Перейти к содержанию
This is a typical use case: you want to broadcast a public Wi-Fi network to everyone, but you have strict requirements that only allow pictures of cats. Good news: your Raspberry Pi is the perfect machine for transmoggification . Intrigued? Read more.
What you need
- Raspberry Pi Model B (new to Raspberry Pi? Here’s everything a newbie needs to know, in video form)
- SD card 4 GB or more
- network cable
- Compatible WiFi adapter
- MicroUSB power cable and adapter
Theory
This project starts with Onion Router. we built a few weeks ago. We will first make the Raspberry Pi on a standard WiFi network and then place a proxy in the middle. The proxy will filter messages with a Perl script that will replace images in every HTTP request with cat GIFs from TheCatAPI.com . See how puzzled users are intensely upset, yet strangely relieved at the same time. Here’s the BBC, post-cat modifications.
Create a WiFi network
Since this part of the tutorial is exactly the same as DIY Onion Router. please follow the instructions there until the moment Tor installations .
The only small change we need to make is to have a broadcast open WiFi network, rather than one that is secured with WPA. After you complete the settings, change /etc/hostapd/hostapd.conf by inserting the following configurations instead. Restart to apply changes.
interface=wlan0 driver=nl80211 ssid=Kittens hw_mode=g channel=6 auth_algs=1 wmm_enabled=0
You should now have a wireless network broadcast on your Raspberry Pi that is public. The rest of this guide will be devoted to interesting things.
If something doesn’t work, type:
ifconfig -a
and look for an IP address on wlan0. If one of them is not assigned on reboot, try the following:
sudo nano /etc/default/ifplugd
Change the following lines from:
INTERFACES="auto" HOTPLUG_INTERFACES="all"
to:
INTERFACES="eth0" HOTPLUG_INTERFACES="eth0"
Reboot and make sure you can connect to the Wi-Fi network and access the internet.
Squid Proxy and IPTables
Start by installing the prerequisites, then create a new routing table. We’ll be serving images from the Raspberry Pi later, so we’ll also need an Apache web server.
sudo apt-get install squid3 bridge-utils apache perl nano iptables.sh
Paste in the following:
iptables -t nat -A POSTROUTING -j MASQUERADE iptables -t nat -A PREROUTING -i wlan0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.42.1:3128 iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
Save, then exit.
chmod +x iptables.sh sudo cp iptables.sh /etc/init.d/ sudo update-rc.d iptables.sh start 99
Ignore the warnings, it just means that we didn’t follow some Debian rules (but didn’t break anything). Finally we still have the old rules iptables on boot, so remove the following line from /etc/network/interfaces
up iptables-restore < /etc/iptables.ipv4.nat
(Remove or comment out)
Then reboot. Next, we will remove the default Squid proxy configuration and create a new one.
sudo rm /etc/squid3/squid.conf sudo nano /etc/squid3/squid.conf
Paste the following into an empty file:
cache_mgr pi cachemgr_passwd pi all redirect_program /home/pi/cats.pl acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl localnet src 192.168.42.0/24 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow localhost http_access deny all http_port 3128 transparent umask 022 cache_mem 128 MB cache_dir ufs /var/spool/squid3 1500 16 256 coredump_dir /var/spool/squid3 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320
Save and exit. Initialize the cache directories with the following command, then edit the script we will use to comparisons all images:
sudo squid3 -z nano /home/pi/cats.pl
Paste in:
#!/usr/bin/perl $|=1; $count = 0; $pid = $$; open (DEBUG, '>>/tmp/cats.log'); autoflush DEBUG 1; print DEBUG "########################################################################\n"; while (<>) { chomp $_; if (m/nosquid/) { print DEBUG "Input NOSQUID: $url\n"; print "$_\n"; print DEBUG "Output NOSQUID: $_\n"; } elsif ($_ =~ /(.*\.jpg)/i) { $url = $1; print DEBUG "Input: $url\n"; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "http://thecatapi.com/api/images/get?format=src&type=gif&nosquid"); chmod 0777,"/var/www/images/$pid-$count.gif"; print "http://127.0.0.1/images/$pid-$count.gif\n"; } elsif ($_ =~ /(.*\.gif)/i) { $url = $1; print DEBUG "Input: $url\n"; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "http://thecatapi.com/api/images/get?format=src&type=gif&nosquid"); chmod 0777,"/var/www/images/$pid-$count.gif"; print "http://127.0.0.1/images/$pid-$count.gif\n"; } elsif ($_ =~ /(.*\.png)/i) { $url = $1; print DEBUG "Input: $url\n"; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "http://thecatapi.com/api/images/get?format=src&type=gif&nosquid"); chmod 0777,"/var/www/images/$pid-$count.gif"; print "http://127.0.0.1/images/$pid-$count.gif\n"; } elsif ($_ =~ /(.*\.jpeg)/i) { $url = $1; print DEBUG "Input: $url\n"; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "http://thecatapi.com/api/images/get?format=src&type=gif&nosquid"); chmod 0777,"/var/www/images/$pid-$count.gif"; print "http://127.0.0.1/images/$pid-$count.gif\n"; } else { print "$_\n"; } $count++; }
Make the script executable and we also need to create some directories to work with it.
sudo chmod +x cats.pl sudo mkdir /var/www/images sudo chmod 777 /var/www/images sudo usermod -a -G www-data proxy sudo chown www-data:www-data /var/www sudo chown www-data:www-data /var/www/images touch /tmp/cats.log chmod 777 /tmp/cats.log
You can write a log at any time with:
tail -f /tmp/cats.log
Try logging into Pinterest and all of a sudden all those silly DIY potted projects and men's fashion choices become a lot more attractive.
If you prefer to show upside down images (credit to original script for Ex-Parrot, I only modified to fix some permissions errors) create upsidedown.pl and paste the following.
#!/usr/bin/perl $|=1; $count = 0; $pid = $$; while (<>) { chomp $_; if ($_ =~ /(.*\.jpg)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url"); system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg"); chmod 0777,"/var/www/images/$pid-$count.jpg"; print "http://127.0.0.1/images/$pid-$count.jpg\n"; } elsif ($_ =~ /(.*\.gif)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url"); system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif"); chmod 0777,"/var/www/images/$pid-$count.gif"; print "http://127.0.0.1/images/$pid-$count.gif\n"; } elsif ($_ =~ /(.*\.png)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.png", "$url"); system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.png"); chmod 0777,"/var/www/images/$pid-$count.png"; print "http://127.0.0.1/images/$pid-$count.png\n"; } elsif ($_ =~ /(.*\.jpeg)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpeg", "$url"); system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpeg"); chmod 0777,"/var/www/images/$pid-$count.jpeg"; print "http://127.0.0.1/images/$pid-$count.jpeg\n"; } else { print "$_\n";; } $count++; }
Follow the other steps above by changing the file name to make the script executable and change the Squid configuration, pointing upsidedown.pl instead of cats.pl Finally, you need to restart Squid with:
sudo service squid3 restart
The results are pretty impressive anyway. If you make any changes or improve these scripts with additional features, please let me add a link to your script in Pastebin in the comments.
Need something more complex? You can try to combine this project with Raspberry Pi NAS. or always-on torrent downloader !
