README: Update
sirubo, readme, Makefile: clean codebase, change opts
readme: update as markdown, include gif demo
Blocks outbound tech conglomerate (AS) network traffic.
sirubo [c|create] [h|halt|stop] [r|resume] [s|show]
Command | Description |
---|---|
c create |
Create and start ruleset enforcement and persistence. |
h halt stop |
Stop ruleset enforcement and persistence. |
r resume |
Resume ruleset enforcement and persistence. |
s show |
Show ruleset. |
The sirubo utility is a POSIX shell script that makes use of:
Transport-layer packet filtering; in particular, nftables on Linux and pf on OpenBSD, to facilitate the rejection of outgoing traffic to autonomous system network, or ASN, prefixes (subnets).
whois, to perform a query for ASN prefixes (subnets).
Linux | OpenBSD |
---|---|
nftables | pf |
whois | whois |
systemd |
Preventing passive and nonconsensual telemetry, and the infringement of one's privacy thereafter, from intrusively inquisitive big tech conglomerates, such as Meta (Facebook) and Alphabet (Google).
sudo make install
AS32934 # Google
sirubo c
nc -vw 1 google.com 443
The command should print a message similar to this:
nc: connect to google.com (0.0.0.0) port 443 (tcp) failed: Connection refused
This will indicate that your operating system firewall is configured to reject all outbound traffic directed at Google's ASN prefixes.
make uninstall
Or, optionally, uninstall sirubo and delete its configuration files:
make clean
/usr/local/bin/sirubo
- The utility itself./usr/local/etc/sirubo.conf
- Contains ASNs that you, the user, specify for
rejection./usr/local/etc/sirubo.ruleset
- Contains a cached firewall ruleset./usr/local/etc/sirubo.ruleset.backup
- Contains a defunct firewall ruleset
that is reserved as a backup when creating a new ruleset manually or
automatically./etc/systemd/system/sirubo.service
(Linux) - A service that facilitates
firewall ruleset persistency and automatic ruleset updates with every
operating system reboot.
/etc/rc.d/sirubo
(OpenBSD) - A service that facilitates firewall ruleset
persistency and automatic ruleset updates with every operating system
reboot.
See the LICENSE
file for details.