Table of Contents
Automatic proxy configuration
DRAFT
DHCP way
- Works for IE
# autoproxy option wpad-url code 252 = text; option wpad-url "http://wpad.domain.lan/proxy.php "; # space (or any other character) at the end must be in place as a workaround related to the IE bug
DNS way
- Works for Firefox
- DNS record: wpad.domain.lan
- wpad.dat have to be linked to proxy.php
ln -s proxy.php wpad.dat
- Apache site
<VirtualHost *:80> ServerName wpad.domain.lan AddType application/x-httpd-php .dat DocumentRoot /opt/company/autoproxy <Directory "/opt/company/autoproxy"> Options FollowSymLinks Order allow,deny Allow from all </Directory> </VirtualHost>
Generate proxy.pac (wpad.dat) depend on source IP
- You might also be interested in Smart proxy.pac
- proxy.php
/* Creator: Stanislav German-Evtushenko (2012) * Contributor: add your name here */ <?php // Define mime and filename header('Content-type: application/x-ns-proxy-autoconfig'); header('Content-Disposition: attachment; filename="proxy.pac"'); ?> <?php // Define network sets // Location 1 $network_sets[0] = array( "10.135.0.0/21", // Network 1 "172.17.0.0/16", // Network 2 ); // Location 2 $network_sets[1] = array( "10.10.0.0/16", // Network 3 ); ?> <?php // Get source IP address $myip = $_SERVER['REMOTE_ADDR']; // Define functions function ip_in_network($ip, $network){ list ($net_addr, $net_mask) = split ("/", $network); $ip_binary_string = sprintf("%032b",ip2long($ip)); $net_binary_string = sprintf("%032b",ip2long($net_addr)); return (substr_compare($ip_binary_string,$net_binary_string,0,$net_mask) === 0); } function ip_in_network_set($ip, $network_set){ foreach ($network_set as $network) if (ip_in_network($ip, $network)) return true; return false; } function proxy_for_network_set($ip, $network_set, $proxy_string){ if (ip_in_network_set($ip,$network_set)) print "$proxy_string;"; } function default_proxy($ip, $network_sets){ proxy_for_network_set($ip,$network_sets[0],"PROXY proxy1.domain.lan:3128"); // Location 1 proxy_for_network_set($ip,$network_sets[1],"PROXY proxy2.domain.lan:8080; PROXY proxy3.domain.lan:8080"); // Location 2 } ?> function FindProxyForURL(url, host) { // Define default proxy dst_default = "<?php default_proxy($myip, $network_sets); ?>"; //// If specific URL needs to bypass proxy, send traffic direct. // if (shExpMatch(url,"*domain.com*") || // shExpMatch(url,"*vpn.domain.com*")) // return "DIRECT"; // If URL has no dots in host name, send traffic direct. if (isPlainHostName(host)) return "DIRECT"; // If IP address is internal or hostname resolves to internal IP, send direct. resolved_ip = dnsResolve(host); if (isInNet(resolved_ip, "10.0.0.0", "255.0.0.0") || isInNet(resolved_ip, "172.16.0.0", "255.240.0.0") || isInNet(resolved_ip, "192.168.0.0", "255.255.0.0") || isInNet(resolved_ip, "127.0.0.0", "255.255.255.0")) return "DIRECT"; // Return default proxy return dst_default; }