bitinerant / bitburrow Goto Github PK
View Code? Open in Web Editor NEWA safe internet tunnel for the whole home that anyone can set up.
License: GNU General Public License v2.0
A safe internet tunnel for the whole home that anyone can set up.
License: GNU General Public License v2.0
The remaining line length PEP8 issues in main.py
are within a complex shell script. This is the last remaining style issue that I'm not comfortable fixing as @bitinerant knows more about how this should work.
Once that is fixed, I think we're ready to start using black
to automatically format all of the projects code and then it's mechanical how things should look and everything will pass style checks all the time.
See function wifi_available_ssids()
See:
https://github.com/bitinerant/cleargopher/blob/d5a9a15a6f40d4e14d84bd1e5b8676d2f7f69f2f/main.py#L468
and elsewhere where paramiko may block.
I was able to fix all but the following three style issues:
./main.py:893:5: E722 do not use bare 'except'
./main.py:900:5: E722 do not use bare 'except'
./main.py:928:5: E722 do not use bare 'except'
The proper thing to do in these situations is to catch an exact (or several distinct) exceptions you are expecting to handle.
For example to catch two types of exceptions:
except (IDontLikeYouException, YouAreBeingMeanException) as e:
pass
This is important as bare except
s swallow up unexpected exceptions and make debugging bugs harder.
When this is done I can complete #36
This is needed after first router reboot.
Add a unit test for this too.
Add logging capabilities to assist in local debugging, remote (end-user) debugging, and especially when implementing new hardware or VPN providers. Be sure passwords do not go into logs. See also podcast on Eliot, especially question near the end, "How does Eliot compare ...".
Only using 'mssfix' when needed should provide better throughput on correct links. See setting up mtu, fragment, mssfix. Even better would be to determine the actual 'best' MTU setting for the particular connection.
@bitinerant As mentioned in #5, if we can remove our dependency on NetworkManager/DBus we can make this project much more portable.
I'd recommend that all of dependencies by installable by PyPI and ideally have support for Windows and macOS as that will be what a majority of potential users will have. It looks like all of our current dependencies satisfy this except for NetworkManager / DBus.
One possibility is pywifi
.
#### 7. test
* Wait for the router to reboot.
* Reconnect the WiFi to the VPN router. The password should be saved in Network Manager. (It is also in ``~/.cleargopher/cleapher.conf``.)
* From the client computer, test a few websites and download a large file (30 seconds or more).
* Test that your IP is from PIA (e.g. banner at top of PIA home page should say, "You are protected by PIA")
* Test that DNS is not leaking (none of the DNS addresses displayed should be in same country as the router) at <https://ipleak.net/> (an additional DNS leak test is at <https://dnsleaktest.com/>).
* Test that IPv6 is blocked: <http://ipv6-test.com/>.
* Test that DNS and traffic are completely blocked when OpenVPN dies or the connection is lost; this will also test that OpenVPN automatically restarts:
* Preparation--on router: ``opkg update && opkg install tcpdump``
* Terminal window 1--on router: ``tcpdump -n -i eth0 '(not port 1198) and (tcp or udp)'``
* Terminal window 2--on router: ``for i in `seq 10000`; do ping -c 1 -q a$i.example.com; done |grep ^PING``
* Terminal window 3--on client computer: ``for i in `seq 10000`; do ping -c 1 -q b$i.example.com; done |grep ^PING``
* Terminal window 4--on router: ``ps |grep '[o]penvpn'; sleep 1; killall openvpn; sleep 1; ps |grep '[o]penvpn'; sleep 10; ps |grep '[o]penvpn'``
* After running the above command, watch the tcpdump window. After a couple of seconds, you should see some queries for privateinternetaccess.com but **not any other queries**. If you don't see any tcpdump activity, wait a few mintues for the DNS cache to time out. The above command should list exactly 2 lines--the old and the new OpenVPN instances.
# Test that your IP is from PIA via:
# wget -q -O- 'https://www.privateinternetaccess.com/' |grep 'You are protected by PIA'
Handle duplicate SSIDs in conf file that have different passwords, and try factory password even if SSID already found (in case router was reset).
https://github.com/bitinerant/cleargopher/blob/d5a9a15a6f40d4e14d84bd1e5b8676d2f7f69f2f/main.py#L855-L858
https://github.com/bitinerant/cleargopher/blob/d5a9a15a6f40d4e14d84bd1e5b8676d2f7f69f2f/main.py#L860-L864
"a robust network automation toolkit written in Python that was designed for interfacing with network devices"
"a python library that converts NetJSON DeviceConfiguration objects into real router configurations that can be installed on systems like OpenWRT, LEDE or OpenWisp Firmware"
"Network Automation and Programmability Abstraction Layer with Multivendor support"
Currently the instructions assume a Linux or Mac host:
Telnet to the router: telnet 192.168.8.1
I think it would be helpful to tell the user to "Open a Terminal" and input those commands.
We could also expand the the instructions for Windows 10 users by having them install the Windows Subsystem for Linux. It's as simple as installing it from the Windows Store now.
Edit: Though if the purpose is just to document the steps to later automate, this might not be necessary.
Replace this code:
os.system('nmcli dev wifi rescan 2>/dev/null')
parser.add_argument(
"command",
choices=("set-up", "update", "shell", "internal-tests"),
metavar="command",
help=_("task to perform: set-up, update, or shell"),
)
This would better be expressed using an Enum
, which is type safe and supports better type hinting and auto-completion than bare string names.
See PyYAML dump format.
Currently there is a comment at the top of main.py
that " "
should be localized and ' '
should not be. A true solution to this would be to support full localization. One such package that does this well in Django: https://docs.djangoproject.com/en/stable/topics/i18n/translation/
We hopefully wouldn't need everything Django provides (web server, etc) and could just pull out the translation portions.
Translation would then look something like:
from django.utils.translation import gettext as _
def my_view(request):
output = _("Welcome to my site.")
One possibility is to define from and to version numbers for set of commands, i.e. rather than
--- group dns1 ---
use --- group dns 0->1 ---
. In other words, this set of commands upgrades the dns
group version from 0 to 1.
Note:
https://github.com/bitinerant/cleargopher/blob/d5a9a15a6f40d4e14d84bd1e5b8676d2f7f69f2f/main.py#L1011-L1012
and:
https://github.com/bitinerant/cleargopher/blob/d5a9a15a6f40d4e14d84bd1e5b8676d2f7f69f2f/main.py#L1025-L1026
and:
https://github.com/bitinerant/cleargopher/blob/d5a9a15a6f40d4e14d84bd1e5b8676d2f7f69f2f/main.py#L1034
and:
https://github.com/bitinerant/cleargopher/blob/d5a9a15a6f40d4e14d84bd1e5b8676d2f7f69f2f/main.py#L1076
This will allow hosting versions of PyPI.
main.py shell
...
Unable to find WiFi network for a supported router
When running on a VM that is NAT'd behind a host that is already connected to the router's WIFI, it would be nice if this step could be skipped automatically (perhaps with a warning logged to the terminal).
In this case, my VM can ping the router (through the NAT) so the remaining steps should work.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.