so sorry...) - A number of scripts which build and configure tinc on a local machine. - Core is the install.sh script which actually writes the configuration - and creates users as well as private/public keys diff --git a/.scripts/adv_graphgen/README b/.scripts/adv_graphgen/README deleted file mode 100644 index 082e0f2b..00000000 --- a/.scripts/adv_graphgen/README +++ /dev/null @@ -1,28 +0,0 @@ -The folder contains a number of scripts which provide a convenient way to -generate advanced graphs from the SIGUSR2 output of tinc. - -it currently contains the following files: - -sanitize.sh: - wrapper arond parse.py which filters the syslog file for all tinc - related lines and removes the status informations: - this means that - - May 19 20:40:44 servarch dnsmasq[5382]: reading /etc/resolv.conf - May 19 20:41:38 servarch tinc.retiolum[4780]: Error looking up pa-sharepoint.informatik.ba-stuttgart.de port 655: Name or service not known - - becomes - - Error looking up pa-sharepoint.informatik.ba-stuttgart.de port 655: Name or service not known - - and so on. - It also provides a wrapper around graphviz which automagically - generates graphs from the produced graph file - -parse.py: - reads from stdin the sanitized syslog file and prints a valid dot file - from the given output. - The parser module may also produce any other output (e.g. for dns - entries and so on) you will need to actually read and modify the source - in order to be able to do this. ~May the source be with you~ - diff --git a/.scripts/adv_graphgen/parse.py b/.scripts/adv_graphgen/parse.py deleted file mode 100755 index 04b42c33..00000000 --- a/.scripts/adv_graphgen/parse.py +++ /dev/null @@ -1,91 +0,0 @@ -#!/usr/bin/python2 -# -*- coding: utf8 -*- - -import sys -""" TODO: Refactoring needed to pull the edges out of the node structures again, -it should be easier to handle both structures""" - -def write_digraph(nodes): - """ - writes the complete digraph in dot format - """ - print ('digraph retiolum {') - print (' node[shape=box,style=filled,fillcolor=grey]') - generate_stats(nodes) - merge_edges(nodes) - for k,v in nodes.iteritems(): - write_node(k,v) - print ('}') -def generate_stats(nodes): - """ Generates some statistics of the network and nodes - """ - for k,v in nodes.iteritems(): - v['num_conns'] = len(v.get('to',[])) - -def merge_edges(nodes): - """ merge back and forth edges into one - DESTRUCTS the current structure by deleting "connections" in the nodes - - """ - for k,v in nodes.iteritems(): - for con in v.get('to',[]): - for i,secon in enumerate(nodes[con['name']].get('to',[])): - if k == secon['name']: - del (nodes[con['name']]['to'][i]) - con['bidirectional'] = True - - -def write_node(k,v): - """ writes a single node and its edges - edges are weightet with the informations inside the nodes provided by - tinc - """ - node = " "+k+"[label=\"" - node += k+"\\l" - node += "external:"+v['external-ip']+":"+v['external-port']+"\\l" - if v.has_key('num_conns'): - node += "Num Connects:"+str(v['num_conns'])+"\\l" - - node += "internal:"+v.get('internal-ip','¯\\\\(°_o)/¯')+"\\l\"" - if v['external-ip'] == "MYSELF": - node += ",fillcolor=steelblue1" - node += "]" - print (node) - for con in v.get('to',[]): - edge = " "+k+ " -> " +con['name'] + "[weight="+str(float(con['weight'])) - if con.get('bidirectional',False): - edge += ",dir=both" - edge += "]" - print edge - -def parse_input(): - nodes={} - for line in sys.stdin: - line = line.replace('\n','') - if line == 'Nodes:': - nodes={} - for line in sys.stdin: - if line == 'End of nodes.\n': - break - l = line.replace('\n','').split() #TODO unhack me - nodes[l[0]]= { 'external-ip': l[2], 'external-port' : l[4] } - if line == 'Subnet list:': - for line in sys.stdin: - if line == 'End of subnet list.\n': - break - l = line.replace('\n','').split() - nodes[l[2]]['internal-ip'] = l[0].split('#')[0] - if line == 'Edges:': - edges = {} - for line in sys.stdin: - if line == 'End of edges.\n': - break - l = line.replace('\n','').split() - - if not nodes[l[0]].has_key('to') : - nodes[l[0]]['to'] = [] - nodes[l[0]]['to'].append( - {'name':l[2],'addr':l[4],'port':l[6],'weight' : l[10] }) - return nodes -nodes = parse_input() -write_digraph(nodes) diff --git a/.scripts/adv_graphgen/sanitize.sh b/.scripts/adv_graphgen/sanitize.sh deleted file mode 100755 index 88591b67..00000000 --- a/.scripts/adv_graphgen/sanitize.sh +++ /dev/null @@ -1,13 +0,0 @@ -GRAPH_SETTER1=dot -GRAPH_SETTER2=circo -LOG_FILE=/var/log/everything.log -OPENER=/bin/true - -sudo pkill -USR2 tincd -sudo sed -n '/tinc.retiolum/{s/.*tinc.retiolum\[[0-9]*\]: //gp}' $LOG_FILE |\ - ./parse.py > retiolum.dot - -$GRAPH_SETTER1 -Tpng -o $1retiolum_1.png retiolum.dot -$GRAPH_SETTER2 -Tpng -o $1retiolum_2.png retiolum.dot -$OPENER retiolum_1.png &>/dev/null -rm retiolum.dot diff --git a/.scripts/autostart/Makefile b/.scripts/autostart/Makefile deleted file mode 100644 index 7ca589e1..00000000 --- a/.scripts/autostart/Makefile +++ /dev/null @@ -1,8 +0,0 @@ -INIT_FOLDER=/etc/init.d -.phony: all -all: - #TODO change the tinc file before writing - cp tinc $(INIT_FOLDER)/tinc - chmod +x $(INIT_FOLDER)/tinc - echo "retiolum" > /etc/tinc/nets.boot - update-rc.d tinc defaults diff --git a/.scripts/autostart/tinc b/.scripts/autostart/tinc deleted file mode 100755 index 12e77d6a..00000000 --- a/.scripts/autostart/tinc +++ /dev/null @@ -1,94 +0,0 @@ -#! /bin/sh -# -### BEGIN INIT INFO -# Provides: tinc -# Required-Start: $remote_fs $network -# Required-Stop: $remote_fs $network -# Should-Start: $syslog $named -# Should-Stop: $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Start tinc daemons -# Description: Create a file $NETSFILE (/etc/tinc/nets.boot), -# and put all the names of the networks in there. -# These names must be valid directory names under -# $TCONF (/etc/tinc). Lines starting with a # will be -# ignored in this file. -### END INIT INFO -# -# Based on Lubomir Bulej's Redhat init script. - -DAEMON="/usr/sbin/tincd" -NAME="tinc" -DESC="tinc daemons" -TCONF="/etc/tinc" -NETSFILE="$TCONF/nets.boot" -NETS="" - -modprobe tun - -test -f $DAEMON || exit 0 - -[ -r /etc/default/tinc ] && . /etc/default/tinc - -# foreach_net "what-to-say" action [arguments...] -foreach_net() { - if [ ! -f $NETSFILE ] ; then - echo "Please create $NETSFILE." - exit 0 - fi - echo -n "$1" - shift - egrep '^[ ]*[a-zA-Z0-9_-]+' $NETSFILE | while read net args; do - echo -n " $net" - "$@" $net $args - done - echo "." -} - -start() { - $DAEMON $EXTRA -n "$@" -} -stop() { - $DAEMON -n $1 -k -} -reload() { - $DAEMON -n $1 -kHUP -} -restart() { - stop "$@" - sleep 0.5 - i=0; - while [ -f /var/run/tinc.$1.pid ] ; do - if [ $i = '10' ] ; then - break - else - echo -n "." - sleep 0.5 - i=$(($i+1)) - fi - done - start "$@" -} - -case "$1" in - start) - foreach_net "Starting $DESC:" start - ;; - stop) - foreach_net "Stopping $DESC:" stop - ;; - reload|force-reload) - foreach_net "Reloading $DESC configuration:" reload - ;; - restart) - foreach_net "Restarting $DESC:" restart - ;; - *) - echo "Usage: /etc/init.d/$NAME {start|stop|reload|restart|force-reload}" - exit 1 - ;; -esac - -exit 0 - diff --git a/.scripts/tinc_multicast/retiolum b/.scripts/tinc_multicast/retiolum deleted file mode 100755 index 1d6b775f..00000000 --- a/.scripts/tinc_multicast/retiolum +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -. /etc/rc.conf -. /etc/rc.d/functions - -TINCNAME='retiolum' -case "$1" in - start) - stat_busy "Starting retiolum Daemon" - success=0 - /home/death/git/retiolum/.scripts/tinc_multicast/retiolum.py -n retiolum -T & - sleep 2 - if [ $success -eq 0 ]; then - add_daemon retiolum - stat_done - else - stat_fail - fi - ;; - stop) - stat_busy "Stopping retiolum Daemon" - kill `cat /var/lock/retiolum.retiolum` - rm_daemon retiolum - stat_done - ;; - restart) - $0 stop - sleep 4 - $0 start - ;; - *) - echo "usage $0 {start¦stop¦restart}" -esac -exit 0 diff --git a/.scripts/tinc_multicast/retiolum.py b/.scripts/tinc_multicast/retiolum.py deleted file mode 100755 index 8cf57471..00000000 --- a/.scripts/tinc_multicast/retiolum.py +++ /dev/null @@ -1,349 +0,0 @@ -#!/usr/bin/python2 -import sys, os, time, signal, socket, subprocess, thread, random, Queue, binascii, logging, hashlib, urllib2 #these should all be in the stdlib -from optparse import OptionParser - -def pub_encrypt(hostname_t, text): #encrypt data with public key - logging.debug("encrypt: " + text) - if hostname_t.find("`") != -1: return(-1) - try: - enc_text = subprocess.os.popen("echo '" + text + "' | openssl rsautl -pubin -inkey /etc/tinc/" + netname + "/hosts/.pubkeys/" + hostname_t + " -encrypt | base64 -w0") - return(enc_text.read()) - except: - return(-1) - -def priv_decrypt(enc_data): #decrypt data with private key - if enc_data.find("`") != -1: return(-1) - dec_text = subprocess.os.popen("echo '" + enc_data + "' | base64 -d | openssl rsautl -inkey /etc/tinc/" + netname + "/rsa_key.priv -decrypt") - return(dec_text.read()) - -def address2hostfile(hostname, address): #adds address to hostsfile or restores it if address is empty - hostfile = "/etc/tinc/" + netname + "/hosts/" + hostname - addr_file = open(hostfile, "r") - addr_cache = addr_file.readlines() - addr_file.close() - if address != "": - addr_cache.insert(0, "Address = " + address + "\n") - addr_file = open(hostfile, "w") - addr_file.writelines(addr_cache) - addr_file.close - logging.info("sending SIGHUP to tinc deamon!") - tincd_ALRM = subprocess.call(["tincd -n " + netname + " --kill=HUP" ],shell=True) - else: - recover = subprocess.os.popen("tar xzf /etc/tinc/" + netname + "/hosts/hosts.tar.gz -C /etc/tinc/" + netname + "/hosts/ " + hostname) - -def findhostinlist(hostslist, hostname, ip): #finds host + ip in list - for line in xrange(len(hostslist)): - if hostname == hostslist[line][0] and ip == hostslist[line][1]: - return line - return -1 #nothing found - -def getHostname(netname): - tconf = open("/etc/tinc/" + netname + "/tinc.conf", "r") - feld = tconf.readlines() - tconf.close() - for x in feld: - if x.startswith("Name"): - return str(x.partition("=")[2].lstrip().rstrip("\n")) - - print("hostname not found!") - return -1 #nothing found - -def get_hostfiles(url_files, url_md5sum): - try: - get_hosts_tar = urllib2.urlopen(url_files) - get_hosts_md5 = urllib2.urlopen(url_md5sum) - hosts_tar = get_hosts_tar.read() - hosts_md5 = get_hosts_md5.read() - - if str(hosts_md5) == str(hashlib.md5(hosts_tar).hexdigest() + " hosts.tar.gz\n"): - hosts = open("/etc/tinc/" + netname + "/hosts/hosts.tar.gz", "w") - hosts.write(hosts_tar) - hosts.close() - else: - logging.error("hosts.tar.gz md5sum check failed!") - except: - logging.error("hosts file download failed!") - - -####Thread functions - - -def sendthread(sendfifo, ghostmode): #send to multicast, sends keep alive packets - while True: - try: - #{socket init start - ANY = "0.0.0.0" - SENDPORT = 23542 - MCAST_ADDR = "224.168.2.9" - MCAST_PORT = 1600 - - sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) #initalize socket with udp - sock.bind((ANY,SENDPORT)) #now bound to Interface and Port - sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 255) #activate multicast - #}socket init end - - if ghostmode == 0: - - i = 9 - - while True: - i += 1 - if not sendfifo.empty(): - sock.sendto(sendfifo.get(), (MCAST_ADDR,MCAST_PORT) ) - logging.info("send: sending sendfifo") - else: - time.sleep(1) - if i == 10: - sock.sendto("#Stage1#" + netname + "#" + hostname + "#", (MCAST_ADDR,MCAST_PORT) ) - logging.debug("send: sending keep alive") - i = 0 - else: - while True: - if not sendfifo.empty(): - sock.sendto(sendfifo.get(), (MCAST_ADDR,MCAST_PORT) ) - logging.info("send: sending sendfifo") - else: - time.sleep(1) - - except: - logging.error("send: socket init failed") - time.sleep(10) - - - -def recvthread(timeoutfifo, authfifo): #recieves input from multicast, send them to timeout or auth - while True: - try: - ANY = "0.0.0.0" - MCAST_ADDR = "224.168.2.9" - MCAST_PORT = 1600 - - sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) #create a UDP socket - sock.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1) #allow multiple sockets to use the same PORT number - sock.bind((ANY,MCAST_PORT)) #Bind to the port that we know will receive multicast data - sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 255) #tell the kernel that we are a multicast socket - - - status = sock.setsockopt(socket.IPPROTO_IP, - socket.IP_ADD_MEMBERSHIP, #Tell the kernel that we want to add ourselves to a multicast group - socket.inet_aton(MCAST_ADDR) + socket.inet_aton(ANY)); #The address for the multicast group is the third param - - while True: - while True: - - try: - data, addr = sock.recvfrom(1024) - ip, port = addr - break - except socket.error, e: - pass - - logging.debug("recv: got data") - dataval = data.split("#") - if dataval[0] == "": - if dataval[2] == netname: - if dataval[1] == "Stage1": - if dataval[3] != hostname: - timeoutfifo.put(["tst", dataval[3], ip]) - logging.info("recv: got Stage1: writing data to timeout") - logging.debug("recv: ;tst;" + dataval[3] + ";" + ip) - if dataval[1] == "Stage2": - if dataval[3] == hostname: - authfifo.put([dataval[1], dataval[3], ip, dataval[4]]) - logging.info("recv: got Stage2: writing data to auth") - logging.debug("recv: ;" + dataval[1] + ";" + dataval[3] + ";" + ip + ";" + dataval[4]) - if dataval[1] == "Stage3": - if dataval[3] != hostname: - authfifo.put([dataval[1], dataval[3], ip, dataval[4]]) - logging.info("recv: got Stage3: writing data to auth") - logging.debug("recv: ;" + dataval[1] + ";" + dataval[3] + ";" + ip + ";" + dataval[4]) - except: - logging.error("recv: socket init failed") - time.sleep(10) - -def timeoutthread(timeoutfifo, authfifo): #checks if the hostname is already in the list, deletes timeouted nodes -# hostslist = [] #hostname, ip, timestamp - - while True: - if not timeoutfifo.empty(): - curhost = timeoutfifo.get() - if curhost[0] == "add": - with hostslock: - hostslist.append([curhost[1], curhost[2], time.time()]) - address2hostfile(curhost[1], curhost[2]) - logging.info("adding host to hostslist") - elif curhost[0] == "tst": - with hostslock: - line = findhostinlist(hostslist, curhost[1], curhost[2]) - if line != -1: - hostslist[line][2] = time.time() - logging.debug("timeout: refreshing timestamp of " + hostslist[line][0]) - else: - authfifo.put(["Stage1", curhost[1], curhost[2]]) - logging.info("timeout: writing to auth") - - else: - i = 0 - with hostslock: - while i < len(hostslist): - if time.time() - hostslist[i][2] > 60: - address2hostfile(hostslist[i][0], "") - hostslist.remove(hostslist[i]) - logging.info("timeout: deleting dead host") - else: - i += 1 - time.sleep(2) - -def auththread(authfifo, sendfifo, timeoutfifo): #manages authentication with clients (bruteforce sensitve, should be fixed) - authlist = [] #hostname, ip, Challenge, timestamp - - - while True: - try: - if not authfifo.empty(): - logging.debug("auth: authfifo is not empty") - curauth = authfifo.get() - if curauth[0] == "Stage1": - line = findhostinlist(authlist, curauth[1], curauth[2]) - if line == -1: - challengenum = random.randint(0,65536) - encrypted_message = pub_encrypt(curauth[1], "#" + hostname + "#" + str(challengenum) + "#") - authlist.append([curauth[1], curauth[2], challengenum, time.time()]) - else: - encrypted_message = pub_encrypt(authlist[line][0], "#" + hostname + "#" + str(authlist[line][2]) + "#") - if encrypted_message == -1: - logging.info("auth: RSA Encryption Error") - else: - sendtext = "#Stage2#" + netname + "#" + curauth[1] + "#" + encrypted_message + "#" - sendfifo.put(sendtext) - logging.info("auth: got Stage1 sending now Stage2") - logging.debug("auth: " + sendtext) - - if curauth[0] == "Stage2": - dec_message = priv_decrypt(curauth[3]) - splitmes = dec_message.split("#") - if splitmes[0] == "": - encrypted_message = pub_encrypt(splitmes[1], "#" + splitmes[2] + "#") - if encrypted_message == -1: - logging.error("auth: RSA Encryption Error") - else: - sendtext = "#Stage3#" + netname + "#" + curauth[1] + "#" + encrypted_message + "#" - sendfifo.put(sendtext) - logging.info("auth: got Stage2 sending now Stage3") - logging.debug("auth: " + sendtext) - - if curauth[0] == "Stage3": - line = findhostinlist(authlist, curauth[1], curauth[2]) - if line != -1: - dec_message = priv_decrypt(curauth[3]) - splitmes = dec_message.split("#") - logging.info("auth: checking challenge") - if splitmes[0] == "": - if splitmes[1] == str(authlist[line][2]): - timeoutfifo.put(["add", curauth[1], curauth[2]]) - del authlist[line] - logging.info("auth: Stage3 checked, sending now to timeout") - else: logging.error("auth: challenge checking failed") - else: logging.error("auth: decryption failed") - - else: - i = 0 - while i < len(authlist): - if time.time() - authlist[i][3] > 120: - del authlist[i] - logging.info("auth: deleting timeoutet auth") - else: - i += 1 - time.sleep(1) - except: - logging.error("auth: thread crashed") - -def process_start(): #starting of the process - #download and untar hostfile - logging.info("downloading hostfiles") - get_hostfiles("http://vpn.miefda.org/hosts.tar.gz", "http://vpn.miefda.org/hosts.md5") #Currently Hardcoded, should be editable by config or parameter - tar = subprocess.call(["tar -xzf /etc/tinc/" + netname + "/hosts/hosts.tar.gz -C /etc/tinc/" + netname + "/hosts/"], shell=True) - - #initialize fifos - sendfifo = Queue.Queue() #sendtext - authfifo = Queue.Queue() #Stage{1, 2, 3} hostname ip enc_data - timeoutfifo = Queue.Queue() #State{tst, add} hostname ip - - #start threads - thread_recv = thread.start_new_thread(recvthread, (timeoutfifo, authfifo)) - thread_send = thread.start_new_thread(sendthread, (sendfifo, option.ghost)) - thread_timeout = thread.start_new_thread(timeoutthread, (timeoutfifo, authfifo)) - thread_auth = thread.start_new_thread(auththread, (authfifo, sendfifo, timeoutfifo)) - -def process_restart(signum, frame): - logging.error("root: restarting process") - with hostslock: - del hostslist[:] - #download and untar hostfile - logging.info("downloading hostfiles") - get_hostfiles("http://vpn.miefda.org/hosts.tar.gz", "http://vpn.miefda.org/hosts.md5") #Currently Hardcoded, should be editable by config or parameter - tar = subprocess.call(["tar -xzf /etc/tinc/" + netname + "/hosts/hosts.tar.gz -C /etc/tinc/" + netname + "/hosts/"], shell=True) - - logging.info("sending SIGHUP") - tincd_ALRM = subprocess.call(["tincd -n " + netname + " --kill=HUP" ],shell=True) - -def kill_process(signum, frame): - logging.error("got SIGINT/SIGTERM exiting now") - os.remove("/var/lock/retiolum." + netname) - if option.tinc != False: - stop_tincd = subprocess.call(["tincd -n " + netname + " -k"],shell=True) - sys.exit(0) - -#Program starts here! - -parser = OptionParser() -parser.add_option("-n", "--netname", dest="netname", help="the netname of the tinc network") -parser.add_option("-H", "--hostname", dest="hostname", default="default", help="your nodename, if not given, it will try too read it from tinc.conf") -parser.add_option("-t", "--timeout", dest="timeout", default=65536, help="timeout after retiolum gets restartet, default is 65536") -parser.add_option("-d", "--debug", dest="debug", default="0", help="debug level: 0,1,2,3 if empty debug level=0") -parser.add_option("-g", "--ghost", action="store_true", dest="ghost", default=False, help="deactivates active sending, keeps you anonymous in the public network") -parser.add_option("-T", "--Tinc", action="store_true", dest="tinc", default=False, help="starts tinc with this script") -(option, args) = parser.parse_args() - -if option.netname == None: - parser.error("Netname is required, use -h for help!") -if option.hostname == "default": - option.hostname = getHostname(option.netname) - -hostname = option.hostname -netname = option.netname -hostslist = [] -hostslock = thread.allocate_lock() - -#set process name -if not os.path.exists("/var/lock/retiolum." + netname): - pidfile = open("/var/lock/retiolum." + netname, "w") - pidfile.write(str(os.getpid())) - pidfile.close() -else: - logging.error("pidfile already exists") - sys.exit(0) - -#Logging stuff -LEVELS = {'3' : logging.DEBUG, - '2' : logging.INFO, - '1' : logging.ERROR, - '0' : logging.CRITICAL} - -level_name = option.debug -level = LEVELS.get(level_name, logging.NOTSET) -logging.basicConfig(level=level) - -#normally tinc doesnt start with retiolum -if option.tinc != False: - start_tincd = subprocess.call(["tincd -n " + netname ],shell=True) - -process_start() - -signal.signal(signal.SIGTERM, kill_process) -signal.signal(signal.SIGINT, kill_process) -signal.signal(signal.SIGUSR1, process_restart) - -while True: - time.sleep(float(option.timeout)) - process_restart(0, 0) diff --git a/.scripts/tinc_setup/README b/.scripts/tinc_setup/README deleted file mode 100644 index 11d6f6e9..00000000 --- a/.scripts/tinc_setup/README +++ /dev/null @@ -1,18 +0,0 @@ -This directory contains the build and install scripts for shack-retiolum - -1. build_arch - arch linux build script -2. build_debian - debian build script -3. build_debian_clean - debian script which builds a clean tinc daemon -4. build_ec2 - Amazon ec2 base instance build script -5. install.sh - configures the tinc daemon - $1 is the nickname - $2 is the ip-address - also writes a python file inside the tinc/retiolum folder which posts - the public key into the IRC:freenode/#tincspasm -6. build_no.de - nonfunct no.de smartmachine build script diff --git a/.scripts/tinc_setup/bootstrap.sh b/.scripts/tinc_setup/bootstrap.sh deleted file mode 100644 index 32919e7d..00000000 --- a/.scripts/tinc_setup/bootstrap.sh +++ /dev/null @@ -1,11 +0,0 @@ -if [ ! `id -u` -eq "0" ] -then - echo "not root, trying sudo" - exec sudo "$0" "$@" -fi - -mkdir -p /etc/tinc/retiolum/ -git clone git://github.com/miefda/retiolum.git /etc/tinc/retiolum/hosts -cd /etc/tinc/retiolum/hosts/.scripts - -echo "use the build script of your choice from /etc/tinc/retiolum/hosts/.scripts" diff --git a/.scripts/tinc_setup/build_arch.sh b/.scripts/tinc_setup/build_arch.sh deleted file mode 100755 index 5ef5d765..00000000 --- a/.scripts/tinc_setup/build_arch.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -set -e -sudo pacman -S openssl gcc lzo -curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz -cd tinc-1.0.13 -./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var -make -sudo make install -cd .. - -echo "overwriting python to python2" -sed 's/\/usr\/bin\/python/\/usr\/bin\/python2/g' install.sh >install2.sh -mv install2.sh install.sh - diff --git a/.scripts/tinc_setup/build_debian.sh b/.scripts/tinc_setup/build_debian.sh deleted file mode 100755 index 52e61390..00000000 --- a/.scripts/tinc_setup/build_debian.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -set -x -if [ ! "$MYIP" ] -then - MYIP=10.0.7.7.55 -fi -if [ ! "$MYHOSTNAME" ] -then - MYHOSTNAME="penis" -fi - -if [ "$MYHOSTNAME" = "penis" ]; -then - read -n1 -p "name is penis, are u sure? [yN]" - if [[ "$REPLY" != [yY] ]] - then - echo "then better RTFC" - echo "bailing out" - exit 0 - fi -fi -apt-get install tinc git curl python - -./install.sh "$MYHOSTNAME" "$MYIP" - -# for autostart -sed -i '/retiolum/d' /etc/tinc/nets.boot -echo "retiolum" >> /etc/tinc/nets.boot -sed -i '/EXTRA/d' /etc/tinc/nets.boot -echo "EXTRA=\"\"" >> /etc/default/tinc - -/etc/init.d/tinc start diff --git a/.scripts/tinc_setup/build_debian_clean.sh b/.scripts/tinc_setup/build_debian_clean.sh deleted file mode 100755 index a7332f4e..00000000 --- a/.scripts/tinc_setup/build_debian_clean.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -set -xe -MYIP=10.0.7.7.55 - -apt-get install tinc git curl gcc gcc-dev build-essential libssl-dev python - -git clone https://github.com/makefu/shack-retiolum.git - -mkdir build -cd build -curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar -xz -cd lzo-2.04 -./configure --prefix=/usr -make -sudo make install -cd .. -curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz -cd tinc-1.0.13 -./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var -make -sudo make install -cd ../.. - -cd shack-retiolum -./install.sh `hostname` $MYIP - -rm shack-retiolum -# for autostart -echo "retiolum" >> /etc/tinc/nets.boot -echo "EXTRA=\"--user=tincd --chroot\"" >> /etc/default/tinc diff --git a/.scripts/tinc_setup/build_ec2.sh b/.scripts/tinc_setup/build_ec2.sh deleted file mode 100755 index 79f2af28..00000000 --- a/.scripts/tinc_setup/build_ec2.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -set -e -sudo yum install -y gcc openssl-devel -mkdir build -cd build -curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz -cd lzo-2.04 -./configure --prefix=/usr -make -sudo make install -cd .. -curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz -cd tinc-1.0.13 -./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var -make -sudo make install diff --git a/.scripts/tinc_setup/build_no.de.sh b/.scripts/tinc_setup/build_no.de.sh deleted file mode 100644 index 2976d3a2..00000000 --- a/.scripts/tinc_setup/build_no.de.sh +++ /dev/null @@ -1 +0,0 @@ -pkgin in lzo gcc-tools gcc-compiler gcc34 diff --git a/.scripts/tinc_setup/install.sh b/.scripts/tinc_setup/install.sh deleted file mode 100755 index 89465b64..00000000 --- a/.scripts/tinc_setup/install.sh +++ /dev/null @@ -1,67 +0,0 @@ -#! /bin/sh -# USE WITH GREAT CAUTION - -set -e -myname="${1:-dummy}" -rel_hostsfile=`dirname $0`/.. -hostsfile=`readlink -f $rel_hostsfile` -netname=retiolum -myipv4="${2:-10.7.7.56}" -mynet4=10.7.7.0 -CURR=`pwd` -# create configuration directory for $netname -mkdir -p /etc/tinc/$netname -cd /etc/tinc/$netname - -# get currently known hosts -cp -r $hostsfile hosts -echo "added known hosts:" -ls -1 | LC_ALL=C sort -echo "delete the nodes you do not trust!" - - -cat>tinc-up<tinc.conf< hosts/$myname -tincd -n $netname -K - -echo Writing Public Key to irc channel -cat>write_channel.py< + May 19 20:40:44 servarch dnsmasq[5382]: reading /etc/resolv.conf + May 19 20:41:38 servarch tinc.retiolum[4780]: Error looking up pa-sharepoint.informatik.ba-stuttgart.de port 655: Name or service not known + + becomes + + Error looking up pa-sharepoint.informatik.ba-stuttgart.de port 655: Name or service not known + + and so on. + It also provides a wrapper around graphviz which automagically + generates graphs from the produced graph file + +parse.py: + reads from stdin the sanitized syslog file and prints a valid dot file + from the given output. + The parser module may also produce any other output (e.g. for dns + entries and so on) you will need to actually read and modify the source + in order to be able to do this. ~May the source be with you~ + diff --git a/modules/retiolum/scripts/adv_graphgen/parse.py b/modules/retiolum/scripts/adv_graphgen/parse.py new file mode 100755 index 00000000..04b42c33 --- /dev/null +++ b/modules/retiolum/scripts/adv_graphgen/parse.py @@ -0,0 +1,91 @@ +#!/usr/bin/python2 +# -*- coding: utf8 -*- + +import sys +""" TODO: Refactoring needed to pull the edges out of the node structures again, +it should be easier to handle both structures""" + +def write_digraph(nodes): + """ + writes the complete digraph in dot format + """ + print ('digraph retiolum {') + print (' node[shape=box,style=filled,fillcolor=grey]') + generate_stats(nodes) + merge_edges(nodes) + for k,v in nodes.iteritems(): + write_node(k,v) + print ('}') +def generate_stats(nodes): + """ Generates some statistics of the network and nodes + """ + for k,v in nodes.iteritems(): + v['num_conns'] = len(v.get('to',[])) + +def merge_edges(nodes): + """ merge back and forth edges into one + DESTRUCTS the current structure by deleting "connections" in the nodes + + """ + for k,v in nodes.iteritems(): + for con in v.get('to',[]): + for i,secon in enumerate(nodes[con['name']].get('to',[])): + if k == secon['name']: + del (nodes[con['name']]['to'][i]) + con['bidirectional'] = True + + +def write_node(k,v): + """ writes a single node and its edges + edges are weightet with the informations inside the nodes provided by + tinc + """ + node = " "+k+"[label=\"" + node += k+"\\l" + node += "external:"+v['external-ip']+":"+v['external-port']+"\\l" + if v.has_key('num_conns'): + node += "Num Connects:"+str(v['num_conns'])+"\\l" + + node += "internal:"+v.get('internal-ip','¯\\\\(°_o)/¯')+"\\l\"" + if v['external-ip'] == "MYSELF": + node += ",fillcolor=steelblue1" + node += "]" + print (node) + for con in v.get('to',[]): + edge = " "+k+ " -> " +con['name'] + "[weight="+str(float(con['weight'])) + if con.get('bidirectional',False): + edge += ",dir=both" + edge += "]" + print edge + +def parse_input(): + nodes={} + for line in sys.stdin: + line = line.replace('\n','') + if line == 'Nodes:': + nodes={} + for line in sys.stdin: + if line == 'End of nodes.\n': + break + l = line.replace('\n','').split() #TODO unhack me + nodes[l[0]]= { 'external-ip': l[2], 'external-port' : l[4] } + if line == 'Subnet list:': + for line in sys.stdin: + if line == 'End of subnet list.\n': + break + l = line.replace('\n','').split() + nodes[l[2]]['internal-ip'] = l[0].split('#')[0] + if line == 'Edges:': + edges = {} + for line in sys.stdin: + if line == 'End of edges.\n': + break + l = line.replace('\n','').split() + + if not nodes[l[0]].has_key('to') : + nodes[l[0]]['to'] = [] + nodes[l[0]]['to'].append( + {'name':l[2],'addr':l[4],'port':l[6],'weight' : l[10] }) + return nodes +nodes = parse_input() +write_digraph(nodes) diff --git a/modules/retiolum/scripts/adv_graphgen/sanitize.sh b/modules/retiolum/scripts/adv_graphgen/sanitize.sh new file mode 100755 index 00000000..88591b67 --- /dev/null +++ b/modules/retiolum/scripts/adv_graphgen/sanitize.sh @@ -0,0 +1,13 @@ +GRAPH_SETTER1=dot +GRAPH_SETTER2=circo +LOG_FILE=/var/log/everything.log +OPENER=/bin/true + +sudo pkill -USR2 tincd +sudo sed -n '/tinc.retiolum/{s/.*tinc.retiolum\[[0-9]*\]: //gp}' $LOG_FILE |\ + ./parse.py > retiolum.dot + +$GRAPH_SETTER1 -Tpng -o $1retiolum_1.png retiolum.dot +$GRAPH_SETTER2 -Tpng -o $1retiolum_2.png retiolum.dot +$OPENER retiolum_1.png &>/dev/null +rm retiolum.dot diff --git a/modules/retiolum/scripts/autostart/Makefile b/modules/retiolum/scripts/autostart/Makefile new file mode 100644 index 00000000..7ca589e1 --- /dev/null +++ b/modules/retiolum/scripts/autostart/Makefile @@ -0,0 +1,8 @@ +INIT_FOLDER=/etc/init.d +.phony: all +all: + #TODO change the tinc file before writing + cp tinc $(INIT_FOLDER)/tinc + chmod +x $(INIT_FOLDER)/tinc + echo "retiolum" > /etc/tinc/nets.boot + update-rc.d tinc defaults diff --git a/modules/retiolum/scripts/autostart/tinc b/modules/retiolum/scripts/autostart/tinc new file mode 100755 index 00000000..12e77d6a --- /dev/null +++ b/modules/retiolum/scripts/autostart/tinc @@ -0,0 +1,94 @@ +#! /bin/sh +# +### BEGIN INIT INFO +# Provides: tinc +# Required-Start: $remote_fs $network +# Required-Stop: $remote_fs $network +# Should-Start: $syslog $named +# Should-Stop: $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Start tinc daemons +# Description: Create a file $NETSFILE (/etc/tinc/nets.boot), +# and put all the names of the networks in there. +# These names must be valid directory names under +# $TCONF (/etc/tinc). Lines starting with a # will be +# ignored in this file. +### END INIT INFO +# +# Based on Lubomir Bulej's Redhat init script. + +DAEMON="/usr/sbin/tincd" +NAME="tinc" +DESC="tinc daemons" +TCONF="/etc/tinc" +NETSFILE="$TCONF/nets.boot" +NETS="" + +modprobe tun + +test -f $DAEMON || exit 0 + +[ -r /etc/default/tinc ] && . /etc/default/tinc + +# foreach_net "what-to-say" action [arguments...] +foreach_net() { + if [ ! -f $NETSFILE ] ; then + echo "Please create $NETSFILE." + exit 0 + fi + echo -n "$1" + shift + egrep '^[ ]*[a-zA-Z0-9_-]+' $NETSFILE | while read net args; do + echo -n " $net" + "$@" $net $args + done + echo "." +} + +start() { + $DAEMON $EXTRA -n "$@" +} +stop() { + $DAEMON -n $1 -k +} +reload() { + $DAEMON -n $1 -kHUP +} +restart() { + stop "$@" + sleep 0.5 + i=0; + while [ -f /var/run/tinc.$1.pid ] ; do + if [ $i = '10' ] ; then + break + else + echo -n "." + sleep 0.5 + i=$(($i+1)) + fi + done + start "$@" +} + +case "$1" in + start) + foreach_net "Starting $DESC:" start + ;; + stop) + foreach_net "Stopping $DESC:" stop + ;; + reload|force-reload) + foreach_net "Reloading $DESC configuration:" reload + ;; + restart) + foreach_net "Restarting $DESC:" restart + ;; + *) + echo "Usage: /etc/init.d/$NAME {start|stop|reload|restart|force-reload}" + exit 1 + ;; +esac + +exit 0 + diff --git a/modules/retiolum/scripts/tinc_multicast/retiolum b/modules/retiolum/scripts/tinc_multicast/retiolum new file mode 100755 index 00000000..1d6b775f --- /dev/null +++ b/modules/retiolum/scripts/tinc_multicast/retiolum @@ -0,0 +1,34 @@ +#!/bin/bash + +. /etc/rc.conf +. /etc/rc.d/functions + +TINCNAME='retiolum' +case "$1" in + start) + stat_busy "Starting retiolum Daemon" + success=0 + /home/death/git/retiolum/.scripts/tinc_multicast/retiolum.py -n retiolum -T & + sleep 2 + if [ $success -eq 0 ]; then + add_daemon retiolum + stat_done + else + stat_fail + fi + ;; + stop) + stat_busy "Stopping retiolum Daemon" + kill `cat /var/lock/retiolum.retiolum` + rm_daemon retiolum + stat_done + ;; + restart) + $0 stop + sleep 4 + $0 start + ;; + *) + echo "usage $0 {start¦stop¦restart}" +esac +exit 0 diff --git a/modules/retiolum/scripts/tinc_multicast/retiolum.py b/modules/retiolum/scripts/tinc_multicast/retiolum.py new file mode 100755 index 00000000..8cf57471 --- /dev/null +++ b/modules/retiolum/scripts/tinc_multicast/retiolum.py @@ -0,0 +1,349 @@ +#!/usr/bin/python2 +import sys, os, time, signal, socket, subprocess, thread, random, Queue, binascii, logging, hashlib, urllib2 #these should all be in the stdlib +from optparse import OptionParser + +def pub_encrypt(hostname_t, text): #encrypt data with public key + logging.debug("encrypt: " + text) + if hostname_t.find("`") != -1: return(-1) + try: + enc_text = subprocess.os.popen("echo '" + text + "' | openssl rsautl -pubin -inkey /etc/tinc/" + netname + "/hosts/.pubkeys/" + hostname_t + " -encrypt | base64 -w0") + return(enc_text.read()) + except: + return(-1) + +def priv_decrypt(enc_data): #decrypt data with private key + if enc_data.find("`") != -1: return(-1) + dec_text = subprocess.os.popen("echo '" + enc_data + "' | base64 -d | openssl rsautl -inkey /etc/tinc/" + netname + "/rsa_key.priv -decrypt") + return(dec_text.read()) + +def address2hostfile(hostname, address): #adds address to hostsfile or restores it if address is empty + hostfile = "/etc/tinc/" + netname + "/hosts/" + hostname + addr_file = open(hostfile, "r") + addr_cache = addr_file.readlines() + addr_file.close() + if address != "": + addr_cache.insert(0, "Address = " + address + "\n") + addr_file = open(hostfile, "w") + addr_file.writelines(addr_cache) + addr_file.close + logging.info("sending SIGHUP to tinc deamon!") + tincd_ALRM = subprocess.call(["tincd -n " + netname + " --kill=HUP" ],shell=True) + else: + recover = subprocess.os.popen("tar xzf /etc/tinc/" + netname + "/hosts/hosts.tar.gz -C /etc/tinc/" + netname + "/hosts/ " + hostname) + +def findhostinlist(hostslist, hostname, ip): #finds host + ip in list + for line in xrange(len(hostslist)): + if hostname == hostslist[line][0] and ip == hostslist[line][1]: + return line + return -1 #nothing found + +def getHostname(netname): + tconf = open("/etc/tinc/" + netname + "/tinc.conf", "r") + feld = tconf.readlines() + tconf.close() + for x in feld: + if x.startswith("Name"): + return str(x.partition("=")[2].lstrip().rstrip("\n")) + + print("hostname not found!") + return -1 #nothing found + +def get_hostfiles(url_files, url_md5sum): + try: + get_hosts_tar = urllib2.urlopen(url_files) + get_hosts_md5 = urllib2.urlopen(url_md5sum) + hosts_tar = get_hosts_tar.read() + hosts_md5 = get_hosts_md5.read() + + if str(hosts_md5) == str(hashlib.md5(hosts_tar).hexdigest() + " hosts.tar.gz\n"): + hosts = open("/etc/tinc/" + netname + "/hosts/hosts.tar.gz", "w") + hosts.write(hosts_tar) + hosts.close() + else: + logging.error("hosts.tar.gz md5sum check failed!") + except: + logging.error("hosts file download failed!") + + +####Thread functions + + +def sendthread(sendfifo, ghostmode): #send to multicast, sends keep alive packets + while True: + try: + #{socket init start + ANY = "0.0.0.0" + SENDPORT = 23542 + MCAST_ADDR = "224.168.2.9" + MCAST_PORT = 1600 + + sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) #initalize socket with udp + sock.bind((ANY,SENDPORT)) #now bound to Interface and Port + sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 255) #activate multicast + #}socket init end + + if ghostmode == 0: + + i = 9 + + while True: + i += 1 + if not sendfifo.empty(): + sock.sendto(sendfifo.get(), (MCAST_ADDR,MCAST_PORT) ) + logging.info("send: sending sendfifo") + else: + time.sleep(1) + if i == 10: + sock.sendto("#Stage1#" + netname + "#" + hostname + "#", (MCAST_ADDR,MCAST_PORT) ) + logging.debug("send: sending keep alive") + i = 0 + else: + while True: + if not sendfifo.empty(): + sock.sendto(sendfifo.get(), (MCAST_ADDR,MCAST_PORT) ) +