Raspberry Pi – Use Proxy for “Caging” people


Hello everyone. Today I have something fun for you: You can use your Raspberry Pi Wireless Router (I showed you how to create one in my last post) to replace all pictures from the net with pictures of Nicolas Cage for people who are connected to your wireless network. (Believe me: “Caging” people is pretty funny. I used this prank on my brothers and it was hilarious 🙂 )

For this prank we will use a transparent proxy which replaces all pictures coming from the internet with a picture of Nicolas Cage using a perl script. Here are the steps to do this:

The first step is to update your Pi to avoid issues.

sudo apt-get update
sudo apt-get upgrade

Now install the Proxy software squid. It will help us to do the trick.

sudo apt-get install squid3

The next step is to edit the squid.conf file.

sudo nano /etc/squid3/squid.conf

Press Ctrl + W to search for “acl manager” and write the following line into the configuration file:

acl localnet src 192.168.0.0/24

The above line will define our wireless network (I called it “localnet”). Now search for “cachemgr” and add the following line to your configuration file:

http_access allow localnet

The above line will allow access to our proxy from our wireless network. Next search for “url_rewrite_program” and add the following line:

url_rewrite_program /var/www/scripts/images.pl

The above line will define the path to the script we will use to replace the pictures coming from the internet. (Don´t worry we will create the script soon.)

Next search for “http_port 3128” and add “transparent” to the line. This will turn our squid proxy into a transparent proxy (This way we will not need to configure proxy settings on the clients).

http_port 3128 transparent

Save the changes. And we are ready for the next step. (You can have a look at the full configuration file here.)

Next we need to install apache webserver to host our picture of Nicolas Cage.

sudo apt-get install apache2

Next create the following directories and place your picture into the content directory.

sudo mkdir /var/www/scripts
sudo mkdir /var/www/content

Now go to the scripts directory and create a perl script called images.pl.

cd /var/www/scripts
sudo nano images.pl

Have a look at the script below and modify it according to your environment if necessary: (I got the script from here)


#!/usr/bin/perl
########################################################################
# replaceImages.pl --- Squid Script (Replace every image) #
# g0tmi1k 2011-03-25 #
########################################################################
use IO::Handle;
use POSIX strftime;

$debug = 0; # Debug mode - create log file
$imageURL = "http://192.168.0.1/nicolas-cage.jpg";

$|=1;
$pid = $$;

if ($debug == 1) { open (DEBUG, '>>/tmp/replaceImages_debug.log'); }
autoflush DEBUG 1;

print DEBUG "########################################################################\n";
print DEBUG strftime ("%d%b%Y-%H:%M:%S\n",localtime(time()));
print DEBUG "########################################################################\n";
while (<>) {
chomp $_;
if ($debug == 1) { print DEBUG "Input: $_\n"; }
if ($_ =~ m/.*$imageURL/) {
print "$imageURL\n";
}
elsif ($_ =~ /(.*\.(gif|png|bmp|tiff|ico|jpg|jpeg|swf))/i) { # Image format(s)
print "$imageURL\n";
if ($debug == 1) { print DEBUG "Image Replaced: $_ \n"; }
}
else {
print "$_\n";
if ($debug == 1) { print DEBUG "Output: $_\n"; }
}
}

close (DEBUG);

After you saved the script you need to give it the execution right by running:

sudo chmod +x images.pl

Next you need to edit the default file of your apache webserver:

sudo nano /etc/apache2/sites-available/default

Have a look at the below script and modify the file according to your environment:


<VirtualHost *:80>
ServerAdmin webmaster@localhost
DirectoryIndex nicolas-cage.jpg

DocumentRoot /var/www/content
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/content>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

To redirect all http traffic to our transparent squid proxy we need to setup a new iptables rule. Create the rule by running:

sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-ports 3128

To save the above rule permanently run:

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

The last step is to run the below command to start our squid proxy at boot:

sudo update-rc.d squid3 enable

That´s it. Reboot your Pi and you are ready to go.

Now if someone connects to your network and opens a website in his/her browser the result will look like this:

raspberry_pi_caging

As you can see it works as expected 🙂

I hope you liked my today´s post and I hope to see you again.

As always you can download all scripts I used in my post from here.

Sources:

http://wiki.ubuntuusers.de/Squid

http://xmodulo.com/squid-transparent-web-proxy-centos-rhel.html

http://failverse.com/creating-the-kittynet/

Advertisements
Tagged

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: