Opens a quick SOCKS5 tunnel over SSH and configures OSX to use the proxy

socks5-proxy.template

#!/usr/bin/env bash

##################################################################################
## Change extension to .command to allow execution by double-clicking in Finder ##
##################################################################################

# activate debugging
#set -x	

# fail on any errors
set -e

INTERFACE=Wi-Fi 
HOST=localhost
PORT=10025
REMOTEHOSTS=( "host1" "host2" )


##################################
##### DO NOT EDIT BELOW HERE #####
##################################		

TUNNEL_ALREADY_OPENED=0
REMOTEHOST=${REMOTEHOSTS[$RANDOM % ${#REMOTEHOSTS[@]} ]}
LSOF_OUTPUT=$(lsof -bw -S5 -ac ssh -i:$PORT 2>/dev/null | (grep -E "^ssh\s*[0-9]*\s*$(whoami)" || echo ""))
[ -n "${LSOF_OUTPUT}" ] && TUNNEL_ALREADY_OPENED=1



# Ask for the administrator password upfront
sudo -v 


function disable_proxy() { 
    echo -n "$(tput setaf 136)" # orange
    echo "Disabling SOCKS proxy..."
    sudo networksetup -setsocksfirewallproxystate $INTERFACE off 
    echo -n "$(tput setaf 64)" #green 
    echo "SOCKS proxy disabled."
    
    if [[ $TUNNEL_ALREADY_OPENED -eq 0 ]]; then
        echo -n "$(tput setaf 136)" # orange
        echo "Closing all opened SSH tunnels..."
        lsof -bwt -S5 -ac ssh -i:$PORT | xargs -L1 -I% kill %
        echo -n "$(tput setaf 64)" #green 
        echo "Closed all opened SSH tunnels." 
    else
        echo -n "$(tput setaf 136)" # orange
        lsof -bw -S5 -ac ssh -i:$PORT | egrep "^ssh\s+[0-9]+\s+$(whoami)"
        echo "Not closing the SSH tunnel that was created previously."    
    fi
    
    echo -n "$(tput sgr0)" # color reset
    exit 0
}

#This function is used to cleanly exit any script. It does this displaying a
# given error message, and exiting with an error code.
function error_exit {
    echo -n "$(tput setaf 1)" # red
    echo "$@"
    echo -n "$(tput sgr0)" # color reset
    disable_proxy
    exit 1
}
#Trap the killer signals so that we can exit with a good message.
trap "error_exit 'Received signal SIGHUP'" SIGHUP
trap "error_exit 'Received signal SIGINT'" SIGINT
trap "error_exit 'Received signal SIGTERM'" SIGTERM
trap "error_exit 'Received signal SIGKILL'" SIGKILL
trap "error_exit 'Received signal ERR'" ERR

#Alias the function so that it will print a message with the following format:
#prog-name(@line#): message
#We have to explicitly allow aliases, we do this because they make calling the
#function much easier (see example).
shopt -s expand_aliases
alias die='error_exit "Error ${0}(@`echo $(( $LINENO - 1 ))`):"'

 # Let's roll

echo -n "$(tput setaf 136)" # orange
echo "Enabling SOCKS proxy..."
sudo networksetup -setsocksfirewallproxy $INTERFACE $HOST $PORT 
sudo networksetup -setsocksfirewallproxystate $INTERFACE on 
echo -n "$(tput setaf 64)" # green
echo "SOCKS proxy $HOST:$PORT enabled."

if [[ $TUNNEL_ALREADY_OPENED -eq 0 ]]; then
    echo -n "$(tput setaf 136)" # orange
    echo "Opening tunnel over SSH to $REMOTEHOST..."
    ssh-add -l || ssh-add
    #nohup bash -c 'ssh -fND $HOST:$PORT $REMOTEHOST' &>/dev/null &
    ssh -qfND $HOST:$PORT $REMOTEHOST 2>&1
    echo -n "$(tput setaf 64)" # green
    echo "SSH tunnel opened at $HOST:$PORT."
else
    echo -n "$(tput setaf 136)" # orange
    echo "An existing SSH tunnel has already been opened. We will not attempt to open another."
    #echo "${LSOF_OUTPUT}"
fi
echo -n "$(tput setaf 64)" # green
echo "Proxying via SSH tunnel available at $HOST:$PORT."


echo -n "$(tput sgr0)" # color reset 


# Keep-alive: update existing `sudo` time stamp until finished
while read -n1; do 
    sleep 1
done 2>/dev/null # trap ctrl-c and call disable_proxy()