Never been to CodeSnippets before?

Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world (or not, you can keep them private!)

5 total

On This Page:

  1. 1 Block internet traffic to specified web sites on the fly
  2. 2 Enable internet traffic via specified ports through ipfw
  3. 3 Enable access to specified web sites through ipfw
  4. 4 Switch to the login window from the command line
  5. 5 Give remote access to mysql

Block internet traffic to specified web sites on the fly

to shell osx mac bash ip unix web internet access route traffic website localhost ipaddress block blackhole by jvs on Oct 09, 2008 
man 8 route
/sbin/route -n get default
/sbin/route -n get default | grep -w gateway
/sbin/route -n get default | grep interface | awk '{print $NF}'

/usr/bin/dig +short www.web_site.com                                 # get IPNUM
/usr/bin/sudo /sbin/route -n add -host IPNUM 127.0.0.1 -blackhole    # block IPNUM
/usr/sbin/netstat -rn | grep IPNUM                                   # show routing table
/usr/bin/sudo /sbin/route delete IPNUM 127.0.0.1                     # undo blocking


function blocksite() {
   declare ipaddr ipnum
   if [[ "${1//localhost/}" == '' ]] || [[ "${1//127.0.0.1/}" == '' ]]; then 
      printf "%s\n" 'Argument "localhost" is not permitted!'
      return 1
   fi
   ipnum=$(/usr/bin/dig +short "${1}" | /usr/bin/sed -E -n -e 's/^(([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3})$/\1/p'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnum//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route -n add -host ${ipaddr} 127.0.0.1 -blackhole >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... blocking internet access to site: ${1} with IP address: ${ipnum//[[:cntrl:]]/, }"
   return 0
}


function unblocksite() {
   declare ipaddr ipnum
   if [[ "${1//localhost/}" == '' ]] || [[ "${1//127.0.0.1/}" == '' ]]; then 
      printf "%s\n" 'Argument "localhost" is not permitted!'
      return 1
   fi
   ipnum=$(/usr/bin/dig +short "${1}" | /usr/bin/sed -E -n -e 's/^(([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3})$/\1/p'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnum//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route delete ${ipaddr} 127.0.0.1 >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... unblocking internet access to site: ${1} with IP address: ${ipnum//[[:cntrl:]]/ }"
   return 0
}


function unblockall() {
   declare ipaddr ipnums
   ipnums=$(/usr/sbin/netstat -rnf inet | /usr/bin/awk '$2 == "127.0.0.1" && $3 == "UGHSB" {print $1}'; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnums}" ]]; then 
      printf "%s\x21\n" "No IP addresses to unblock"
      return 1
   fi
   OIFS=${IFS}
   IFS=$' \t\n'
   for ipaddr in ${ipnums//[[:cntrl:]]/ }; do
      /usr/bin/sudo /sbin/route delete ${ipaddr} 127.0.0.1 >/dev/null 2>&1
   done
   export IFS=${OIFS}
   printf "%s\n" "... unblocking internet access to IP addresses: ${ipnums//[[:cntrl:]]/ }"
   return 0
}


function showblocked() {
   ipnums=$(/usr/sbin/netstat -rnf inet | /usr/bin/awk '$2 == "127.0.0.1" && $3 == "UGHSB" {print $1}'; exit ${PIPESTATUS[0]})
   printf "%s\n" "Blocked IP addresses: ${ipnums//[[:cntrl:]]/, }"
   return 0
}



blocksite codesnippets.joyent.com
netstat -rnf inet | grep UGHSB
showblocked
open http://codesnippets.joyent.com
unblocksite codesnippets.joyent.com

blocksite codesnippets.joyent.com
blocksite www.google.com
netstat -rnf inet | grep UGHSB
showblocked
open http://www.google.com
unblockall

Enable internet traffic via specified ports through ipfw

to awk shell osx mac bash unix web port ipfw firewall internet access traffic by jvs on Oct 08, 2008 
# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267

# choose appropriate numbers for num1 & num2 according to your ipfw ruleset

/usr/bin/sudo /sbin/ipfw list
/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step

function free_ipfw_rule_num() {
   declare -i num1=6701 num2=6799 lastipfwnum
   if [[ $(/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step) -ne 100 ]]; then 
      printf "%s\x21\n" "sysctl -n net.inet.ip.fw.autoinc_step is not set to 100"
      return 1
   fi
   lastipfwnum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/tail -n 2 | /usr/bin/head -n 1 | /usr/bin/awk '{print $1}')
   if [[ $num2 -ge $lastipfwnum ]]; then 
      printf "%s\x21\n" "${num2} is greater than or equal to ${lastipfwnum}"
      return 1
   fi
   while $(/usr/bin/sudo /sbin/ipfw show ${num1} &>/dev/null) ; do
      let "num1 += 1"
      if [[ $num1 -gt $num2 ]]; then num1=; break; return 1; fi
   done
   printf "%s\n" "${num1}"
   return 0
}


function openport() {
   declare portnum rulenum
   if [[ $# -ne 1 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   portnum="${1//[^[:digit:]]/}"
   if [[ -z $portnum ]]; then printf "%s\n" "No valid port number given: ${1}"; return 1; fi
   if [[ $portnum -gt 65535 ]]; then printf "%s\n" "Given port number is greater than 65535: ${portnum}"; return 1; fi
   rulenum=$(free_ipfw_rule_num)
   /usr/bin/sudo /sbin/ipfw -q add ${rulenum} allow all from any to any dst-port ${portnum} keep-state
   printf "%s\n" "... opening ipfw rule no. ${rulenum} for internet access via port ${portnum}"
   return 0
}


function closeport() {
   declare portnum rulenum
   if [[ $# -ne 1 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   portnum="${1//[^[:digit:]]/}"
   if [[ -z $portnum ]]; then printf "%s\n" "No valid port number given: ${1}"; return 1; fi
   if [[ $portnum -gt 65535 ]]; then printf "%s\n" "Given port number is greater than 65535: ${portnum}"; return 1; fi
   rulenum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/awk "/from +any +to +any +dst-port +${portnum} +keep-state[[:space:]]*$/ {print \$1}")
   if [[ -z "${rulenum}" ]]; then printf "%s\n" "No ipfw rule for port number: ${portnum}"; return 1; fi
   /usr/bin/sudo /sbin/ipfw -q delete ${rulenum}
   printf "%s\n%s\n" "... deleting ipfw rule no. ${rulenum//[[:cntrl:]]/ }" "... closing internet access via port: ${portnum}"
   return 0
}


openport 43
openport 43
openport 43

/usr/bin/sudo /sbin/ipfw show [rulenum]     # ... allow ip from any to any dst-port 43 keep-state

closeport 43

Enable access to specified web sites through ipfw

to shell osx mac bash unix web ipfw firewall internet access traffic website pipestatus by jvs on Oct 07, 2008 
# cf. Example ipfw ruleset, http://codesnippets.joyent.com/posts/show/1267

# choose appropriate numbers for num1 & num2 according to your ipfw ruleset

/usr/bin/sudo /sbin/ipfw list
/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step

function free_ipfw_rule_num() {
   declare -i num1=6701 num2=6799 lastipfwnum
   if [[ $(/usr/sbin/sysctl -n net.inet.ip.fw.autoinc_step) -ne 100 ]]; then 
      printf "%s\x21\n" "sysctl -n net.inet.ip.fw.autoinc_step is not set to 100"
      return 1
   fi
   lastipfwnum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/tail -n 2 | /usr/bin/head -n 1 | /usr/bin/awk '{print $1}')
   if [[ $num2 -ge $lastipfwnum ]]; then 
      printf "%s\x21\n" "${num2} is greater than or equal to ${lastipfwnum}"
      return 1
   fi
   while $(/usr/bin/sudo /sbin/ipfw show ${num1} &>/dev/null) ; do
      let "num1 += 1"
      if [[ $num1 -gt $num2 ]]; then num1=; break; return 1; fi
   done
   printf "%s\n" "${num1}"
   return 0
}


function opensite() {
   declare ipnum ipfwnum
   if [[ $# -eq 0 ]] || [[ $# -gt 2 ]]; then printf "%s\n" "Wrong number of arguments: $#"; return 1; fi
   ipnum=$(/usr/bin/dig +short ${1} 2>/dev/null | /usr/bin/tail -n 1; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   ipfwnum=$(free_ipfw_rule_num)
   if [[ $# -eq 1 ]]; then
      /usr/bin/sudo /sbin/ipfw -q add ${ipfwnum} allow { src-ip "${ipnum}" or dst-ip "${ipnum}" } keep-state
      printf "%s\n" "... opening ipfw rule no. ${ipfwnum} for internet access to site: ${1}"
   elif [[ $# -eq 2 ]]; then
      /usr/bin/sudo /sbin/ipfw -q add ${ipfwnum} allow { src-ip "${ipnum}" or dst-ip "${ipnum}" } dst-port "${2//[^[:digit:]]/}" keep-state
      printf "%s\n" "... opening ipfw rule no. ${ipfwnum} for internet access to site: ${1} on port ${2}"
   fi
   return 0
}


function closesite() {
   declare ipnum rulenum
   if [[ "${1//localhost/}" == '' ]]; then printf "%s\n" 'Argument "localhost" is not permitted!'; return 1; fi
   ipnum=$(/usr/bin/dig +short "${1}" 2>/dev/null | /usr/bin/tail -n 1; exit ${PIPESTATUS[0]})
   if [[ $? -ne 0 ]] || [[ -z "${ipnum}" ]]; then 
      printf "%s\n%s\n" "Are you connected to the internet?" "man dig could not find the IP address of: ${1}"
      return 1
   fi
   rulenum=$(/usr/bin/sudo /sbin/ipfw list | /usr/bin/awk "/${ipnum}/ {print \$1}")
   if [[ -z "${rulenum}" ]]; then printf "%s\n" "No ipfw rule for: ${1}"; return 1; fi
   /usr/bin/sudo /sbin/ipfw -q delete ${rulenum}
   printf "%s\n%s\n" "... deleting ipfw rule no. ${rulenum//[[:cntrl:]]/ }" "... closing internet access to site: ${1}"
   return 0
}



# usage: 
# opensite [www.website.com] [optional: portnumber]
# closesite [www.website.com]

# example: http://wooledge.org:8000/BashFAQ

host wooledge.org
dig +short wooledge.org

opensite wooledge.org
opensite wooledge.org
opensite wooledge.org
opensite wooledge.org

closesite wooledge.org


opensite wooledge.org 8080
/usr/bin/sudo /sbin/ipfw show [rule no.]
closesite wooledge.org


#--------------------------------------------


man bash | less -p PIPESTATUS
help set | sed -E "s/(pipefail)/$(printf '\e[1m\\1\e[m')/"

set +o pipefail

ls asx 2>&1 | egrep '.'
echo $?

ls asx 2>&1 | egrep '.'
echo ${PIPESTATUS[*]} 

set -o pipefail

ls asx 2>&1 | egrep '.'
echo $?

ls asx 2>&1 | egrep '.'
echo ${PIPESTATUS[*]} 


# remove all non-numeric characters from a string
str="74n237k ab454c e 4 6 6g6fg6d66d"
echo ${#str}
echo ${str}
echo ${str//[^[:digit:]]/}


# yet another way to the check the reachability of a web site
man scutil
scutil --help
scutil -r www.website.com
scutil -r 127.0.0.1 209.85.129.147

Switch to the login window from the command line

to shell osx mac bash unix window login screen access lock keychain by jv on Aug 04, 2008 
# cf. http://www.mactipper.com/2008/07/securely-lock-your-mac-system.html,
# http://www.macosxhints.com/article.php?story=20040724203315798 and
# http://www.apple.com/downloads/macosx/automator/lockdesktop.html

/System/Library/CoreServices/"Menu Extras"/User.menu/Contents/Resources/CGSession -suspend

/System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -switchToUserID username


alias lo='/System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -suspend'

# <ctrl> + l
help bind
bind -P | grep -i c-l
bind -x '"\C-l"':'/System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -suspend'

# <esc> + l
#bind -x '"\M-l"':'/System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -suspend'
bind -x '"\el"':'/System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -suspend'


#---------------------------------------------


open -a 'Keychain Access'

# go to  Keychain Access > Preferences ... > General > activate "Show Status in Menu Bar" 
# now you can use "Lock Screen" via the Keychain Access menu bar item

Give remote access to mysql

to mysql remote access by minofare on Jan 07, 2008 
mysql -u root -p (your password)


then write the following

GRANT ALL PRIVILEGES ON *.* TO user@'%' IDENTIFIED BY 'PASSWORD';


then

FLUSH PRIVILEGES;
5 total

On This Page:

  1. 1 Block internet traffic to specified web sites on the fly
  2. 2 Enable internet traffic via specified ports through ipfw
  3. 3 Enable access to specified web sites through ipfw
  4. 4 Switch to the login window from the command line
  5. 5 Give remote access to mysql