From 1a17e06a122a409bca92210589435442aa20b0f4 Mon Sep 17 00:00:00 2001 From: Tobias Mueller Date: Mon, 16 Oct 2023 12:09:00 +0200 Subject: [PATCH] MAC address removal for v4 firmware I have rsynced the whole device before associating with a new device and after. The only file that got modified was /etc/oui-tertf/client.db. We intend to have it stored in memory rather than on flash. This should be okay since the kernel also holds the MAC addresses in memory. --- files/etc/init.d/blue-merle | 1 - files/lib/blue-merle/functions.sh | 13 ------ files/lib/blue-merle/mac-wipe.sh | 72 +++---------------------------- 3 files changed, 5 insertions(+), 81 deletions(-) diff --git a/files/etc/init.d/blue-merle b/files/etc/init.d/blue-merle index b3644ca..6c45c78 100755 --- a/files/etc/init.d/blue-merle +++ b/files/etc/init.d/blue-merle @@ -7,7 +7,6 @@ STOP=99 start() { /lib/blue-merle/mac-wipe.sh - CHECKMACSYMLINK RESET_BSSIDS } diff --git a/files/lib/blue-merle/functions.sh b/files/lib/blue-merle/functions.sh index 2ed323e..f504b84 100644 --- a/files/lib/blue-merle/functions.sh +++ b/files/lib/blue-merle/functions.sh @@ -2,19 +2,6 @@ # This script provides helper functions for blue-merle -# check that MAC wiping/linking to dev/null is still in place -CHECKMACSYMLINK () { - local loc_file="/etc/init.d/gl_tertf" - if [ $(readlink -f "$loc_file") == "/dev/null" ] - then - echo "TEST: EXISTS" - else - echo "TEST: DOES NOT EXIST" - cp "$loc_file" "$loc_file.bak" # todo: consider if we need to move this backup elsewhere? - ln -sf /dev/null "$loc_file" - fi -} - UNICAST_MAC_GEN () { loc_mac_numgen=`python3 -c "import random; print(f'{random.randint(0,2**48) & 0b111111101111111111111111111111111111111111111111:0x}'.zfill(12))"` diff --git a/files/lib/blue-merle/mac-wipe.sh b/files/lib/blue-merle/mac-wipe.sh index 695a5f1..ed9309f 100644 --- a/files/lib/blue-merle/mac-wipe.sh +++ b/files/lib/blue-merle/mac-wipe.sh @@ -2,70 +2,8 @@ # This script wipes all MAC address data from the device and is called upon boot -tmp_dir="/tmp/tertf" -tmp_file="/tmp/tertf/tertfinfo_bak" - -etc_dir="/etc/tertf" -etc_file="/etc/tertf/tertfinfo_bak" - -# Check for directories -CHECKDIR_TMP () { - if [ -d "$tmp_dir" ]; then - echo "The /tmp/ directory exists." - else - echo "The /tmp/ directory does not exist. This should be fine..." - fi -} - -CHECKDIR_ETC () { - if [ -d "$etc_dir" ]; then - echo "The /etc/ directory exists." - else - echo "The /etc/ directory does not exist. Exiting..." - exit 1 - fi -} - -# trick the gl_tertf file into moving stuff to the void -GASLIGHT () { # good job lil dude you're doing so well - local file="/etc/init.d/gl_tertf" - ln -sf /dev/null "$file" -} - -CHECKDIR_TMP -CHECKDIR_ETC -GASLIGHT - -# Kills process responsible for manipulating (and protecting) the /tmp/ file instance -killall -9 gltertf - -# shredding /tmp/tertf -if [ -f "$tmp_file" ];then - echo "Files found within /tmp/. Let's get to it." - shred -v -u "$tmp_file" -else - echo "No file found within /tmp/tertf. No shredding to be done there." -fi - -# shredding /etc/tertf -if [ -f "$etc_file" ]; then - echo "Files found in /etc/. Let's get to it." - shred -v -u "$etc_file" #-v provides verbose output to ease my anxious mind and -u deletes files after they are overwritten -else - echo "No file found within /etc/tertf. No shredding to be done there." -fi - -# check if the files have been removed -if [ ! -f "$tmp_file" ]; then - echo "Looks like /tmp/ is clean!" - else - echo "Something went wrong in /tmp/." -fi - -if [ ! -f "$etc_file" ]; then - echo "Looks like /etc/ is clean!" - else - echo "Something went wrong in /etc/." -fi - -exit 0 +/etc/init.d/gl-tertf stop +shred /etc/oui-tertf/client.db || rm -f /etc/oui-tertf/client.db +# We mount a tmpfs so that the client database will be stored in memory only +mount -t tmpfs / /etc/oui-tertf +/etc/init.d/gl-tertf start