forked from RondeSC/NetPi
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnetpi_setup.txt
85 lines (73 loc) · 3.03 KB
/
netpi_setup.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# RaspberryPi setup for use as a 'NetPi' Network Analyzer
# -------------------------------------------------------
sudo apt-get update
sudo apt-get install lighttpd php7.0 php7.0-cgi php7.0-common
sudo apt-get install cdpr dia ethtool iperf lldpd speedtest-cli zenmap
sudo apt-get install matchbox-keyboard
# during next install, when asked select '<Yes>' or do so later: sudo dpkg-reconfigure wireshark-common
sudo apt-get install wireshark
# configure http server
# --------------------------
sudo chown www-data:www-data /var/www
sudo lighty-enable-mod fastcgi-php
sudo lighty-enable-mod cgi
sudo lighty-enable-mod simple-vhost
sudo service lighttpd force-reload
# add lines to the end of 10-simple-vhost.conf, as given below
sudo nano /etc/lighttpd/conf-enabled/10-simple-vhost.conf
#NetPi
$SERVER["socket"] == "127.0.0.2:80" {
server.document-root = "/opt/NetPi/www/"
server.errorlog = "/var/log/netpi/error.log"
}
# add line, as appropriate, to lighttpd.conf
sudo nano /etc/lighttpd/lighttpd.conf
server.bind = "127.0.0.1"
sudo service lighttpd force-reload
cd ~ # every command going forward is done assuming this pwd
# config pi user and environment
# -----------------------------------
sudo usermod -a -G www-data pi # allows you to modify www files
sudo usermod -a -G wireshark pi
sudo nano .profile #add next two lines
xhost +
export DISPLAY=':0.0'
# setup NetPi files
# -----------------------------------
# Fetch a clone copy of the NetPi project
# The next few commands varry due to where&how you get the project files
# the results should be the project source files in ~pi/NetPi
#git clone https://github.com/chrisli-m/NetPi.git
wget https://github.com/RondeSC/NetPi/archive/dev_branch.zip # or other latest
unzip <repo branch zip filename> # as that downloaded
mv <NetPi-branchname> NetPi # rename dir, resulting from unzipped file
# 'Copy' the files so changes on working files can be done on a whim,
# while keeping the clone files as unchanged backups.
# Setup files in the http server root directory
sudo cp -r NetPi /opt/
sudo chown -R www-data:www-data /opt/NetPi
sudo chmod 775 /opt/NetPi
sudo chmod 775 /opt/NetPi/*
sudo find /opt/NetPi -type f -exec chmod 664 -- {} +
sudo chmod 775 /opt/NetPi/scripts/*.sh
sudo chmod 775 /opt/NetPi/scripts/*/*.sh
# setup for logging files
sudo mkdir /var/log/netpi
sudo chmod 777 /var/log/netpi
sudo mkdir /var/log/netpi/cdp
sudo chmod 777 /var/log/netpi/cdp
sudo mkdir /var/log/netpi/lldp
sudo chmod 777 /var/log/netpi/lldp
# enable some privileged access
# ----------------------------------
sudo groupadd -r autologin # these two did not seems to do the job
sudo gpasswd -a pi autologin # so the following chmod 4775 commands were done
# allow permissive use/access of these used utilities
# this theoretically could pose some security risks !?
sudo chmod 4775 /sbin/wpa_cli
sudo chmod 4775 /usr/sbin/lldpcli
sudo chmod 4775 /usr/sbin/lldpctl
sudo chmod 4775 /usr/sbin/cdpr
sudo reboot now
#Now with the browser go to '127.0.0.2'
# or from the cli run: /opt/NetPi/scripts/controls/stealth.sh&