f0r34chb3t4 · September 28, 2017 13:32
diff --git a/install-tor-haproxy-centos7-olny.sh b/install-tor-haproxy-centos7-olny.sh
 #!/bin/bash
 #
 # by f0r34chb3t4 on Centos 7 - OpenStack
 #
 # 
 # Sistema simples para automatizar a instalacao e configuracao do haproxy e tor cliente com multiplas portas.
 #
 # O tor sera configurado para servir conexao de proxy nas portas 59050 a 59074 na rede loopback.
 # O haproxy ira servir na porta 51080 em toda a redes disponiveis.
 # Em teoria, tomos o haproxy realizando balanceamento de conexoes distribuidas pelo tor em 20 portas. 
 # Cada porta servida pelo tor deve ter um ip de saida diferente dos demais, logo temos 20 ips de saida.
 #
 # obs: para ajudar a rede, o tor tambem ira atuar como relay ( ira usar a maquina configurada como um Retransmissor de pacotes e nao como ponto final. )
 #
 # curl --socks5 192.168.1.66 ipinfo.io
 #
 #

 yum -y install epel-release
 yum -y update
 yum -y install haproxy tor unzip wget nano

 mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg-bak


 IP_LOCAL=$( ifconfig | grep -F 172.22.11 | awk '{print $2}' )


 cat <<'EOF' > /etc/haproxy/haproxy.cfg
 global

    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    user        haproxy
    group       haproxy
    daemon

 defaults
    mode                    tcp
    log                     global
    option                  dontlognull
    option					redispatch
    retries                 1
    timeout queue           15m
    timeout connect         10s
    timeout client          10s
    timeout server          10s
    timeout check           10s
    maxconn                 10000


 listen tor
 	mode tcp
 	bind 127.3.2.1:51080 
 	server tor100 127.0.0.1:59050
 	server tor102 127.0.0.1:59051
 	server tor103 127.0.0.1:59052
 	server tor104 127.0.0.1:59053
 	server tor105 127.0.0.1:59054
 	server tor106 127.0.0.1:59055
 	server tor107 127.0.0.1:59056
 	server tor108 127.0.0.1:59057
 	server tor109 127.0.0.1:59058
 	server tor110 127.0.0.1:59059
 	server tor111 127.0.0.1:59060
 	server tor112 127.0.0.1:59061
 	server tor113 127.0.0.1:59062
 	server tor114 127.0.0.1:59063
 	server tor115 127.0.0.1:59064
 	server tor116 127.0.0.1:59065
 	server tor117 127.0.0.1:59066
 	server tor118 127.0.0.1:59067
 	server tor119 127.0.0.1:59068
 	server tor120 127.0.0.1:59069
 EOF


 sed -i 's|127.3.2.1|'${IP_LOCAL}'|' /etc/haproxy/haproxy.cfg


 cat <<'EOF' > /etc/tor/torrc
 ControlSocket /run/tor/control
 ControlSocketsGroupWritable 1
 CookieAuthentication 1
 CookieAuthFile /run/tor/control.authcookie
 CookieAuthFileGroupReadable 1

 ORPort 443 NoListen
 ORPort 127.0.0.1:9090 NoAdvertise

 DirPort 80 NoListen
 DirPort 127.0.0.1:9091 NoAdvertise

 ExitPolicy reject *:*

 Nickname f0r34chb3t4
 ContactInfo [email protected]

 DisableDebuggerAttachment 0

 ExcludeSingleHopRelays 0

 NewCircuitPeriod 600

 SOCKSPort 59050
 SOCKSPort 59051
 SOCKSPort 59052
 SOCKSPort 59053
 SOCKSPort 59054
 SOCKSPort 59055
 SOCKSPort 59056
 SOCKSPort 59057
 SOCKSPort 59058
 SOCKSPort 59059
 SOCKSPort 59060
 SOCKSPort 59061
 SOCKSPort 59062
 SOCKSPort 59063
 SOCKSPort 59064
 SOCKSPort 59065
 SOCKSPort 59066
 SOCKSPort 59067
 SOCKSPort 59068
 SOCKSPort 59069
 EOF


 systemctl enable tor
 systemctl restart tor


 systemctl enable haproxy
 systemctl restart haproxy


 cat <<'EOF' >> /etc/security/limits.conf
 *         hard    nofile      1000000
 *         soft    nofile      1000000
 root      hard    nofile      1000000
 root      soft    nofile      1000000
 EOF


 echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
 echo 30 > /proc/sys/net/ipv4/tcp_keepalive_intvl
 echo 5 > /proc/sys/net/ipv4/tcp_keepalive_probes
 echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
 echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
 echo 1000000 > /proc/sys/fs/file-max
 echo 5000 40000 > /proc/sys/net/ipv4/ip_local_port_range


 setenforce 0


 exit 0
	#!/bin/bash
	#
	# by f0r34chb3t4 on Centos 7 - OpenStack
	#
	#
	# Sistema simples para automatizar a instalacao e configuracao do haproxy e tor cliente com multiplas portas.
	#
	# O tor sera configurado para servir conexao de proxy nas portas 59050 a 59074 na rede loopback.
	# O haproxy ira servir na porta 51080 em toda a redes disponiveis.
	# Em teoria, tomos o haproxy realizando balanceamento de conexoes distribuidas pelo tor em 20 portas.
	# Cada porta servida pelo tor deve ter um ip de saida diferente dos demais, logo temos 20 ips de saida.
	#
	# obs: para ajudar a rede, o tor tambem ira atuar como relay ( ira usar a maquina configurada como um Retransmissor de pacotes e nao como ponto final. )
	#
	# curl --socks5 192.168.1.66 ipinfo.io
	#
	#

	yum -y install epel-release
	yum -y update
	yum -y install haproxy tor unzip wget nano

	mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg-bak


	IP_LOCAL=$( ifconfig \| grep -F 172.22.11 \| awk '{print $2}' )


	cat <<'EOF' > /etc/haproxy/haproxy.cfg
	global

	log 127.0.0.1 local2
	chroot /var/lib/haproxy
	pidfile /var/run/haproxy.pid
	user haproxy
	group haproxy
	daemon

	defaults
	mode tcp
	log global
	option dontlognull
	option redispatch
	retries 1
	timeout queue 15m
	timeout connect 10s
	timeout client 10s
	timeout server 10s
	timeout check 10s
	maxconn 10000


	listen tor
	mode tcp
	bind 127.3.2.1:51080
	server tor100 127.0.0.1:59050
	server tor102 127.0.0.1:59051
	server tor103 127.0.0.1:59052
	server tor104 127.0.0.1:59053
	server tor105 127.0.0.1:59054
	server tor106 127.0.0.1:59055
	server tor107 127.0.0.1:59056
	server tor108 127.0.0.1:59057
	server tor109 127.0.0.1:59058
	server tor110 127.0.0.1:59059
	server tor111 127.0.0.1:59060
	server tor112 127.0.0.1:59061
	server tor113 127.0.0.1:59062
	server tor114 127.0.0.1:59063
	server tor115 127.0.0.1:59064
	server tor116 127.0.0.1:59065
	server tor117 127.0.0.1:59066
	server tor118 127.0.0.1:59067
	server tor119 127.0.0.1:59068
	server tor120 127.0.0.1:59069
	EOF


	sed -i 's\|127.3.2.1\|'${IP_LOCAL}'\|' /etc/haproxy/haproxy.cfg


	cat <<'EOF' > /etc/tor/torrc
	ControlSocket /run/tor/control
	ControlSocketsGroupWritable 1
	CookieAuthentication 1
	CookieAuthFile /run/tor/control.authcookie
	CookieAuthFileGroupReadable 1

	ORPort 443 NoListen
	ORPort 127.0.0.1:9090 NoAdvertise

	DirPort 80 NoListen
	DirPort 127.0.0.1:9091 NoAdvertise

	ExitPolicy reject :

	Nickname f0r34chb3t4
	ContactInfo [email protected]

	DisableDebuggerAttachment 0

	ExcludeSingleHopRelays 0

	NewCircuitPeriod 600

	SOCKSPort 59050
	SOCKSPort 59051
	SOCKSPort 59052
	SOCKSPort 59053
	SOCKSPort 59054
	SOCKSPort 59055
	SOCKSPort 59056
	SOCKSPort 59057
	SOCKSPort 59058
	SOCKSPort 59059
	SOCKSPort 59060
	SOCKSPort 59061
	SOCKSPort 59062
	SOCKSPort 59063
	SOCKSPort 59064
	SOCKSPort 59065
	SOCKSPort 59066
	SOCKSPort 59067
	SOCKSPort 59068
	SOCKSPort 59069
	EOF


	systemctl enable tor
	systemctl restart tor


	systemctl enable haproxy
	systemctl restart haproxy


	cat <<'EOF' >> /etc/security/limits.conf
	* hard nofile 1000000
	* soft nofile 1000000
	root hard nofile 1000000
	root soft nofile 1000000
	EOF


	echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
	echo 30 > /proc/sys/net/ipv4/tcp_keepalive_intvl
	echo 5 > /proc/sys/net/ipv4/tcp_keepalive_probes
	echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
	echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
	echo 1000000 > /proc/sys/fs/file-max
	echo 5000 40000 > /proc/sys/net/ipv4/ip_local_port_range


	setenforce 0


	exit 0