# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267

# choose appropriate numbers for num1 & num2 according to your ipfw ruleset

/usr/bin/sudo /sbin/ipfw list
/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step

function free_ipfw_rule_num() {
   declare -i num1=6701 num2=6799 lastipfwnum
   if [[ $(/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step) -ne 100 ]]; then 
      printf "%s\x21\n" "sysctl -n net.inet.ip.fw.autoinc_step is not set to 100"
      return 1
   fi
   lastipfwnum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/tail -n 2 | /usr/bin/head -n 1 | /usr/bin/awk '{print $1}')
   if [[ $num2 -ge $lastipfwnum ]]; then 
      printf "%s\x21\n" "${num2} is greater than or equal to ${lastipfwnum}"
      return 1
   fi
   while $(/usr/bin/sudo /sbin/ipfw show ${num1} &>/dev/null) ; do
      let "num1 += 1"
      if [[ $num1 -gt $num2 ]]; then num1=; break; return 1; fi
   done
   printf "%s\n" "${num1}"
   return 0
}


function opensite() {
   declare ipnum ipfwnum
   if [[ $# -eq 0 ]] || [[ $# -gt 2 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   ipnum=$(/usr/bin/dig +short ${1} 2>/dev/null | /usr/bin/tail -n 1; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   ipfwnum=$(free_ipfw_rule_num)
   if [[ $# -eq 1 ]]; then
      /usr/bin/sudo /sbin/ipfw -q add ${ipfwnum} allow { src-ip "${ipnum}" or dst-ip "${ipnum}" } keep-state
      printf "%s\n" "... opening ipfw rule no. ${ipfwnum} for internet access to site: ${1}"
   elif [[ $# -eq 2 ]]; then
      /usr/bin/sudo /sbin/ipfw -q add ${ipfwnum} allow { src-ip "${ipnum}" or dst-ip "${ipnum}" } dst-port "${2//[^[:digit:]]/}" keep-state
      printf "%s\n" "... opening ipfw rule no. ${ipfwnum} for internet access to site: ${1} on port ${2}"
   fi
   return 0
}


function closesite() {
   declare ipnum rulenum
   if [[ "${1//localhost/}" == '' ]]; then printf "%s\n" 'Argument "localhost" is not permitted!'; return 1; fi
   ipnum=$(/usr/bin/dig +short "${1}" 2>/dev/null | /usr/bin/tail -n 1; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   rulenum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/awk "/${ipnum}/ {print \$1}")
   if [[ -z "${rulenum}" ]]; then printf "%s\n" "No ipfw rule for: ${1}"; return 1; fi
   /usr/bin/sudo /sbin/ipfw -q delete ${rulenum}
   printf "%s\n%s\n" "... deleting ipfw rule no. ${rulenum//[[:cntrl:]]/ }" "... closing internet access to site: ${1}"
   return 0
}



# usage: 
# opensite [www.website.com] [optional: portnumber]
# closesite [www.website.com]

# example: http://wooledge.org:8000/BashFAQ

host wooledge.org
dig +short wooledge.org

opensite wooledge.org
opensite wooledge.org
opensite wooledge.org
opensite wooledge.org

closesite wooledge.org


opensite wooledge.org 8080
/usr/bin/sudo /sbin/ipfw show [rule no.]
closesite wooledge.org


#--------------------------------------------


man bash | less -p PIPESTATUS
help set | sed -E "s/(pipefail)/$(printf '\e[1m\\1\e[m')/"

set +o pipefail

ls asx 2>&1 | egrep '.'
echo $?

ls asx 2>&1 | egrep '.'
echo ${PIPESTATUS[*]} 

set -o pipefail

ls asx 2>&1 | egrep '.'
echo $?

ls asx 2>&1 | egrep '.'
echo ${PIPESTATUS[*]} 


# remove all non-numeric characters from a string
str="74n237k ab454c e 4 6 6g6fg6d66d"
echo ${#str}
echo ${str}
echo ${str//[^[:digit:]]/}


# yet another way to the check the reachability of a web site
man scutil
scutil --help
scutil -r www.website.com
scutil -r 127.0.0.1 209.85.129.147