As in the previous post “Home proxy for better productivity” I have explained how to set up the ”productivity enabled” home proxy server. Some people use transparent proxy. I like to leave that option open, to use the proxy or not. It is not a problem to set up desktop machine, but when it comes to laptops or people who use our network resources temporarily, setting a PAC file really makes less hustle to configure new machine to use our proxy.
Here is how to do it.
First, a word what is PAC file. Taken from wikipedia:
A proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL.
A PAC file contains a JavaScript function “FindProxyForURL(url, host)”. This function returns a string with one or more access method specifications. These specifications cause the user agent to use a particular proxy server or to connect directly.
It makes way easier to set up new machine with that. It can be a local file, file stored on shared drive or network resources (no matter if it is SMB/LUN/AFP/NFS) or most commonly on the web server. I use my local development web server to repopulate those settings since it’s on 24/7.
Name does not matter, neither the domain. What I suggest to do when do it for a client is to create a subdomain (ex. https://proxy.company.com) and use .htaccess file to redirect set up file delivery upon that domain with simple
cat > .htaccess << EOF DirectoryIndex proxy.pac EOF
It is really as simple. Not let’s look on the syntax of most generic pac file:
function FindProxyForURL(url, host) {
if (shExpMatch(url,"*.local/*")) {return "DIRECT";}
if (shExpMatch(url, "*host1:*/*")) {return "DIRECT";}
if (shExpMatch(url, "*host2:*/*")) {return "DIRECT";}
if (isInNet(host, "192.168.0.0", "255.255.255.0")) {
return "PROXY 192.168.2.112:8080";
}
return "PROXY 192.168.2.112:8080; DIRECT";}
Looks complicated at first but really isn’t. Read on I will explain line by line:
function FindProxyForURL(url, host) {
As per wikipedia 
if (shExpMatch(url,"*.local/*")) {return "DIRECT";}
if (shExpMatch(url, "*host1:*/*")) {return "DIRECT";}
if (shExpMatch(url, "*host2:*/*")) {return "DIRECT";}
Those lines define local hosts and when to void proxy definition. Simple if statement, if expression matches url which contains host2 even with charters before (“*host2:*/*”) and after (“*host2:*/*“) with all the ports (“*host2:*/*”) and combinations.
if (isInNet(host, "192.168.0.0", "255.255.255.0")) {
We check whether, if our client IP address belongs to the range of IP’s with specific subnet mask. If it does:
return "PROXY 192.168.2.112:8080";
Set up proxy IP and port which will be used or if it doesn’t:
} return "PROXY 192.168.2.112:8080; DIRECT";}
Use proxy first, if not available use direct connection.
I guess it looks a log clearer now, isn’t it.
Some screenshot from the clients configurations:
I’ve got some feedback saying that 700MB won’t be enough for proxy. It always depend on the environment, but for the home office use I have 2 people browsing daily 8h+ and this is how the statistic looks like:
Uptime is not as big, but certainly it is enough.
RSS feed for comments on this post. / TrackBack URI