I’m working in a coffee shop today. I used SSH and SOCKS to browse the Internet securely, but today I decided to take it a step further and automate the process with a shell script. Here’s the script, for what it’s worth:
#!/bin/bash
disable_proxy()
{
networksetup -setsocksfirewallproxystate Wi-Fi off
networksetup -setsocksfirewallproxystate Ethernet off
echo "SOCKS proxy disabled."
}
trap disable_proxy INT
networksetup -setsocksfirewallproxy Wi-Fi 127.0.0.1 9999
networksetup -setsocksfirewallproxy Ethernet 127.0.0.1 9999
networksetup -setsocksfirewallproxystate Wi-Fi on
networksetup -setsocksfirewallproxystate Ethernet on
echo "SOCKS proxy enabled."
echo "Tunneling..."
ssh -ND 9999 MYHOST.macminicolo.net
Instructions:
- Save this to a file. I saved it to “/Users/richard/bin/ssh_tunnel”.
- Make it executable and run it.
$ chmod a+x /Users/richard/bin/ssh_tunnel $ /Users/richard/bin/ssh_tunnel
- It creates an SSH tunnel to my dedicated server at macminicolo.net and routes Internet traffic through that server.
- Hit Control-C to quit. The proxy is disabled. No need to fiddle with Network Preferences manually.
UPDATE March 18, 2011: I haven’t tried it, but Sidestep appears to be a free Mac OS X app that will enable SSH tunneling automatically when you connect to an insecure network.
13 replies on “Script to enable/disable SOCKS proxy on Mac OS X”
I just wanted to show my appreciation, thanks!
In ML, when you run the scripts you have to enter your password several times (one per networksetup). To avoid this run:
sudo ./ssh_tunnel.sh
That’s it
I fought this quite a bit and was able to finally get it to work on Mtn Lion.
networksetup -setsocksfirewallproxy Ethernet 127.0.0.1 9999 will not work on my machine. After much googling and guessing I found that this works.
networksetup -setsocksfirewallproxy “Ethernet Adaptor (en0)” 127.0.0.1 9999
Everywhere it refenced the device Ethernet replace it with “Ethernet Adaptor (en0)”
I found nothing on the net about it but hope it helps someone else.
Nice! Stumbled across this while doing a google search! Hey Richard, hope Boulder is still as awesome as ever
Small world! Hope things are going great for you in the Northwest too!
Anyone ever get
channel 17: open failed: administratively prohibited: open failed
channel 18: open failed: administratively prohibited: open failed
channel 19: open failed: administratively prohibited: open failed
errors?
Thx, is was looking for this. However I do not have a lot of experience with scripting. Could you explain why you put in the first 7 lines.
Lines 10-13 enable the SOCKS proxy on your Wi-Fi and Ethernet adapters. Line 8 tells the script to listen for any key press of CTRL-C and then run lines 2-7, which disable the SOCKS proxy on the Wi-Fi and Ethernet adapters.
Thanks for posting this. It was exactly what I needed.
One important update that you might want to mention is that in Mac OSX Lion, there is no service called ‘Airport’, and so this script will fail. Just replace ‘Airport’ with ‘Wi-Fi’ and it works like a champ.
Drew, great point. I changed my script locally when Lion came out, but forgot to update this post. I’ll do it now.
Regarding your update, I believe Sidestep only works for the AirPort (wireless) interface, which meets most people’s needs, but not if you are connecting by ethernet to an insecure network, or otherwise desire tunneling when cabled.
Thanks ! This work like a charm ! 🙂