+ Post New Thread
Page 1 of 3 123 LastLast
Results 1 to 15 of 31
Internet Related/Filtering/Firewall Thread, Proxy .pac file in Technical; Hi, I am trying to setup a proxy config file. I would like it to be setup like the following. ...
  1. #1

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,843
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444

    Proxy .pac file

    Hi,

    I am trying to setup a proxy config file.

    I would like it to be setup like the following.

    If the IP address of the client is in this range:
    172.16.96.1 - 172.16.99.254
    Then go to QV proxy server 172.16.96.30

    If the IP address of the client is in this range:
    172.16.16.1 - 172.16.19.254
    Then go to KP proxy server 172.16.16.30

    Then i would like some URLs as exceptions for example google.com

    This is some code i put together

    Code:
    function FindProxyForURL(url, host)
    {
    
    // Variable strings to return
    
    var proxy_yes = "QV-PROXY 172.16.96.30:8080";
    var proxy_yes = "KP-PROXY 172.16.16.30:8080";
    var proxy_no = "DIRECT";
    
    // Execptions for direct connection
    
    if (shExpMatch(url, "http://google.com/*")) { return proxy_no; }
    
    // Proxy if PC is on local LAN
    
    if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0"))
    return "QV-PROXY 172.16.96.30:8080";
    
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "KP-PROXY 172.16.16.30:8080";
    
    // Everything else to go direct
    
    else
    return "DIRECT";
    }



    Has anybody got any input or corrections please?
    Last edited by FN-GM; 17th September 2010 at 07:45 PM.

  2. #2


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    I don't think you need this:

    Code:
    var proxy_yes = "QV-PROXY 172.16.96.30:8080";
    var proxy_yes = "KP-PROXY 172.16.16.30:8080";
    and I think this bit
    Code:
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "KP-PROXY 172.16.16.30:8080";
    should just be

    Code:
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "PROXY 172.16.16.30:8080";

  3. Thanks to CyberNerd from:

    FN-GM (17th September 2010)

  4. #3


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    BTW - if your trying to load balance? it might be better to do it with RoundRobin DNS - ie Return "PROXY someDNSname:8080";
    where someDNSname resolves to 2 different ip ranges.

  5. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,843
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    No we are a split site school with one domain so the DNS is identical on both sites. Each site has its own IP range. We have a proxy on each site. We dont want one site using the proxy server of the other. If i use a round robin it could revert to the wrong proxy server.

    So you think it should just be this?

    Code:
    function FindProxyForURL(url, host)
    {
    
    
    // Execptions for direct connection
    
    if (shExpMatch(url, "http://google.com/*")) { return proxy_no; }
    
    // Proxy if PC is on local LAN
    
    if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0"))
    return "QV-PROXY 172.16.96.30:8080";
    
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "KP-PROXY 172.16.16.30:8080";
    
    // Everything else to go direct
    
    else
    return "DIRECT";
    }

    Thanks allot
    Last edited by FN-GM; 17th September 2010 at 08:27 PM.

  6. #5

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,513
    Thank Post
    1,493
    Thanked 1,050 Times in 919 Posts
    Rep Power
    302
    Why can't you use a Group Policy setting apply that to the OU(s) that have machines on that site to say use this proxy for Site X and use this proxy for Site Y? You can even get clever and use GPP to add more funkyness and say all devices named Site1- take this etc ?

  7. #6

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,843
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    We have laptops will be traveling and used between the two sites
    Sometimes they may move upto 3 times a day. So i can't keep switching OU's for them.

    We will also have devices that wont be managed by AD.

    Thanks though, i did think of that.
    Last edited by FN-GM; 17th September 2010 at 08:38 PM.

  8. #7
    Iain's Avatar
    Join Date
    Oct 2006
    Location
    Warwickshire
    Posts
    187
    Thank Post
    28
    Thanked 93 Times in 53 Posts
    Rep Power
    31
    You don't want the QV-, or KP- prefix to PROXY in the return statements. i.e:

    Code:
    function FindProxyForURL(url, host)
    {
    
    
    // Execptions for direct connection
    
    if (shExpMatch(url, "http://google.com/*")) { return "DIRECT"; }
    
    // Proxy if PC is on local LAN
    
    if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0"))
    return "PROXY 172.16.96.30:8080";
    
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "PROXY 172.16.16.30:8080";
    
    // Everything else to go direct
    
    else
    return "DIRECT";
    }
    A good source of information on .pac / wpad files : FindProxyForURL.com - PAC & WPAD Resource
    Last edited by Iain; 17th September 2010 at 09:36 PM. Reason: proxy_no not defined, so removed

  9. Thanks to Iain from:

    FN-GM (17th September 2010)

  10. #8

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,843
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    Thanks for the link

    So i put it like this?

    Thanks

    Code:
    function FindProxyForURL(url, host)
    {
    
    
    // Execptions for direct connection
    
    if (shExpMatch(url, "http://google.com/*")) { return proxy_no; }
    
    // Proxy if PC is on local LAN
    
    if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0"))
    return "PROXY 172.16.96.30:8080";
    
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "PROXY 172.16.16.30:8080";
    
    // Everything else to go direct
    
    else
    return "DIRECT";
    }
    Last edited by FN-GM; 17th September 2010 at 09:37 PM.

  11. #9
    Iain's Avatar
    Join Date
    Oct 2006
    Location
    Warwickshire
    Posts
    187
    Thank Post
    28
    Thanked 93 Times in 53 Posts
    Rep Power
    31
    Yes, I believe so, although you need to replace proxy_no in your google.com test, as this is no longer defined. i.e. it should read:

    Code:
     
    if (shExpMatch(url, "http://google.com/*")) { return "DIRECT"; }

    I'd also remove the else statement as it's not needed.

    Quote Originally Posted by FN-GM View Post
    Thanks for the link

    So i put it like this?

    Thanks

    Code:
    function FindProxyForURL(url, host)
    {
    
    
    // Execptions for direct connection
    
    if (shExpMatch(url, "http://google.com/*")) { return proxy_no; }
    
    // Proxy if PC is on local LAN
    
    if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0"))
    return "PROXY 172.16.96.30:8080";
    
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "PROXY 172.16.16.30:8080";
    
    // Everything else to go direct
    
    else
    return "DIRECT";
    }

  12. Thanks to Iain from:

    FN-GM (17th September 2010)

  13. #10

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,843
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    Thanks allot

    So its like this?

    Thanks

    Code:
    function FindProxyForURL(url, host)
    {
    
    
    // Execptions for direct connection
    if (shExpMatch(url, "http://google.com/*")) { return "DIRECT"; }
    
    // Proxy if PC is on local LAN
    
    if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0"))
    return "PROXY 172.16.96.30:8080";
    
    if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0"))
    return "PROXY 172.16.16.30:8080";
    
    // Everything else to go direct
    
    else
    return "DIRECT";
    }

  14. #11
    Iain's Avatar
    Join Date
    Oct 2006
    Location
    Warwickshire
    Posts
    187
    Thank Post
    28
    Thanked 93 Times in 53 Posts
    Rep Power
    31
    This should work:

    Code:
    function FindProxyForURL(url, host) {
    
        // Execptions for direct connection
        if (shExpMatch(url, "http://google.com/*")) { 
            return "DIRECT"; 
        }
    
        // Proxy if PC is on local LAN
        if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0")) {
            return "PROXY 172.16.96.30:8080";
        }
        if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0")) {
            return "PROXY 172.16.16.30:8080";
        }
    
        // Everything else to go direct
        return "DIRECT";
    }

  15. Thanks to Iain from:

    FN-GM (17th September 2010)

  16. #12

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,843
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    Thanks one last one if i want to add more URL's do i do it like this please?

    Code:
    function FindProxyForURL(url, host) {
    
        // Execptions for direct connection
        if (shExpMatch(url, "http://google.com/*")) { 
        if (shExpMatch(url, "http://example2.com/*")) { 
            return "DIRECT"; 
        }
    
        // Proxy if PC is on local LAN
        if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0")) {
            return "PROXY 172.16.96.30:8080";
        }
        if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0")) {
            return "PROXY 172.16.16.30:8080";
        }
    
        // Everything else to go direct
        return "DIRECT";
    }


    or


    Code:
    function FindProxyForURL(url, host) {
    
        // Execptions for direct connection
        if (shExpMatch(url, "http://google.com/*")) { 
            return "DIRECT"; 
        if (shExpMatch(url, "http://example2.com/*")) { 
            return "DIRECT"; 
        }
    
        // Proxy if PC is on local LAN
        if (isInNet(myIpAddress(), "172.16.96.1", "255.255.252.0")) {
            return "PROXY 172.16.96.30:8080";
        }
        if (isInNet(myIpAddress(), "172.16.16.1", "255.255.252.0")) {
            return "PROXY 172.16.16.30:8080";
        }
    
        // Everything else to go direct
        return "DIRECT";
    }

    Thanks for the help

  17. #13
    Iain's Avatar
    Join Date
    Oct 2006
    Location
    Warwickshire
    Posts
    187
    Thank Post
    28
    Thanked 93 Times in 53 Posts
    Rep Power
    31
    Like the second one, although you need more } brackets.

    Code:
        // Execptions for direct connection
        if (shExpMatch(url, "http://google.com/*")) { 
            return "DIRECT"; 
        }
    
        if (shExpMatch(url, "http://example2.com/*")) { 
            return "DIRECT"; 
        }

    So for each url that you don't want to go though the proxy you need:
    Code:
        if (shExpMatch(url, "<URL>")) { 
            return "DIRECT"; 
        }

    Where <URL>, is the url that you don't want going through the proxy.

    Hope that makes sense!

    Iain

  18. Thanks to Iain from:

    FN-GM (17th September 2010)

  19. #14
    Iain's Avatar
    Join Date
    Oct 2006
    Location
    Warwickshire
    Posts
    187
    Thank Post
    28
    Thanked 93 Times in 53 Posts
    Rep Power
    31
    A useful little tool for testing .pac files is pactester - Project Hosting on Google Code, although you'll need *nix box to run it on.

    Iain.

  20. 2 Thanks to Iain:

    CyberNerd (17th September 2010), FN-GM (17th September 2010)

  21. #15


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by john View Post
    Why can't you use a Group Policy setting apply that to the OU(s) that have machines on that site to say use this proxy for Site X and use this proxy for Site Y? You can even get clever and use GPP to add more funkyness and say all devices named Site1- take this etc ?
    Also, it doesn't work for other popular browsers, and non-windows equipment such as staff/student owned iphones etc. Pac files are much more versatile, and they can be defined in Group Policies for domain windows computers.

SHARE:
+ Post New Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. OSX and Proxy.pac files
    By cookie_monster in forum Mac
    Replies: 0
    Last Post: 28th April 2010, 10:38 AM
  2. .pac files and horrible web proxy sites.
    By itwasntme in forum Internet Related/Filtering/Firewall
    Replies: 4
    Last Post: 10th March 2010, 12:13 PM
  3. Proxy .pac file
    By FN-GM in forum Internet Related/Filtering/Firewall
    Replies: 4
    Last Post: 10th February 2010, 10:33 AM
  4. proxy .pac file
    By sted in forum Windows
    Replies: 12
    Last Post: 24th September 2009, 07:50 PM
  5. Stupid proxy pac
    By Oops_my_bad in forum Wireless Networks
    Replies: 10
    Last Post: 23rd March 2009, 09:59 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •