[Koodari]

I tried to read the man page, but I'm a little hesitant and do not feel I know enough.

So... how do I use ipfw to simply block a couple of websites?
How does this interoperate with the OS X graphical interface? What if I mess up the existing rules? If something changes in the GUI, are my manual rule changes lost? Do I need to save the rules somehow to "make them stick"?

[Ryan]

You might have to edit the hosts file. I'll post more later, I don't have time now.

[Brad]

Yeah, editing the hosts file is a LOT easier.

There's a file at /etc/hosts (etc is an invisible folder) that looks like this:

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
#
#
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost

This file is owned by root and is not writeable by normal users; so, you may have to authenticate or use terminal trickery to modify it.

You can add entries to this file to redirect domain names to different IP addresses. By redirecting them to 127.0.0.1 or 0.0.0.0, you redirect them to your local computer and effectively annihilate anything that tries to access those domains.

My hosts file is filled with hundreds upon hundreds of known ad servers. Here's a snippet:

0.0.0.0 oz.valueclick.com
0.0.0.0 doubleclick.net
0.0.0.0 ads.doubleclick.net
0.0.0.0 ad2.doubleclick.net
0.0.0.0 ad3.doubleclick.net
0.0.0.0 ad4.doubleclick.net

Use that format. IP address, space, domain name, newline. Any line that starts with the # symbol is ignored (use these for comments).

An important note:

As of Mac OS X 10.3, the DNS cache isn't cleared when you modify this file. SO, you'll need to do two things after making changes. First, quit any web browsers or other applications you want affected. Then, run the terminal command "lookupd -flushcache". This, as it says, flushes the lookup cache.

Now you can launch your web browser and surf the net while blocking various servers via the hosts file!

Hope this helps!

[Barto]

Using Privoxy would be easier again.

[Brad]

Quote:

Originally Posted by Barto Using Privoxy would be easier again.

I might agree with you if:

a) You didn't have to download from a third party.
b) You didn't have to install things.
c) The startup process actually worked as described. I just followed installation step-by-step and after starting privoxy by executing the command listed in the readme, it claims to not be running. I don't know what went wrong and don't really know where to start looking since the error page I was given isn't any help.

It sounded cool, at least. Maybe once I wrestle with it to get it properly installed and running I'll have a different impression, but getting started just to block a few web sites shouldn't be this difficult.

I'll stick with the old "add one line to a text file and enter one command to refresh" method for now.

[Koodari]

Thanks everyone and especially Brad! The hosts approach was exactly the solution I needed at this point. I already put the new rules in effect. I still need to learn ipfw for my FreeBSD box but that can wait a bit. Anyone know if ipfw can be configured by hand in OS X, without the GUI throwing a wrench in?

BTW, I use the host blacklisting to save my time. I find myself checking out some news sites (CNN for instance) a lot, but I never act on any news besides local ones, so they are actually a waste of time. I could "just decide" not to go look at them, but my URL-typing fingers are quicker than my mind. I'm better off when I'm unable to see the sites, just like I'm unable to watch TV. (have never had one)

[Escher]

Quote:

Originally Posted by Koodari BTW, I use the host blacklisting to save my time. I find myself checking out some news sites (CNN for instance) a lot, but I never act on any news besides local ones, so they are actually a waste of time. I could "just decide" not to go look at them, but my URL-typing fingers are quicker than my mind. I'm better off when I'm unable to see the sites, just like I'm unable to watch TV. (have never had one)

Kudos, Koodari! I've thought about blacklisting most of my favorite sites, or installing some form of parental controls, to regain control of my time and life. But I've never had the guts to do it. You are an inspiration.

Escher

[Koodari]

Quote:

Originally Posted by Escher Kudos, Koodari! I've thought about blacklisting most of my favorite sites, or installing some form of parental controls, to regain control of my time and life. But I've never had the guts to do it. You are an inspiration.

I think doesn't really take any guts when you know you are not getting any fun or useful info out of looking at the sites. It's just breaking a habit, and particularly easy at that, because you don't have to fight against the habit when you set up the rules (that's just a cost-benefit type decision), and afterwards the rules are automatically enforced for you.

If it's just inertia that has been keeping you from doing this, well, you now have the instructions right there in Brad's post. It takes less time to "sudo pico /etc/hosts; lookupd -flushcache" than to make a cup of coffee. Do it right now if you didn't already.

Or else!

[Escher]

Quote:

Originally Posted by Koodari It's just breaking a habit, and particularly easy at that, because you don't have to fight against the habit when you set up the rules (that's just a cost-benefit type decision), and afterwards the rules are automatically enforced for you.

Sure, but setting up the rules is the hard part, mentally. I could call up Earthlink and cancel my DSL service, and go back to dial-up for extra disincentive in a matter of minutes. But I just can't do it. Anyway...

Just blocked a few of my favorite porn sites. Now I will finally be able to sleep at night.

Thanks for the peer pressure, Koodari. Now if only my wife would let me kill the TV too.

Escher

PS: I used emacs instead of pico, but had to Google for the save and quit commands. I haven't used a CLI in years.

[thuh Freak]

Quote:

Originally Posted by Escher PS: I used emacs instead of pico, but had to Google for the save and quit commands. I haven't used a CLI in years.

vim is more fun.

[Koodari]

Quote:

Originally Posted by thuh Freak vim is more fun.

That's what I use, too. :smokey:

It's unfortunate vim is not too friendly to international keyboard layouts. It's a real pain writing anything in my native layout because important command characters like $^'` are difficult or impossible to access. Likewise for every character needed in coding and the shell (braces, curved braces, ~, ...). I use US layout 90% of the time, but switching can't be avoided when I write my own language