网络里的“逆世界”

邻居偷用我的无线网,我可以设置访问密码,但我决定捉弄他们。

拆分网络

我先把网络分成两部分——一部分受信,一部分不受信。受信的部分使用一个网段,不受信的是其它网段。我使用DHCP服务器限制MAC地址,过滤无关地址。

/etc/dhcpd.conf

ddns-updates off;
ddns-update-style interim;
authoritative;

shared-network local {

        subnet *.*.*.* netmask 255.255.255.0 {
                range *.*.*.* *.*.*.*;
                option routers *.*.*.*;
                option subnet-mask 255.255.255.0;
                option domain-name "XXXXX";
                option domain-name-servers *.*.*.*;
                deny unknown-clients;

                host trusted1 {
                        hardware ethernet *:*:*:*:*:*;
                        fixed-address *.*.*.*;
                }
		}

        subnet 192.168.0.0 netmask 255.255.255.0 {
                range 192.168.0.2 192.168.0.10;
                option routers 192.168.0.1;
                option subnet-mask 255.255.255.0;
                option domain-name-servers 192.168.0.1;
                allow unknown-clients;

        }
}

iptables很有趣!

一下子,满世界全是小猫!猫的世界。

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 64.111.96.38

对于非法访问者,他们会被重定向到kittenwar

为了让事情更有兴趣,我修改iptables,把所有请求都秘密的转向到一台计算机上的squid代理服务器的80端口。

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1

这台机器上的squid代理加载了一个小的脚本程序,用来下载图片,并使其上下颠倒,然后发出去。

重定向脚本

#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
        chomp $_;
        if ($_ =~ /(.*\.jpg)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.jpg", "$url");
                system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.jpg");
                print "http://127.0.0.1/images/$pid-$count.jpg\n";
        }
        elsif ($_ =~ /(.*\.gif)/i) {
                $url = $1;
                system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.gif", "$url");
                system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.gif");
                print "http://127.0.0.1/images/$pid-$count.gif\n";

        }
        else {
                print "$_\n";;
        }
        $count++;
}

于是整个互联网变成了这个样子!

shot1

shot3

如果你将脚本这的flip命令加上 -blur 4 参数,你就创造了一个模糊的世界。

shot5

[英文原文:Upside-Down-Ternet ]
分享这篇文章:

14 Responses to 网络里的“逆世界”

  1. 小莽 says:

    有才,可这些路由器的改动,家用的路由器不支持吧

  2. 段在宥 says:

    求详细教程

  3. zhblue says:

    能刷linux的就可以

  4. David says:

    这个有点意思

  5. 依云 says:

    这篇文章终于有中文翻译了呢。不过提示下,「iptables」不是「IPtables」。

  6. 大海 says:

    cnbeta上好像刚看过这篇文章

  7. ravenix says:

    他可真是闲得蛋疼

  8. waveacme says:

    技术宅啊。
    原文后面还有一段,建议一起翻译了:
    Here’s an email I received from Fraser at kittenwar,

    Hi Pete,
    Apologies for the unsolicited mail, but I thought I’d drop you a line to
    say how much I like your Upside-Down-Ternet advice for confusing wireless
    thieves.

    Every so often I receive extremely irate e-mails from people claiming
    that my Kittenwar site is playing host to some kind of nefarious virus
    preventing them from accessing the web, accusing me of practising all
    sorts of dark arts – to which I politely respond that I’m terribly sorry,
    but this only usually happens to people who are using someone else’s
    wireless connection, and pointing them in the direction of your site.
    This has happened dozens of times over the last few years, and you know
    what? None of them have ever got back to me after I point this out.

  9. techni says:

    “这台机器上的squid代理加载了一个小的脚步程序,”

    脚本吧??/

发表评论

邮箱地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据