Automatic proxy configuration

Automatic proxy configuration

DRAFT

DHCP way

Works for IE

# autoproxy
option wpad-url code 252 = text;
option wpad-url "http://wpad.domain.lan/proxy.php ";  # space (or any other character) at the end must be in place as a workaround related to the IE bug

DNS way

Works for Firefox

URL: http://wpad.domain.lan/wpad.dat
DNS record: wpad.domain.lan
wpad.dat have to be linked to proxy.php
```
ln -s proxy.php wpad.dat
```

Apache site

<VirtualHost *:80>

    ServerName wpad.domain.lan
    AddType application/x-httpd-php .dat

    DocumentRoot /opt/company/autoproxy
    <Directory "/opt/company/autoproxy">
        Options FollowSymLinks
        Order allow,deny
        Allow from all
    </Directory>

</VirtualHost>

Generate proxy.pac (wpad.dat) depend on source IP

You might also be interested in Smart proxy.pac

proxy.php

/* Creator: Stanislav German-Evtushenko (2012)
 * Contributor: add your name here
 */
 
<?php
// Define mime and filename
header('Content-type: application/x-ns-proxy-autoconfig');
header('Content-Disposition: attachment; filename="proxy.pac"');
?>
<?php
// Define network sets
// Location 1
$network_sets[0] = array(
        "10.135.0.0/21",        // Network 1
        "172.17.0.0/16",        // Network 2
);
// Location 2
$network_sets[1] = array(
        "10.10.0.0/16",         // Network 3
);
?>
<?php
// Get source IP address
$myip = $_SERVER['REMOTE_ADDR'];
// Define functions
function ip_in_network($ip, $network){
        list ($net_addr, $net_mask) = split ("/", $network);
        $ip_binary_string = sprintf("%032b",ip2long($ip));
        $net_binary_string = sprintf("%032b",ip2long($net_addr));
        return (substr_compare($ip_binary_string,$net_binary_string,0,$net_mask) === 0);
}
function ip_in_network_set($ip, $network_set){
        foreach ($network_set as $network)
                if (ip_in_network($ip, $network)) return true;
        return false;
}
function proxy_for_network_set($ip, $network_set, $proxy_string){
        if (ip_in_network_set($ip,$network_set))
                print "$proxy_string;";
}
function default_proxy($ip, $network_sets){
        proxy_for_network_set($ip,$network_sets[0],"PROXY proxy1.domain.lan:3128"); // Location 1
        proxy_for_network_set($ip,$network_sets[1],"PROXY proxy2.domain.lan:8080; PROXY proxy3.domain.lan:8080"); // Location 2
}
?>
 
function FindProxyForURL(url, host) {
 
// Define default proxy
dst_default = "<?php default_proxy($myip, $network_sets); ?>";
 
//// If specific URL needs to bypass proxy, send traffic direct.
//      if (shExpMatch(url,"*domain.com*") ||
//          shExpMatch(url,"*vpn.domain.com*"))                  
//              return "DIRECT";
 
// If URL has no dots in host name, send traffic direct.
        if (isPlainHostName(host))
                return "DIRECT";
 
// If IP address is internal or hostname resolves to internal IP, send direct.
        resolved_ip = dnsResolve(host);
        if (isInNet(resolved_ip, "10.0.0.0", "255.0.0.0") ||
                isInNet(resolved_ip, "172.16.0.0",  "255.240.0.0") ||
                isInNet(resolved_ip, "192.168.0.0", "255.255.0.0") ||
                isInNet(resolved_ip, "127.0.0.0", "255.255.255.0"))
                return "DIRECT";
 
// Return default proxy
return dst_default;
 
}

browser, javascript, proxy, proxy.pac, scripting, php