93 lines
2.2 KiB
Plaintext
93 lines
2.2 KiB
Plaintext
Eine Projektidee um das Bewusstsein für Freie Netze zu stärken.
|
|
|
|
Ähnliche Projekte:
|
|
* http://wiki.daviddarts.com/PirateBox
|
|
* http://kioskofpiracy.org/
|
|
|
|
==Software==
|
|
|
|
* hostapd
|
|
* dhcp server
|
|
* Web frontend
|
|
** Am wichtigsten
|
|
** In Node.js
|
|
** Beta: http://sharing.hq.c3d2.de/
|
|
** Repo: https://github.com/c3d2/sharingiscaring/
|
|
* DNS server
|
|
** Muss für jegliche Namen eine IP zurückliefern
|
|
** '''stupiddns''' by john: http://gitorious.hq.c3d2.de/sharingiscaring/stupiddns
|
|
-->gitorious broken
|
|
until(pentasource){ask_at_jabber_or_hq(john) ; }
|
|
|
|
==Hardware==
|
|
|
|
* SheevaPlug (von [[Benutzer:Astro|Astro]])
|
|
* USB WLAN
|
|
* Wenn SD-Karte als Storage nicht genügt:
|
|
** USB Flash
|
|
** USB-Hub
|
|
|
|
==Config==
|
|
|
|
===/etc/network/interfaces===
|
|
auto lo
|
|
iface lo inet loopback
|
|
|
|
auto eth0
|
|
iface eth0 inet manual
|
|
up ip l s eth0 up
|
|
|
|
auto wlan0
|
|
iface wlan0 inet static
|
|
hostapd /etc/hostapd/hostapd.conf
|
|
address 10.0.0.1
|
|
netmask 255.255.255.0
|
|
All interfaces have '''fe80::''' addresses so '''ssh''' is reachable.
|
|
|
|
===iptables===
|
|
Catch-all rules for cached DNS entries:
|
|
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1:80
|
|
iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to-destination 10.0.0.1:53
|
|
|
|
===/etc/udhcpd.conf===
|
|
start 10.0.0.2
|
|
end 10.0.0.254
|
|
|
|
# The interface that udhcpd will use
|
|
interface wlan0 #default: eth0
|
|
|
|
# The maximim number of leases (includes addressesd reserved
|
|
# by OFFER's, DECLINE's, and ARP conficts
|
|
max_leases 253 #default: 254
|
|
|
|
# The time period at which udhcpd will write out a dhcpd.leases
|
|
# file. If this is 0, udhcpd will never automatically write a
|
|
# lease file. (specified in seconds)
|
|
auto_time 0 #default: 7200 (2 hours)
|
|
|
|
opt dns 10.0.0.1
|
|
option subnet 255.255.255.0
|
|
opt router 10.0.0.1
|
|
|
|
===Listening on privileged ports as non-root===
|
|
setcap 'cap_net_bind_service=+ep' /usr/local/bin/stupiddns
|
|
setcap 'cap_net_bind_service=+ep' /usr/local/bin/node
|
|
|
|
===runit===
|
|
|
|
#!/bin/sh
|
|
|
|
export PORT=80
|
|
export VHOST=sharing.is.caring
|
|
|
|
cd /home/sharing/sic
|
|
exec chpst -u nobody -U nobody /usr/local/bin/node server.js
|
|
Make sure '''files''' and '''files.json''' are read-/writeable by ''nobody''.
|
|
|
|
#!/bin/sh
|
|
|
|
exec chpst -u nobody -U nobody /usr/local/bin/stupiddns
|
|
|
|
|
|
[[Category:Projekt]]
|