chew-z · November 21, 2016 15:11
diff --git a/captive.sh b/captive.sh
 #!/usr/bin/env zsh

 if check-hijacking; then
    echo "The router doesn't hijack HTTP queries"
 else
    echo "The router hijacks HTTP queries - DNSCrypt is likely to be blocked"
    # kill/stop DNSCrypt

    networksetup -getcurrentlocation
    networksetup -switchtolocation 'Captive portal'
    # switch from regular DNS servers to DNS servers provided by DHCP
    networksetup -setdnsservers Wi-Fi Empty
    dhcp=$(ipconfig getpacket en0 | grep domain_name_server | awk {'print $3 $4'} | sed 's/.\(.*\),\(.*\)./\1 \2/')
    echo $dhcp
    # open pfirewall (on en0) shortly for logging into captive portal
    # this won't survive reoboot (anyway is intended for shortest time possible)
    # DNS ports
    pfctl -t dns_servers -T add $dhcp
    # ports 80 i 443
    pfctl -t exceptions -T add 0.0.0.0/0
    # for verification
    pfctl -t dns_servers -T show
    pfctl -t exceptions -T show
    # Login (manually into captive portal)
    # http HEAD http://www.google.com
    # open Safari with 'open -a Safari'
    osascript <<'EOD'
    tell application "Safari"
        make new document with properties {URL:"http://google.com"}
        activate
    end tell
 EOD
    # wait for key press
    echo "Press any key to reverse to safe settings after logging to captive portal"
    read -rsn1
    # close pfirewall (allow only traffic via VPN)
    pfctl -t exceptions -T delete 0.0.0.0/0
    pfctl -t dns_servers -T delete $dhcp
    # set DNS back to DNSCrypt 
    sleep 3
    networksetup -setdnsservers Wi-Fi 127.0.0.1
    sleep 3
    dscacheutil -flushcache; killall -HUP mDNSResponder
    # Connect to VPN now - (by hand). If not connected Mac is allowing minimum traffic on en0.
    # Change network location? (Should location 'Captive portal' be using proxy?)
 fi
	#!/usr/bin/env zsh

	if check-hijacking; then
	echo "The router doesn't hijack HTTP queries"
	else
	echo "The router hijacks HTTP queries - DNSCrypt is likely to be blocked"
	# kill/stop DNSCrypt

	networksetup -getcurrentlocation
	networksetup -switchtolocation 'Captive portal'
	# switch from regular DNS servers to DNS servers provided by DHCP
	networksetup -setdnsservers Wi-Fi Empty
	dhcp=$(ipconfig getpacket en0 \| grep domain_name_server \| awk {'print $3 $4'} \| sed 's/.\(.\),\(.\)./\1 \2/')
	echo $dhcp
	# open pfirewall (on en0) shortly for logging into captive portal
	# this won't survive reoboot (anyway is intended for shortest time possible)
	# DNS ports
	pfctl -t dns_servers -T add $dhcp
	# ports 80 i 443
	pfctl -t exceptions -T add 0.0.0.0/0
	# for verification
	pfctl -t dns_servers -T show
	pfctl -t exceptions -T show
	# Login (manually into captive portal)
	# http HEAD http://www.google.com
	# open Safari with 'open -a Safari'
	osascript <<'EOD'
	tell application "Safari"
	make new document with properties {URL:"http://google.com"}
	activate
	end tell
	EOD
	# wait for key press
	echo "Press any key to reverse to safe settings after logging to captive portal"
	read -rsn1
	# close pfirewall (allow only traffic via VPN)
	pfctl -t exceptions -T delete 0.0.0.0/0
	pfctl -t dns_servers -T delete $dhcp
	# set DNS back to DNSCrypt
	sleep 3
	networksetup -setdnsservers Wi-Fi 127.0.0.1
	sleep 3
	dscacheutil -flushcache; killall -HUP mDNSResponder
	# Connect to VPN now - (by hand). If not connected Mac is allowing minimum traffic on en0.
	# Change network location? (Should location 'Captive portal' be using proxy?)
	fi