Hi
i will appreciate if someone will be able to help with that.
Our security department required to block network bridge between WiFiEthernet or two Ethernet connection at the same time equally. i found script here at jamf ( airport.sh) that working great only when switching between WiFi to Ethernet and bi-directional. the problem is that once we are connect with two Ethernet networks it doesn't block the second Ethernet. so at that scenario the bridge network is available.
what do i need to add to the script? how can i preferred only one Ethernet device to be active?

here the script:

!/bin/bash

#################################

Some variables to make things easier to read:

#################################

PlistBuddy=/usr/libexec/PlistBuddy
plist=/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist

#################################

Find out how many Interfaces there are

#################################

count=networksetup -listallhardwareports | grep Hardware | wc -l | tr -s " "
echo "Found$count network interfaces"

#################################

Get Interfaces

#################################

#################################

reset counter

#################################

counter=0

while [ $counter -lt $count ] do interface[$counter]=$PlistBuddy -c "Print Interfaces:$counter:SCNetworkInterfaceType" $plist let "counter += 1"
done

#################################

Get Real Interfaces

#################################

reset counter

#################################

counter=0

while [ $counter -lt $count ] do bsdname[$counter]=$PlistBuddy -c "Print Interfaces:$counter:BSD Name" $plist let "counter += 1"
done

#################################

Build Airport Array ${airportArray[@]} and Ethernet Array ${ethernetArray[@]}

#################################

reset counter

#################################

counter=0

while [ $counter -lt $count ] do

#################################

Check for Airport

#################################

if [ "${interface[$counter]}" = "IEEE80211" ] then

#################################

Add it to the Array

#################################

airportArray[$counter]=${bsdname[$counter]} fi

#################################

Check for Ethernet

#################################

if [ "${interface[$counter]}" = "Ethernet" ] then

#################################

Add it to the Array

#################################

ethernetArray[$counter]=${bsdname[$counter]} fi

#################################

let "counter += 1"

#################################

done

#################################

#################################

Tell us what was found

#################################

for i in ${ethernetArray[@]}
do echo $i is Ethernet
done

for i in ${airportArray[@]}
do echo $i is Airport
done

#################################

Check to see if Ethernet is connected

#################################

#################################

Figure out which Interface has activity

#################################

for i in ${ethernetArray[@]} do activity=netstat -I $i | wc -l if [ $activity -gt 1 ] then echo "$i has activity..." checkActive=ifconfig $i | grep status | cut -d ":" -f2

#################################

Ethernet IS connected

#################################

if [ "$checkActive" = " active" ] then echo "$i is connected...turning off Airport"

#################################

Turn off Airport

#################################

networksetup -setairportpower ${airportArray[@]} off echo "Airport off" exit 0 fi if [ "$checkActive" = " inactive" ] then echo "$i is not active" fi fi
done echo "Checked all Interfaces"

#################################

If the script makes it this far assume Ethernet is not connected.

#################################

Turn on Airport

#################################

networksetup -setairportpower ${airportArray[@]} on
echo "Airport on"
exit 0

thank you