Month: January 2018

Setup PPTP Server on Ubuntu 16.04

- by mahmood 
apt-get install pptpd
nano /etc/pptpd.conf
localip 10.0.0.1
remoteip 10.0.0.100-200

Setup authentication
adding users and passwords. Simply add them to /etc/ppp/chap-secrets

nano /etc/ppp/chap-secrets

Add DNS Servers

nano /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 8.8.4.4
service pptpd restart

Setup Forwarding

nano /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p

Create a NAT rule for iptables

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Preserving Iptables Rules
https://pupli.net/2017/12/22/set-up-openconnect-vpn-server-ocserv-on-ubuntu-16-04-17-10-with-lets-encrypt

References
https://www.digitalocean.com/community/tutorials/how-to-setup-your-own-vpn-with-pptp

Install and Configure Shadowsocks with obfusaction

- by mahmood 
# Debian / Ubuntu
sudo apt-get install --no-install-recommends build-essential autoconf libtool libssl-dev libpcre3-dev libev-dev asciidoc xmlto automake

git clone https://github.com/shadowsocks/simple-obfs.git
cd simple-obfs
git submodule update --init --recursive
./autogen.sh
./configure && make
sudo make install

On the server:

ss-server -c config.json --plugin obfs-server --plugin-opts "obfs=http"

References
https://github.com/shadowsocks/simple-obfs
https://github.com/shadowsocks/shadowsocks-libev

How to setup a Socks5 Proxy server on Ubuntu 16.04 with Dante

- by mahmood 
nano /etc/danted.conf
# /etc/danted.conf

logoutput: syslog
user.privileged: root
user.unprivileged: nobody

# The listening network interface or address.
internal: 0.0.0.0 port=1080

# The proxying network interface or address.
external: eth0

# socks-rules determine what is proxied through the external interface.
# The default of "none" permits anonymous access.
socksmethod: username

# client-rules determine who can connect to the internal interface.
# The default of "none" permits anonymous access.
clientmethod: none

client pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect disconnect error
}

socks pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect disconnect error
}

References
http://www.binarytides.com/setup-dante-socks5-server-on-ubuntu/

Integrating Google Sign-In into Android App

- by mahmood

In your sign-in activity’s onCreate method

// Configure sign-in to request the user's ID, email address, and basic
// profile. ID and basic profile are included in DEFAULT_SIGN_IN.
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
        .requestEmail()
        .build();

// Build a GoogleSignInClient with the options specified by gso.
mGoogleSignInClient = GoogleSignIn.getClient(this, gso);

Start the sign-in flow

@Override
public void onClick(View v) {
    switch (v.getId()) {
        case R.id.sign_in_button:
            signIn();
            break;
        // ...
    }
}
private void signIn() {
    Intent signInIntent = mGoogleSignInClient.getSignInIntent();
    startActivityForResult(signInIntent, RC_SIGN_IN);
}
@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
    super.onActivityResult(requestCode, resultCode, data);

    // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
    if (requestCode == RC_SIGN_IN) {
        // The Task returned from this call is always completed, no need to attach
        // a listener.
        Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
        handleSignInResult(task);
    }
}
private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
    try {
        GoogleSignInAccount account = completedTask.getResult(ApiException.class);

        // Signed in successfully, show authenticated UI.
        updateUI(account);
    } catch (ApiException e) {
        // The ApiException status code indicates the detailed failure reason.
        // Please refer to the GoogleSignInStatusCodes class reference for more information.
        Log.w(TAG, "signInResult:failed code=" + e.getStatusCode());
        updateUI(null);
    }
}

References
https://developers.google.com/identity/sign-in/android/sign-in

Hide OpenVPN traffic using Obfsproxy on Ubuntu16.04

- by mahmood 
sudo pip install obfsproxy
obfsproxy --log-min-severity=info obfs2 --dest=127.0.0.1:1194 --shared-secret=<some-random-key> server 0.0.0.0:8080

References
https://www.comparitech.com/blog/vpn-privacy/hide-openvpn-traffic-obfsproxy-on-windows-and-linux-ec2/
https://community.openvpn.net/openvpn/wiki/TrafficObfuscation
https://sourceforge.net/p/openvpn/mailman/message/28851866/
https://dlshad.net/bypassing-censorship-by-using-obfsproxy-and-openvpn-ssh-tunnel/

How To List and Delete Iptables Firewall Rules on Ubuntu 16.04

- by mahmood

List Rules by Specification

sudo iptables -S

List Rules as Tables

sudo iptables -L

Delete Rule by Specification

sudo iptables -D INPUT -m conntrack --ctstate INVALID -j DROP

Delete Rule by Chain and Number

sudo iptables -L --line-numbers
sudo iptables -D INPUT 3

Flush All Rules, Delete All Chains, and Accept All
Note: This will effectively disable your firewall. You should only follow this section if you want to start over the configuration of your firewall.

sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -F
sudo iptables -X

References
https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules