Google and Facebook, I am facilitating packet filtering to block your tracking

If you are a computer hobbyist and are displeased with Google and Facebook nonconsensually tracking your every digital move through websites and applications not under their direct control, I encourage you to consider using sirubo, a project that I felt was imperative for me to build and release to the public under a permissive license.

In essence, sirubo is a POSIX shell script that leverages:

• whois, to perform a query for autonomous system number, or ASN, prefixes, such as 8.8.8.8/24.
• nftables on Linux and pf on OpenBSD, to impose firewall rules that reject outgoing traffic to IPv4 and IPv6 addresses associated with the aforementioned ASN prefixes.

I've been experimenting with sirubo during the COVID-19 pandemic, and while I plan to write a manpage and continue to address possible programmatic imperfections within sirubo's source, I believe this software is generally ready for production use on personal Linux and OpenBSD systems.

If interested, within a shell...

• Clone the sirubo repository:

% git clone https://git.sr.ht/~speguero/sirubo

Install sirubo:

% cd sirubo
% make install

Then, to illustrate, add the following ASNs to /usr/local/etc/sirubo.conf:

AS15169 # Google
AS32934 # Facebook

And finally, create a firewall ruleset to reject outgoing network traffic to IP address associated with the aforementioned ASNs:

% sirubo -c

> retrieving asn prefixes from:

  AS15169
  AS32934

% 

Run the following nc commands; Google and Facebook outbound traffic should now be rejected:

% nc -vw 1 google.com 443

nc: connect to google.com (0.0.0.0) port 443 (tcp) timed out: Operation now in progress
nc: connect to google.com (0.0.0.0) port 443 (tcp) failed: Connection refused

% nc -vw 1 facebook.com 443

nc: connect to facebook.com (0.0.0.0) port 443 (tcp) timed out: Operation now in progress
nc: connect to facebook.com (0.0.0.0) port 443 (tcp) failed: Connection refused

To disable this ruleset:

% sirubo -s

And to re-enable it:

% sirubo -r

Principally, the purpose of this software is to reclaim your privacy from these Silicon Valley conglomerates. It must be noted that businesses such as Google and Facebook are fundamentally of the advertising industry. Particularly, in an era of personalized advertising, and considering the measures necessary for such an idea to be feasible, businesses such as Google and Facebook ought to not be trusted.

To conclude this first blog post of mine, I wanted to make note of some good, old-fashioned Northeastern American sarcasm that I injected into the sirubo source code (at line 14):

 1 #!/bin/sh -ue
 2
 3 #            .__            ___.           
 4 #       _____|__|______ __ _\_ |__   ____  
 5 #      /  ___/  \_  __ \  |  \ __ \ /  _ \ 
 6 #      \___ \|  ||  | \/  |  / \_\ (  <_> )
 7 #     /____  >__||__|  |____/|___  /\____/ 
 8 #          \/                    \/        
 9 #                    v0.3
10 #
11 #      ASN prefix (big tech conglomerate)
12 #           outbound traffic blocker.
13 #
14 #  "Special shout-out to Google and Facebook!"

Silicon Valley, allow me to toss in your direction a friendly vernacular phrase from my hometown of Boston:

Fahk you.