weyne/wp6
1
0
Fork 0
mirror of https://github.com/hak5darren/wp6.git synced 2025-10-29 16:57:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4 from KINGSABRI/fix-ics

Browse Source 
Fix iptables rules for ICS
This commit is contained in:
Darren Kitchen 2019-11-08 18:15:12 -08:00 committed by GitHub
commit 2cc88a2347
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 40 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
wp6.sh Normal file → Executable file
View File

@ -3,7 +3,7 @@
# EULA https://www.wifipineapple.com/licence/eula.txt
# License https://www.wifipineapple.com/licence/software_licence.txt
wpver=6.5
wpver=6.5.1
spineapplenmask=255.255.255.0
spineapplenet=172.16.42.0/24
spineapplelan=eth1
@ -261,6 +261,35 @@ function savechanges {
menu
}
#
# IP Forwarding Settings
#
function set_ip_forward {
echo "Setting-up IP forwarding rules..."
# Enable kernel IP forwarding
echo '1' > /proc/sys/net/ipv4/ip_forward
wp2net=`iptables -nv -L FORWARD | grep -i "WifiPineapple to Inetnet"`
net2wp=`iptables -nv -L FORWARD | grep -i "Inetnet to WifiPineapple"`
netmsq=`iptables -t nat -nv -L POSTROUTING | grep -i "Inetnet Connection Sharing (ICS)"`
# Enable iptables outgoing forwarding
if [ -z "$wp2net" ]; then
iptables -I FORWARD 1 -i $spineapplewan -o $spineapplelan -m state --state NEW,ESTABLISHED,RELATED -m comment --comment "WifiPineapple to Inetnet" -j ACCEPT
fi
# Enable iptables ingoing forwarding
if [ -z "$net2wp" ]; then
iptables -I FORWARD 2 -i $spineapplelan -o $spineapplewan -m state --state NEW,ESTABLISHED,RELATED -m comment --comment "Inetnet to WifiPineapple" -j ACCEPT
fi
# Enable connection masquerading
if [ -z "$netmsq" ]; then
iptables -A POSTROUTING -t nat -o $spineapplewan -m comment --comment "Inetnet Connection Sharing (ICS)" -j MASQUERADE
fi
}
function connectsaved {
if [[ "$sfirsttime" == "1" ]]; then
printf "\n Error: Settings unsaved. Run either Guided or Manual setup first.\n"; menu
@ -278,14 +307,14 @@ function connectsaved {
printf " $(tput setaf 6) ( _ )_ $(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 7)[___]$(tput sgr0) $(tput setaf 2)<-->$(tput sgr0) $(tput setaf 3),<><>,$(tput sgr0)\n"
printf " $(tput setaf 6) (_ _(_ ,)$(tput sgr0) $(tput setaf 7)\___\\$(tput sgr0) $(tput setaf 3)'<><>'$(tput sgr0)\n"
ifconfig $spineapplelan $spineapplehostip netmask $spineapplenmask up #Bring up Ethernet Interface directly connected to Pineapple
echo '1' > /proc/sys/net/ipv4/ip_forward # Enable IP Forwarding
iptables -X #clear chains and rules
iptables -F
iptables -A FORWARD -i $spineapplewan -o $spineapplelan -s $spineapplenet -m state --state NEW -j ACCEPT #setup IP forwarding
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE
route del default #remove default route
route add default gw $spineapplegw $spineapplewan #add default gateway
# IP Forwarding Settings
set_ip_forward
# remove default route
route del default
# add default gateway
route add default gw $spineapplegw $spineapplewan
printf "\n Browse to http://$spineappleip:1471\n\n"
exit
}
@ -297,7 +326,7 @@ function bunny {
exit
}
banner #remove for less 1337
banner # remove for less 1337
showsettings
if [[ "$sfirsttime" == "1" ]]; then
printf "
@ -305,4 +334,4 @@ if [[ "$sfirsttime" == "1" ]]; then
script, Guided setup is recommended to save initial configuration.\n\
Subsequent sessions may be quickly connected using saved settings.\n"
fi
menu
menu