Midline: Midway Between Online and Offline

Yesterday, I posed the idea of a thin line to the web that turns the broadband fire hose of an internet connection to something thinner, more controlled, with less volume and noise.

I’ve been thinking about an idea that’s not fully online and not fully offline. But “thinline”. It’s a controlled access to necessary systems while blocking the optional and distracting.

I put together a script that’s a simple wrapper around pf, a packet filter that comes with mac OS.

The core of it are two filters:

block return out proto {icmp, tcp, udp} from $if to ! $if:network
pass out proto {icmp, tcp, udp} from $if to $allowed_domains

The first rule blocks traffic from my machine to anything that isn’t on my local network. This allows me to continue streaming music from my network attached storage and access other local network systems.

The second rule allows traffic to a list of allowed domains. This means I can tailor access to specific websites and services I choose without turning on full access to the web.

The rest of the script is just command line options to turn the rules of and off.

Go get the midline script

Add to your $PATH, chmod +x, and run midline help to see what’s up. There are no external dependencies if you’re on a recent version of mac OS. You can edit the rules to your liking as well as add your own scripts or commands to the pre-connect and post-disconnect hooks to, for example, pull mail before disconnecting and running msmtpq when you’ve reconnected. This same, simple idea could be used with something like ufw to set up on Linux.

Congratulations on harnessing the power of the internet without letting it control you. Happy focusing.