kerus1024 · May 31, 2020 12:52 · kerus1024 · Jul 17, 2020
diff --git a/run_without_internet.bash b/run_without_internet.bash
 #!/bin/bash
 # IPTABLES Matching by PID got removed in 2005.

 # Usage: foo.bash 0 ping -c 4 -w 1 1.1.1
 #        foo.bash 1 ping -c 4 -w 1.1.1.1

 IPTABLES="/sbin/iptables"
 REJECT_MODE="DROP" # REJECT, DROP
 RANDOM_FUNC=$(( ( RANDOM % 30000 ) + 10000 ))

 TEMP_ARGS=("$@")
 VERBOSE=${TEMP_ARGS[0]}
 unset 'TEMP_ARGS[0]'
 RUN_COMMAND="${TEMP_ARGS[@]}"

 USERADD="/usr/sbin/useradd"
 USERMOD="/usr/sbin/usermod"
 USERDEL="/usr/sbin/userdel"

 # Get Last PID (for Randomly Generate User)
 [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Create Random Username"
 `echo 1 > /dev/null` &
 LAST_PID=$!
 GET_RANDOM=`echo $RANDOM_FUNC`
 RANDOM_DIGEST="temp-${LAST_PID}-${GET_RANDOM}"
 NEW_UID=$GET_RANDOM

 [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] -- USERNAME : $RANDOM_DIGEST, UID=$NEW_UID"

 [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Create Temporary User for process [UID=$NEW_UID]"
 $USERADD -M $RANDOM_DIGEST -u $NEW_UID
 $USERMOD -L $RANDOM_DIGEST

 [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Blocking Networking..."
 $IPTABLES -I OUTPUT -m owner --uid-owner $NEW_UID -j $REJECT_MODE

 [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Run process"

 su $RANDOM_DIGEST -c "$RUN_COMMAND" &
 NEW_PID=$!

 #while [ -n "$NEW_PID" -a -e /proc/$NEW_PID ];
 #do
 #    [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Process [$NEW_PID] is running."
 #    sleep 1
 #done

 wait $NEW_PID
 RETURN_CODE=$?

 [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Unblocking Networking..."
 $IPTABLES -D OUTPUT -m owner --uid-owner $NEW_UID -j $REJECT_MODE

 [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Remove Temporary User"
 $USERDEL $RANDOM_DIGEST

 exit $RETURN_CODE
	#!/bin/bash
	# IPTABLES Matching by PID got removed in 2005.

	# Usage: foo.bash 0 ping -c 4 -w 1 1.1.1
	# foo.bash 1 ping -c 4 -w 1.1.1.1

	IPTABLES="/sbin/iptables"
	REJECT_MODE="DROP" # REJECT, DROP
	RANDOM_FUNC=$(( ( RANDOM % 30000 ) + 10000 ))

	TEMP_ARGS=("$@")
	VERBOSE=${TEMP_ARGS[0]}
	unset 'TEMP_ARGS[0]'
	RUN_COMMAND="${TEMP_ARGS[@]}"

	USERADD="/usr/sbin/useradd"
	USERMOD="/usr/sbin/usermod"
	USERDEL="/usr/sbin/userdel"

	# Get Last PID (for Randomly Generate User)
	[[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Create Random Username"
	`echo 1 > /dev/null` &
	LAST_PID=$!
	GET_RANDOM=`echo $RANDOM_FUNC`
	RANDOM_DIGEST="temp-${LAST_PID}-${GET_RANDOM}"
	NEW_UID=$GET_RANDOM

	[[ "$VERBOSE" -gt "0" ]] && echo "[BASH] -- USERNAME : $RANDOM_DIGEST, UID=$NEW_UID"

	[[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Create Temporary User for process [UID=$NEW_UID]"
	$USERADD -M $RANDOM_DIGEST -u $NEW_UID
	$USERMOD -L $RANDOM_DIGEST

	[[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Blocking Networking..."
	$IPTABLES -I OUTPUT -m owner --uid-owner $NEW_UID -j $REJECT_MODE

	[[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Run process"

	su $RANDOM_DIGEST -c "$RUN_COMMAND" &
	NEW_PID=$!

	#while [ -n "$NEW_PID" -a -e /proc/$NEW_PID ];
	#do
	# [[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Process [$NEW_PID] is running."
	# sleep 1
	#done

	wait $NEW_PID
	RETURN_CODE=$?

	[[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Unblocking Networking..."
	$IPTABLES -D OUTPUT -m owner --uid-owner $NEW_UID -j $REJECT_MODE

	[[ "$VERBOSE" -gt "0" ]] && echo "[BASH] Remove Temporary User"
	$USERDEL $RANDOM_DIGEST

	exit $RETURN_CODE