How to set up a proxy via bash shell? - macos

I set up a proxy on Mac via System Preferences -> Network -> Advanced -> Proxies.
Is that possible to do the same programatically via bash shell?

You can put this in your .profile or .bash_profile or run manually on a command line:
export http_proxy=http://proxy.server.com:#aproxy:portnumber
export https_proxy=https://proxy.server.com:#aproxy:portnumber
It's also common to not use the proxy for the local connections
export no_proxy=localhost,127.0.0.0/8,*.local

Yes, using the networksetup command. There are separate options for setting different types of proxies (e.g. -setwebproxy, -setsocksfirewallproxy, etc), and you need to know the name of the primary network "service" (e.g. Ethernet, Airport... basically, the names listed in the sidebar of the Network preferences pane). Here's an example:
sudo networksetup -setwebproxy "Ethernet" myproxy.example.com 8000
If you need to figure out the service name, use networksetup -listnetworkserviceorder or networksetup -listallnetworkservices, then parse the list to get the name of the service you want.

I use this script to proxy through my ssh server (not a web proxy).
#!/bin/bash
disable_proxy(){
sudo networksetup -setsocksfirewallproxystate Wi-Fi off
sudo networksetup -setsocksfirewallproxystate Ethernet off
echo "SOCKS proxy disabled."
}
trap disable_proxy INT
sudo networksetup -setsocksfirewallproxy Wi-Fi 127.0.0.1 9999
sudo networksetup -setsocksfirewallproxy Ethernet 127.0.0.1 9999
sudo networksetup -setsocksfirewallproxystate Wi-Fi on
sudo networksetup -setsocksfirewallproxystate Ethernet on
echo "SOCKS proxy enabled."
echo "Tunneling..."
ssh -ND 9999 000.000.000.000 -p 00000
Change 000.000.000.000 to your own server's IP and 00000 to your own port and you should be able to reuse it with your own ssh server. You can save this script in your home directory named say proxy.
Start it with ./proxy (type your password), use CTRL+C to stop tunnelling.
Start it again and stop with CTRL+C if you forgot to stop tunnelling and next day you are wondering why your internet connection is down.
If you get a broken pipe, just start ./proxy again.

Related

MACOS - How to connect to a 802.1x wifi without entering the password from terminal. Password can be pre-configured with a wifi-profile

in Windows i'm using as below.
netsh wlan connect ssid=YOUR-WIFI-SSID name=PROFILE-NAME
Need similar for the mac os.
I think it will depend on whether you have saved the WiFi password in your keychain but the basic command is networksetup as follows:
networksetup -setairportnetwork en0 YOUR_NETWORD_SSID
For more information, try:
man networksetup

Redirect port and ip on macOS

I'm working on a mac with OS 10.13.6.
I want to redirect all requests to 10.20.154.24:1111 made from my computer go to localhost:8080.
I read about pf and pfctl, but could not make this work.
I thought to run this, but it didn't work...
echo "
rdr pass inet proto tcp from 127.0.0.1 to 10.20.154.24 port 1111 -> 127.0.0.1 port 8080
" | sudo pfctl -ef -
Found a solution. I had to make an alias out of the IP before setting the redirecting command
sudo ifconfig lo0 10.20.154.24 alias
Edit the hosts file using the command sudo nano /etc/hosts. You will need to enter your password.
Add you IP address that you want to redirect (10.20.154.24:1111) to the end of the line that starts with 127.0.0.1 (it should be the first line that isn’t commented out with a #). Anything added to that line will redirect to localhost. Make sure that every entry on that line is separated by a space.
To exit, save it with crtl+o and then exit the editor with crtl+x.

macOS set DNS server to default value

I'm building a tool to manage DNS in macOS.
I know how to set dns server in terminal.
networksetup -setdnsservers Wi-Fi 1.1.1.1
but I don't to know how to unset it, or set it to the default value
networksetup -setdnsservers Wi-Fi
seems not working.
Anyone help ?
Give a try to:
networksetup -setdnsservers Wi-Fi empty
Then check with:
scutil --dns
From man networksetup:
-setdnsservers networkservice dns1 [dns2] [...]
...
If you want to clear all DNS entries for the specified network service,
type "empty" in place of the DNS server names.

ssh to another machine after sshing via script

I have 3 servers,
server1 -> server2 -> server3
Server2 is reachable only via server 1 and server3 via server2.
Every time connection breaks I have to manually login to both the servers.
Is there any way to login and open bash terminal to server3 through this path via a script?
I have had same problem and I have a solution. I use xdotool to emulate keys (and xclip to copy password that is extracted from other file). This script opens ssh connections to list of servers in separate console tabs. Edit it according to Your needs.
for IP in $SERVERS
do
xdotool key ctrl+shift+t type "ssh $USER#$IP"
xdotool key Return
sleep 1
xdotool key ctrl+shift+v
xdotool key Return
done
Script simply iterate over table of servers. It opens new console tab, prints "ssh some_user#some_ip" and next emulate retrun key.
Sleep is used just to make sure script has enought time to connect to server. At the end password is pasted and You enter first server.
One more thing:
dont touch keyboard while script is running. I hope it can help You.
Use a ssh_config file, this will allow you to easily set this up and then directly connect by using ssh -F ssh_config servername.
Assuming you're logged in to server_1 and want to connect to server_3 via server_2 it would look something like this:
Host server_2
HostName xxx.xxx.xxx.xxx
Port xxxx
User server2_user
Host server_3
HostName xxx.xxx.xxx.xxx
Port xxxx
ProxyCommand ssh -F ssh_config server_2
User server3_user
With this you can use ssh -F ssh_config server_3 and it will connect to server_2 and from there take you directly to server_3.
If you put the ssh_config in the default location you can also omit the -F ssh_config part (in the command and the config file) since it will get picked up automatically.
For more information check out this link, or search the web for 'ssh jumphost', that's a more widely used description for your setup (server 2 is jumphost for server 3 in your case).

How to delete a password from keychain with a shell command?

I wanted to make a shell script that connects to a hidden wireless network on my macbook pro by creating a network. However, I only want to connect to that network when I want to and to prevent airport from connecting automatically I'll have to delete the network's password from keychain.
So far I have:
networksetup -setairportnetwork en1 $ssid $networkpassword
networksetup -removepreferredwirelessnetwork en1 $ssid
Im also aware that in OSX 10.7 the security command can modify the keychain.
Anyway I would appreciate any help someone can give me. I'm also willing to use applescript or something else if it works. Thank you.
I figured it out. The command I used is:
sudo security delete-generic-password -l $ssid "/Library/Keychains/System.keychain"
sudo was needed because this keychain is located in the systems library. security also contains a lot more delete and useful commands and you can specify how you want to indicate the location in this command.
edit: I was having some trouble using this command and went back and learned I could use another command to not remember the network at all which I would have used before if I had found it. With this option you can do a wealth of things with your adapter along with the networksetup option.
Here is my final script which first runs as root. then it changes the system preferences to not remember new networks. Then it disconnects from any current networks. Then it adds the new network. Lastly, it makes the system remember new wifi networks.
sudo -i
sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport prefs RememberRecentNetworks=NO
sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -Z
networksetup -setairportnetwork en1 $ssid $password
sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport prefs RememberRecentNetworks=YES

Resources