Introduction: Raspberry Pi Personal Firewall
CU ITP Hackathon project
Step 1: Set Up Raspberry Pi
Following the instructions provided with the Raspberry Pi, set it up using Raspbian.
Step 2: Setup Raspberry Pi As Gateway
sudo nano /etc/network/interfaces
edit to look like this, then save:
auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.rules
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
Enable IP forwarding:
nano -w /etc/sysctl.conf
net.ipv4.ip_forward=1
Install and configure DNSMASQ
To install:
sudo apt-get install dnsmasq
To configure:
nano -w /etc/dnsmasq.conf
interface=eth0
listen-address=127.0.0.1
domain=example.com
dhcp-range=192.168.0.1,192.168.0.110,12h
Reboot the system.
Step 3: Configure and Activate Iptables
nano -w /etc/iptables.rules
*nat
-A PREROUTING -i eth0 -p tcp -m tcp --dport 50000 -j DNAT --to-destination 192.168.0.3:50000
-A POSTROUTING -o eth0 -j MASQUERADE COMMIT
*filter
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -j DROP -A FORWARD -i eth0 -p tcp -m tcp --dport 50000 -m state --state NEW -j ACCEPT COMMIT
Activate:
iptables-restore < /etc/iptables.rules
Ensure iptables restart on boot:
Add to /etc/network/interfaces after lo:
nano -w /etc/network/interfaces
pre-up iptables-restore < /etc/iptables.rules
Step 4: Write a Script to Get Malicious IPs and Add Them to IP Tables to DROP
1 #!/usr/bin/python
2 import requests
3 import re
4 import subprocess
5 import os
6 r = requests.get("http://www.malwaredomainlist.com/mdl.php?search=&colsearch=All&quantity=A ll")
7
8 data = r.text
9
10 datasplit=data.split('\n')
11 malIP=[]
12 for d in datasplit:
13 d1=d.split('')
14 if len(d1) > 3:
15 s=re.search('\d+\.\d+\.\d+\.\d+', d1[2])
16 if hasattr(s, 'group'):
17 malIP.append(str(s.group(0)))
18
19
20 malIP1=malIP[:100]
21
22
23 print(len(malIP1))
24 os.system("iptables -F FORWARD")
25 for IP in malIP1:
26 os.system("iptables -A FORWARD -d "+IP+" -j DROP")
27 os.system("iptables -A FORWARD -j ACCEPT")
Step 5: Set Script to Run Every 5 Minutes
crontab -e
Add a rule at the bottom:
*/5 * * * * /usr/bin/python /home/pi/scriptname.py
Save and quit
Step 6: Set Up Flask Web Server
The web server enumerates the list of wifi networks and allows us to connect to any of them.
pip install flask
pip install wifi
Python server code attached.
Step 7: Create Index.html for Web Server
This index.html file will go inside the flask file structure in the "templates" directory.