Auto proxy settings with PAC file

As in the previous post “Home proxy for better productivity” I have explained how to set up the ”productivity enabled” home proxy server. Some people use transparent proxy. I like to leave that option open, to use the proxy or not. It is not a problem to set up desktop machine, but when it comes to laptops or people who use our network resources temporarily, setting a PAC file really makes less hustle to configure new machine to use our proxy.

Here is how to do it.

First, a word what is PAC file. Taken from wikipedia:

proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL.

A PAC file contains a JavaScript function “FindProxyForURL(url, host)”. This function returns a string with one or more access method specifications. These specifications cause the user agent to use a particular proxy server or to connect directly.

It makes way easier to set up new machine with that. It can be a local file, file stored on shared drive or network resources (no matter if it is SMB/LUN/AFP/NFS) or most commonly on the web server. I use my local development web server to repopulate those settings since it’s on 24/7.

Name does not matter, neither the domain. What I suggest to do when do it for a client is to create a subdomain (ex. https://proxy.company.com) and use .htaccess file to redirect set up file delivery upon that domain with simple

cat > .htaccess << EOF
DirectoryIndex proxy.pac
EOF

It is really as simple. Not let’s look on the syntax of most generic pac file:

function FindProxyForURL(url, host) {  
if (shExpMatch(url,"*.local/*")) {return "DIRECT";}
if (shExpMatch(url, "*host1:*/*")) {return "DIRECT";}
if (shExpMatch(url, "*host2:*/*")) {return "DIRECT";}
if (isInNet(host, "192.168.0.0",  "255.255.255.0")) {
return "PROXY 192.168.2.112:8080";
} 
return "PROXY 192.168.2.112:8080; DIRECT";}

Looks complicated at first but really isn’t. Read on I will explain line by line:

function FindProxyForURL(url, host) {  

As per wikipedia :)

if (shExpMatch(url,"*.local/*")) {return "DIRECT";}
if (shExpMatch(url, "*host1:*/*")) {return "DIRECT";} 
if (shExpMatch(url, "*host2:*/*")) {return "DIRECT";} 

Those lines define local hosts and when to void proxy definition. Simple if statement, if expression matches url which contains host2 even with charters before (“*host2:*/*”) and after (“*host2:*/*“) with all the ports (“*host2:*/*”) and combinations.

if (isInNet(host, "192.168.0.0",  "255.255.255.0")) {

We check whether, if our client IP address belongs to the range of IP’s with specific subnet mask. If it does:

return "PROXY 192.168.2.112:8080";

Set up proxy IP and port which will be used or if it doesn’t:

}  
return "PROXY 192.168.2.112:8080; DIRECT";}

Use proxy first, if not available use direct connection.

I guess it looks a log clearer now, isn’t it.


Some screenshot from the clients configurations:

mac.png

 

ff.png

 

win.png

I’ve got some feedback saying that 700MB won’t be enough for proxy. It always depend on the environment, but for the home office use I have 2 people browsing daily 8h+ and this is how the statistic looks like:

Munin  local  revo.png

Uptime is not as big, but certainly it is enough.

 

Leave a Reply

PECL perl installer on Red Hat

Sometimes you get stubborn with one small thing which holds your todo list for much more than planned. This was the case with me and RedHat for a client today. Small thing which stopped me for more than 30min. I am used to build perl modules with pecl. The problem was that on the system which I have just received to work on PECL was nowhere to be found.

Read More »

My Top Mac Applications

Since I am a big fan of all the lists, they have helped me not once to discover new and really exciting applications, I’ve decided to post my own application randevu of application which I value the most on Mac OSX platform. Here is the list:

Read More »

Copy only differences

Strange that sometimes even after many years of working with terminal, you learn something totally new and seems obvious. My next tip came up in exact such situation. Tool which I never heard of came with help. It is called “yes”. As per MAN page:

NAME     yes -- be repetitively affirmative

It obviously can be repetitively negative as well.

Read More »

Squid search upon dns resolution failed

It is a default Google Chrome behavior, and it is really easy to get used to it. What I mean, option which searches a string upon dns resolution failure.

I use all sorts of browsers in my everyday workflow, in fact even now, while writing this article I have Google Chrome, Firefox, Internet Explorer and Safari open. I try not to limi myself, and after all, all of them should do the same. Since the search function in a address bar is a desired function I thought I could modify my Home Proxy server to do something similar no matter which browser is used.

Read More »

Command execution shortkey

As you might already notice, I am a hard text expansion programs junkey. I got used to them over the years, and they help me work way more effectively and finish my tasks faster. Especially when it comes to the server side administration which involves a lot of repetitive tasks sometimes.

On OS X machines which I treat as a perfect desktop machines I use a software called TextExpander. And I use it hard. It’s developed by the company called Smile Software. They have other really good tools, but I am a fan of that one to die.

I will share with you a small neat expansion which I do find really readable and useful in numerous different tasks. It’s a simple execution counter as I described before based on bash $SECONDS build in variable.

Read More »

Auto proxy settings with PAC file

As in the previous post “Home proxy for better productivity” I have explained how to set up the ”productivity enabled” home proxy server. Some people use transparent proxy. I like to leave that option open, to use the proxy or not. It is not a problem to set up desktop machine, but when it comes to laptops or people who use our network resources temporarily, setting a PAC file really makes less hustle to configure new machine to use our proxy.

Here is how to do it.

Read More »

Home proxy for better productivity

I was using that kind of setup before and I thought that it might be a good idea to share it with you since it’s quite easy to set up (for terminal experienced person) and gives nice productivity boost from the hardware as well as from self-development point of view.

This is a general howto based on Debian system so all the commands used may vary depending on the system you are willing to set it up, although general configuration should not be much different.

Read More »

Last edited file

I thought I will share that with you since I use it really often on almost most of the systems I work on.

Since I use text expander software a lot, no matter on which system I work on, this is one of it. It basically shows last edited file within the directory. It is really useful while configuring services and in generally it is good to have it set up.

Read More »

Status of running dd

I have always thought that copying your CD to local storage is a good idea. I use a command which is build in in ANY unix operating system. It is obviously called dd. According to man page dd – convert and copy a file:

The dd utility copies the standard input to the standard output.  Input data is read and written in 512-byte blocks.  If input reads are short, input from multiple reads are aggregated to form the output block.  When finished, dd displays the number of complete and partial input and output blocks and truncated input records to the standard error output.

It’s a neat little tool which saved me a lot of hassle all over the occasions. The usage is as simple:

Read More »

Unix rights generator | my productivity tools

Even though I am completely attached to terminal on everyday basis, and you can call me geeky, but once on your fingers, it’s way faster than clicking. I can’t remember the rights number when modifying the files. I used to use more human readable way like:

chmod ugo+r $file

Although sometimes you simply can not go without rerunning your steps. In those situations I use the rights calculator.

The usage is more than simple, I would say it’s dumb protected. Just tick the right’s you want to give and the number will appear in input field.

Read More »