Never been to CodeSnippets before?

Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world (or not, you can keep them private!)

Block internet traffic to specified web sites on the fly (See related posts)

man 8 route
/sbin/route -n get default
/sbin/route -n get default | grep -w gateway
/sbin/route -n get default | grep interface | awk '{print $NF}'

/usr/bin/dig +short www.web_site.com                                 # get IPNUM
/usr/bin/sudo /sbin/route -n add -host IPNUM 127.0.0.1 -blackhole    # block IPNUM
/usr/sbin/netstat -rn | grep IPNUM                                   # show routing table
/usr/bin/sudo /sbin/route delete IPNUM 127.0.0.1                     # undo blocking


function blocksite() {
   declare ipaddr ipnum
   if [[ "${1//localhost/}" == '' ]] || [[ "${1//127.0.0.1/}" == '' ]]; then 
      printf "%s\n" 'Argument "localhost" is not permitted!'
      return 1
   fi
   ipnum=$(/usr/bin/dig +short "${1}" | /usr/bin/sed -E -n -e 's/^(([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3})$/\1/p'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnum//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route -n add -host ${ipaddr} 127.0.0.1 -blackhole >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... blocking internet access to site: ${1} with IP address: ${ipnum//[[:cntrl:]]/, }"
   return 0
}


function unblocksite() {
   declare ipaddr ipnum
   if [[ "${1//localhost/}" == '' ]] || [[ "${1//127.0.0.1/}" == '' ]]; then 
      printf "%s\n" 'Argument "localhost" is not permitted!'
      return 1
   fi
   ipnum=$(/usr/bin/dig +short "${1}" | /usr/bin/sed -E -n -e 's/^(([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3})$/\1/p'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnum//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route delete ${ipaddr} 127.0.0.1 >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... unblocking internet access to site: ${1} with IP address: ${ipnum//[[:cntrl:]]/ }"
   return 0
}


function unblockall() {
   declare ipaddr ipnums
   ipnums=$(/usr/sbin/netstat -rnf inet | /usr/bin/awk '$2 == "127.0.0.1" && $3 == "UGHSB" {print $1}'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnums}" ]]; then 
      printf "%s\x21\n" "No IP addresses to unblock"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnums//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route delete ${ipaddr} 127.0.0.1 >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... unblocking internet access to IP addresses: ${ipnums//[[:cntrl:]]/ }"
   return 0
}


function showblocked() {
   ipnums=$(/usr/sbin/netstat -rnf inet | /usr/bin/awk '$2 == "127.0.0.1" && $3 == "UGHSB" {print $1}'; exit ${PIPESTATUS[0]})
   printf "%s\n" "Blocked IP addresses: ${ipnums//[[:cntrl:]]/, }"
   return 0
}



blocksite codesnippets.joyent.com
netstat -rnf inet | grep UGHSB
showblocked
open http://codesnippets.joyent.com
unblocksite codesnippets.joyent.com

blocksite codesnippets.joyent.com
blocksite www.google.com
netstat -rnf inet | grep UGHSB
showblocked
open http://www.google.com
unblockall
to shell osx mac bash ip unix web internet access route traffic website localhost ipaddress block blackhole by jvs on Thu Oct 09 12:50:42 +0000 2008

You need to create an account or log in to post comments to this site.


Related Posts