Skip to content

Instantly share code, notes, and snippets.

@henrik242

henrik242/surf-control.sh

Created February 17, 2012 14:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save henrik242/1853853 to your computer and use it in GitHub Desktop.
Save henrik242/1853853 to your computer and use it in GitHub Desktop.
Download ZIP
Productivity improving firewall script for MacOSX / BSD
Raw
surf-control.sh
#!/bin/bash
##
## Requires pwgen, wc, sed, host, ipfw, sudo
##
HOSTS="last.fm www.discogs.com www.facebook.com facebook.com
macrumors.com dealextreme.com www.dealextreme.com db.no www.db.no
vg.no www.vg.no aftenposten.no www.aftenposten.no amazon.com
www.amazon.com"
PASSWORD=$(pwgen 10 1)
REVERSE=$(echo $PASSWORD |rev)
IPFWRULE=1337
if [ "$1" == "disable" ]; then
echo -n "Type $REVERSE backwards: "
read i
if [ "$i" == $PASSWORD ]; then
echo "Authenticating as root"
sudo ipfw del $IPFWRULE
else
echo "Wrong password! No surfing for you!"
fi
exit 1
fi
echo "Blocking hosts. Use \"$0 disable\" to unblock."
NUMHOSTS=$(echo $HOSTS | wc -w)
COUNT=0
echo "Authenticating as root"
for HOST in $HOSTS; do
let COUNT=$COUNT+1
IPS+=$(host $HOST | grep "has address" | cut -d\ -f4)" "
NUM=$(echo $IPS | wc -w)
if [ $NUM -gt 10 ] || [ $NUMHOSTS -eq $COUNT ]; then
SITES=$(echo $IPS | sed 's/ /,/g')
sudo ipfw add $IPFWRULE deny all from any to $SITES 80,443
IPS=""
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment