Yesterday, I posed the idea of a thin line to the web that turns the broadband fire hose of an internet connection to something thinner, more controlled, with less volume and noise.
Iâve been thinking about an idea thatâs not fully online and not fully offline. But âthinlineâ. Itâs a controlled access to necessary systems while blocking the optional and distracting.
I put together a script thatâs a simple wrapper around pf, a packet filter that comes with mac OS.
The core of it are two filters:
block return out proto {icmp, tcp, udp} from $if to ! $if:network
pass out proto {icmp, tcp, udp} from $if to $allowed_domainsThe first rule blocks traffic from my machine to anything that isnât on my local network. This allows me to continue streaming music from my network attached storage and access other local network systems.
The second rule allows traffic to a list of allowed domains. This means I can tailor access to specific websites and services I choose without turning on full access to the web.
The rest of the script is just command line options to turn the rules of and off.
Add to your $PATH, chmod +x, and run
midline help to see whatâs up. There are no external
dependencies if youâre on a recent version of mac OS. You can edit the
rules to your liking as well as add your own scripts or commands to the
pre-connect and post-disconnect hooks to, for example, pull mail before
disconnecting and running msmtpq when youâve reconnected. This same,
simple idea could be used with something like ufw
to set up on Linux.
Congratulations on harnessing the power of the internet without letting it control you. Happy focusing.