I have a Single Board Computer (SBC) running on HiSilicon linux with Busybox. I am trying to convert this device into an Access Point. It has a wifi module and an ethernet port ( which will be connected to internet router). I have referred many articles, and pretty much each of them suggests using iptables for forwarding and masquerading ip packets.
Ref: https://serverfault.com/questions/152363/bridging-wlan0-to-eth0
Unfortunately Busybox does not seem to have iptables, and only iproute2 is available. Is there any way to achieve the following using iproute2 or something else. I am not a network engineer, so I apologize in advance if my understanding of the problem is incorrect.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o wlan0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
Looking at what you are trying to achieve, it is simply a "routing" concept and it is possible on busy-box. Just enable "ip forwarding" (that's all you need).
$ sudo echo 1 > /proc/sys/net/ipv4/ip_forward
Then consider making permanent changes to your configurations after a successful test.
I'm trying to deploy $DM_COUNT docker-machines through a script, and write new network configuration to the nodes. The script works fine until the end of the loop and then gets stuck
The script is called from this script:
#!/bin/bash
set -x
PS4='$LINENO: '
net="10.17.65."
The loop starts properly
for i in $(seq 1 $DM_COUNT); do
(
name="$PREFIX$DEPLOYMENTNAME$i"
echo "$name"
if [ -z "$DM_NAMES" ]
then
export DM_NAMES=$name
else
export DM_NAMES=$DM_NAMES:$name
fi
ip="$net$((4 + i))"
mkdir -p ~/.ssh && touch $_/config &&
tee -a $_ << EOF
Host $name
Hostname $ip
User docker
IdentityFile ~/.docker/machine/machines/$name/id_rsa
EOF
docker-machine create $name\
--driver vmwarevsphere \
--vmwarevsphere-cpu-count 4 \
--vmwarevsphere-datastore datastore1 \
--vmwarevsphere-disk-size 60000 \
--vmwarevsphere-memory-size 2048 \
--vmwarevsphere-network 'VM\ Network' \
--vmwarevsphere-vcenter 10.17.6.218 \
--vmwarevsphere-password a \
--vmwarevsphere-username root
docker-machine restart "$name"
docker-machine regenerate-certs -f "$name"
echo 'Done provisioning ' "$name"
docker-machine scp -r /certs/ "$name":/root/certs/
docker-machine ssh "$name" sudo mkdir /var/lib/boot2docker/certs
docker-machine ssh "$name" sudo cp /root/certs/*.crt /var/lib/boot2docker/certs/
echo 'Done copying self-signed certificates'
echo "
# configure eht1 (czlocal1)
sudo ip addr flush dev eth1
sudo ip route del default
sudo ip route add default via 192.168.1.254
# configure eth2 (czlocal2)
sudo ip addr flush dev eth0
sudo ip route add default via 192.168.2.254
# configure eth3 (czlocaldhcp)
sudo ip addr flush dev eth0
# configure eth0 (mgmt)
sudo ip addr flush dev eth0
ip addr add 10.17.65.10$i/24 dev eth0
ip route add 10.17.36.0/24 via 10.17.65.1 dev eth0
ip route add 10.17.33.0/24 via 10.17.65.1 dev eth0
# configure eth2 (czlocal2)
sudo ip addr flush dev eth2
ip addr add 192.168.2.$i/24
# configure eth3 (czlocaldhcp)
sudo ip addr flush dev eth3
" | docker-machine ssh "$name" "sudo tee /var/lib/boot2docker/bootsync.sh"
echo "
sudo ip route del default
sudo ip route add default via 192.168.$1.254
" | docker-machine ssh "$name" "sudo tee ~/switch_default_gateway.sh"
echo "
alias local1='ip route del default && ip route add default via 192.168.1.254'
alias local2='ip route del default && ip route add default via 192.168.2.254'
alias dhcp='ip route del default && ip route add default via 172.0.0.254'
" | docker-machine ssh "$name" "sudo tee -a ~/.bashrc > /dev/null"
echo 'Done writing scripts'
docker-machine ssh "$name" "sudo chmod +x /var/lib/boot2docker/bootsync.sh"
docker-machine ssh "$name" "sudo chmod +x ~/switch_default_gateway.sh"
docker-machine ssh "$name" "source ~/.bashrc"
jq '.Driver.IPAddress = $newVal' --arg newVal '10.17.65.10'$i ~/.docker/machine/machines/"$name"/config.json > tmp.$$.json && mv tmp.$$.json ~/.docker/machine/machines/"$name"/config.json
echo 'Done deploying docker machines'
) &
done
Everything until this point executes fine, then the script is stuck. If I provide any input on the shell it exits.
tee -a ~/.ssh/config << EOF
Host *
StrictHostKeyChecking no
EOF
The last part never gets executed
Are you sure you don't have a 'non breakable space' (https://en.wikipedia.org/wiki/Non-breaking_space) between your << and EOF?
Anyway, your initial script, and the indicated lines at the end of your question is not the same (the one involving tee command), can you update your question to fit the final version of your script?
I'm new to bash script and I need to make a script that runs the following commands:
service apache2 start
airmon-ng start wlan0
airbase-ng -e FREEINTERNET -c 1 -P wlan0mon
ifconfig at0 192.168.1.129 netmask 255.255.255.128
route add -net 192.168.1.128 netmask 255.255.255.128 gw 192.168.1.129
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING --out-interface wlan1 -j MASQUERADE
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.0.4:80
iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 80
iptables -t nat -A POSTROUTING -j MASQUERADE
dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid at0
service isc-dhcp-server start
My big doubt is how to make the script open the airbase-ng -e FREEINTERNET -c 1 -P wlan0mon command in a different terminal and keep executing both airbase and the remaining commands. I’m using Kali 64-bit with GNOME.
You can run something in the background by suffixing it with &. If you want to run something in a new GNOME Terminal window, you can do so with gnome-terminal -e. Putting those together, to run your airbase-ng command in a new GNOME Terminal window while letting the rest of your script continue to run:
# …
airmon-ng start wlan0
gnome-terminal -e 'airbase-ng -e FREEINTERNET -c 1 -P wlan0mon' &
ifconfig at0 192.168.1.129 netmask 255.255.255.128
# …
I'd like to make a simple bash script to connect to known wifi networks.
Thus far I have...
#!/bin/bash
NETWORK_ID=${1:myintranet}
WIRELESS_KEY=${2:""}
WIRELESS_DEVICE=${3:wlan0}
if [ ! -n "$WIRELESS_KEY" ]; then
read -s -p "Enter Password: " WIRELESS_KEY
fi
#ifconfig wlan0
iwconfig wlan0 essid $NETWORK_ID key s:$WIRELESS_KEY
dhclient wlan0
I enter the plain text password for the network when requested and it fails with the error
iwconfig: unknown command "s:myPassword"
But I can't find any reason why it should be expecting a command and not translating the key to hex.
This is working fine for me for WEP wifi. Don't forget to name the script with .sh extension.
#!/bin/bash
NETWORK_ID=${1:myintranet}
WIRELESS_KEY=${2:xxx}
WIRELESS_DEVICE=${3:wlan0}
if [ -z "$WIRELESS_KEY" ]; then
read -s -p "Enter Password: " WIRELESS_KEY
fi
#ifconfig wlan0
iwconfig wlan0 essid $NETWORK_ID key s:$WIRELESS_KEY
dhclient wlan0
For WPA wifi, it may not work. Consider using wpa_supplicant or configure it using wicd (wicd-gtk)
In OS X, you turn on and off a web proxy from System Preferences > Network > Proxies, by checking Web Proxy (HTTP) and designating the Web Proxy Server etc. and by clicking OK and then "Apply". This is way too many steps. Is there a way to do this all from the command line and a shell script?
For an unauthenticated proxy (and assuming it's the Ethernet service you want to configure):
networksetup -setwebproxy Ethernet proxy.example.net 80 off
for authenticated:
networksetup -setwebproxy Ethernet proxy.example.net 80 on proxyuser "p4ssw0rd"
and to turn it off:
networksetup -setwebproxystate Ethernet off
If the network service isn't named just "Ethernet", you may need to parse networksetup -listallnetworkservices or -listnetworkserviceorder to get the correct name.
To just toggle on/off my proxies in OSX Mavericks, I set up this script. Note that this example just affects my wi-fi adapter. I am toggling on/off the web, streaming, and SOCKS proxies all at once. You could set the proxy address as well, per Gordon's example, but I already had this saved through the System Preferences > Network > Proxies GUI.
BASH Script, saved as prox.sh:
#!/bin/bash
e=$(networksetup -getwebproxy wi-fi | grep "No")
if [ -n "$e" ]; then
echo "Turning on proxy"
sudo networksetup -setstreamingproxystate wi-fi on
sudo networksetup -setsocksfirewallproxystate wi-fi on
sudo networksetup -setwebproxystate wi-fi on
else
echo "Turning off proxy"
sudo networksetup -setstreamingproxystate wi-fi off
sudo networksetup -setsocksfirewallproxystate wi-fi off
sudo networksetup -setwebproxystate wi-fi off
fi
Then symlink the script on the command line:
ln -s /Script/Location/prox.sh prox-toggle
Now you can toggle the proxies on/off at the command line:
bash prox-toggle
I prepared a script named proxy that might help,
#!/bin/bash
#
#
# Author: Md. Sazzad Hissain Khan
# Date: 8 July, 2017
#
#
NETWORK_SERVICE_NAME="Ethernet"
if [ "$#" -ne 1 ]; then
echo "Argument missing [on/off]"
exit 0
fi
if [ $1 == "on" ]; then
echo "Enabling secure proxy for $NETWORK_SERVICE_NAME"
networksetup -setsecurewebproxystate "$NETWORK_SERVICE_NAME" on
elif [ $1 == "off" ]; then
echo "Disabling secure proxy for $NETWORK_SERVICE_NAME"
networksetup -setsecurewebproxystate "$NETWORK_SERVICE_NAME" off
else
echo "Argument invalid [permitted:on/off]"
fi
NETWORK_SERVICE_NAME is the name of your active network which you need to configure.
Create proxy file in /usr/local/bin.
Copy above script into proxy.
Set executable permission for the file using sudo chmod 777 proxy .
How to use:
proxy on
proxy off
Just the Toggling :)
networksetup -setwebproxystate <networkservice> <on off>
networksetup -setsecurewebproxystate <networkservice> <on off>
Example :
networksetup -setwebproxystate Wi-Fi on
networksetup -setsecurewebproxystate Wi-Fi on
To handle the Modification alert : prefix sudo like
sudo networksetup -setwebproxystate Wi-Fi on
sudo networksetup -setsecurewebproxystate Wi-Fi on
Here is an Applescript that turns on and off the proxy at macworld.
http://hints.macworld.com/article.php?story=2003101617122867
Enabling and Disabling Proxy with a keyboard shortcut
In terminal, you can turn wifi proxy off and on with these commands
networksetup -setwebproxystate Wi-Fi <on | off>
networksetup -setsecurewebproxystate Wi-Fi <on | off>
and Ethernet
networksetup -setwebproxystate Ethernet <on | off>
networksetup -setsecurewebproxystate Ethernet <on | off>
Here's a one-liner to toggle between on and off (Using Wi-Fi example)
e=$(networksetup -getwebproxy wi-fi | grep "No")
if [ -n "$e" ]; then
networksetup -setwebproxystate Wi-Fi on
networksetup -setsecurewebproxystate Wi-Fi on
else
networksetup -setwebproxystate Wi-Fi off
networksetup -setsecurewebproxystate Wi-Fi off
fi
Create a keyboard shortcut that runs a shell command
Start Automator, and create a new Service.
Set "Service receives selected: to "no input" in "any application".
Add an action named "Run Shell Script". It's in the Utilities section of the Actions Library.
Insert the bash command you want into the text box and test run it using the Run button (top right). It should do whatever the script does (off, on or toggle), and there should be green ticks below the Action.
Save it, giving it a service name you can remember.
Go to System Preferences -> Keyboard, and go to the Shortcuts tab
Go to the Services section, and scroll down to General - you should find your service there. If you select the line, you can click "add shortcut" and give it a keyboard shortcut.
As I needed a simple script that will just toggle both HTTP and HTTPS proxies on/off at the same time, here it is:
#!/usr/bin/env bash
# Toggles *both* HTTP and HTTP proxy for a preconfigured service name ("Wi-Fi" or "Ethernet").
NETWORK_SERVICE_NAME="Wi-Fi" # Wi-Fi | Ethernet
IS_PROXY_ENABLED=$(networksetup -getwebproxy "$NETWORK_SERVICE_NAME" | head -n 1 | grep Yes)
if [ -z "$IS_PROXY_ENABLED" ]; then
echo "Enabling HTTP and HTTPs proxy for $NETWORK_SERVICE_NAME"
networksetup -setstreamingproxystate "$NETWORK_SERVICE_NAME" on
networksetup -setwebproxystate "$NETWORK_SERVICE_NAME" on
networksetup -setsecurewebproxystate "$NETWORK_SERVICE_NAME" on
else
echo "Disabling HTTP and HTTPs proxy for $NETWORK_SERVICE_NAME"
networksetup -setstreamingproxystate "$NETWORK_SERVICE_NAME" off
networksetup -setwebproxystate "$NETWORK_SERVICE_NAME" off
networksetup -setsecurewebproxystate "$NETWORK_SERVICE_NAME" off
fi