Главная » Linux

Скрипт pac для прокси линукс

Содержание
  1. Proxy Auto Configuration (PAC)
  2. Proxy Auto-Configuration (PAC) file
  3. Syntax
  4. Parameters
  5. Description
  6. Return value format
  7. Examples
  8. Predefined functions and environment
  9. isPlainHostName()
  10. Syntax
  11. Parameters
  12. Description
  13. Examples
  14. dnsDomainIs()
  15. Syntax
  16. Parameters
  17. Description
  18. Examples
  19. localHostOrDomainIs()
  20. Syntax
  21. Parameters
  22. Description
  23. Examples
  24. isResolvable()
  25. Syntax
  26. Parameters
  27. Examples
  28. isInNet()
  29. Syntax
  30. Parameters
  31. Examples
  32. dnsResolve()
  33. Parameters
  34. Example
  35. convert_addr()
  36. Syntax
  37. Parameters
  38. dusenberrymw / proxy.pac
  39. This comment has been minimized.
  40. dusenberrymw commented Apr 15, 2017
  41. This comment has been minimized.
  42. stefanlasiewski commented Aug 10, 2018
  43. Proxy Auto-Config Files
  44. Available Languages
  45. Download Options
  46. Table Of Contents
  47. Proxy Auto-Config Files
  48. Overview
  49. How PAC Files Work
  50. PAC File Deployment
  51. Basic PAC File Examples

Proxy Auto Configuration (PAC)

В рунете мало информации об такой замечательной вещи как «Автоматическая настройка прокси сервера». В этой статье я постараюсь подробно остановиться на данном вопросе.

Суть технологии заключается в том, что браузер читает специальный файл написаный на языке JavaScript, в котором определена только одна функция:

function FindProxyForURL(url, host)
<
.
>
где,
url – полный URL запрашиваемого документа
host – имя поста извлекаемое из URL. Этот параметр необходим только для удобства. Он содержит всё от :// и до первого / или :. Номер порта не включается в этот параметр.

Функция возвращает строку содержащую один или несколько способов доступа к запрашиваемому документу. Формат строки следующий:

null — если строка null, то использовать прокси сервер не нужно;
DIRECT — прямое соединение без использования прокси;
PROXY host:port — определяет какой прокси сервер необходимо использовать;
SOCKS host:port — определяет SOCKS сервер который необходимо использовать.

Строка может содержать несколько приведенных выше параметров разделенных точкой с запятой. Тогда браузер будет перебирать их по очереди пока не найдёт доступный прокси сервер.
В главной функции могут быть вызваны следующие функции:

  • isPlainHostName(host) возвращает true если строка host не содержит точек («.»).
  • dnsDomainIs(host, domain) вернет true если domain принадлежит host
  • localHostOrDomainIs(host, hostdomain) возвращает true если строка host (имя хоста или домена) содержится в строке hostdomain
  • isResolvable(host) возвращает true если возможно определить IP адрес для заданной строки host
  • isInNet(host, pattern, mask) возвращает true если IP адрес или имя хоста в строке host соответствует шаблону pattern и маске mask
  • dnsResolve(host) возвращает IP адрес для заданного host
  • myIpAddress() возвращает IP адрес компьютера
  • dnsDomainLevels(host) возвращает количество точек в строке host. Другими словами уровень домена
  • shExpMatch(str, shellexp) вернет true если строка str соответствует регулярному выражению в строке shellexp (формат регулярных выражений shellexp, а не regexp). Например shExpMatch(«a/b/c»,»*/b/*») вернет true
  • weekdayRange(wd1 [, wd2 ][, «GMT«]) вернет true если текущая дата или дата заданная в параметре GTM, соответствует заданному дню недели или диапазону дней. Дни недели записываются в закавыченной строке из следующих вариантов (SUN|MON|TUE|WED|THU|FRI|SAT)
  • dateRange([day1] [,month1] [,year1] [,day2] [,month2] [,year2] [,»GMT«]) вернет true если текущая дата или дата заданная в параметре GTM попадает в указанный диапазон. Название месяца задается закавыченной строкой из следующих вариантов (JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)
  • timeRange(hour1, minute1, second1, hour2, minute2, second2 [, «GMT«])
  • timeRange(hour1, minute1, hour2, minute2 [, «GMT«])
  • timeRange(hour1, hour2 [, «GMT«])
  • timeRange(hour [, «GMT«])

Браузеры Firefox и Internet Explorer поддерживает только системную кодировку в PAC файле и не поддерживают Unicode кодировки, такие как UTF-8.

Источник

Proxy Auto-Configuration (PAC) file

A Proxy Auto-Configuration (PAC) file is a JavaScript function that determines whether web browser requests (HTTP, HTTPS, and FTP) go directly to the destination or are forwarded to a web proxy server. The JavaScript function contained in the PAC file defines the function:

Syntax

Parameters

The URL being accessed. The path and query components of https:// URLs are stripped. In Chrome (versions 52 to 73), you can disable this by setting PacHttpsUrlStrippingEnabled to false in policy or by launching with the —unsafe-pac-url command-line flag (in Chrome 74, only the flag works, and from 75 onward, there is no way to disable path-stripping; as of Chrome 81, path-stripping does not apply to HTTP URLs, but there is interest in changing this behavior to match HTTPS); in Firefox, the preference is network.proxy.autoconfig_url.include_path .

Читайте также:  Samsung gt p5200 драйвер windows 10

The hostname extracted from the URL. This is only for convenience; it is the same string as between :// and the first : or / after that. The port number is not included in this parameter. It can be extracted from the URL when necessary.

Description

Returns a string describing the configuration. The format of this string is defined in return value format below.

Return value format

  • The JavaScript function returns a single string
  • If the string is null, no proxies should be used
  • The string can contain any number of the following building blocks, separated by a semicolon:

DIRECT

Connections should be made directly, without any proxies

The specified proxy should be used

The specified SOCKS server should be used

Recent versions of Firefox support as well:

The specified proxy should be used

The specified HTTPS proxy should be used

SOCKS4 host:port , SOCKS5 host:port

The specified SOCKS server (with the specified SOCK version) should be used

If there are multiple semicolon-separated settings, the left-most setting will be used, until Firefox fails to establish the connection to the proxy. In that case, the next value will be used, etc.

The browser will automatically retry a previously unresponsive proxy after 30 minutes. Additional attempts will continue beginning at one hour, always adding 30 minutes to the elapsed time between attempts.

If all proxies are down, and there was no DIRECT option specified, the browser will ask if proxies should be temporarily ignored, and direct connections attempted. After 20 minutes, the browser will ask if proxies should be retried, asking again after an additional 40 minutes. Queries will continue, always adding 20 minutes to the elapsed time between queries.

Examples

Primary proxy is w3proxy:8080; if that goes down start using mozilla:8081 until the primary proxy comes up again.

PROXY w3proxy.netscape.com:8080; PROXY mozilla.netscape.com:8081; DIRECT

Same as above, but if both proxies go down, automatically start making direct connections. (In the first example above, Netscape will ask user confirmation about making direct connections; in this case, there is no user intervention.)

PROXY w3proxy.netscape.com:8080; SOCKS socks:1080

Use SOCKS if the primary proxy goes down.

The auto-config file should be saved to a file with a .pac filename extension:

And the MIME type should be set to:

Next, you should configure your server to map the .pac filename extension to the MIME type.

Note:

  • The JavaScript function should always be saved to a file by itself but not be embedded in a HTML file or any other file.
  • The examples at the end of this document are complete. There is no additional syntax needed to save it into a file and use it. (Of course, the JavaScripts must be edited to reflect your site’s domain name and/or subnets.)

Predefined functions and environment

These functions can be used in building the PAC file:

Note: pactester (part of the pacparser package) was used to test the following syntax examples.

  • The PAC file is named proxy.pac
  • Command line: pactester -p

/pacparser-master/tests/proxy.pac -u http://www.mozilla.org (passes the host parameter www.mozilla.org and the url parameter http://www.mozilla.org )

isPlainHostName()

Syntax

Parameters

The hostname from the URL (excluding port number).

Description

True if and only if there is no domain name in the hostname (no dots).

Examples

dnsDomainIs()

Syntax

Parameters

Is the hostname from the URL.

Is the domain name to test the hostname against.

Description

Returns true if and only if the domain of hostname matches.

Examples

localHostOrDomainIs()

Syntax

Parameters

The hostname from the URL.

Fully qualified hostname to match against.

Description

Is true if the hostname matches exactly the specified hostname, or if there is no domain name part in the hostname, but the unqualified hostname matches.

Examples

isResolvable()

Syntax

Parameters

is the hostname from the URL.

Tries to resolve the hostname. Returns true if succeeds.

Examples

isInNet()

Syntax

Parameters

a DNS hostname, or IP address. If a hostname is passed, it will be resolved into an IP address by this function.

an IP address pattern in the dot-separated format.

mask for the IP address pattern informing which parts of the IP address should be matched against. 0 means ignore, 255 means match.

True if and only if the IP address of the host matches the specified IP address pattern.

Pattern and mask specification is done the same way as for SOCKS configuration.

Examples

dnsResolve()

Parameters

hostname to resolve.

Resolves the given DNS hostname into an IP address, and returns it in the dot-separated format as a string.

Example

convert_addr()

Syntax

Parameters

Any dotted address such as an IP address or mask.

Concatenates the four dot-separated bytes into one 4-byte word and converts it to decimal.

Источник

dusenberrymw / proxy.pac

// Proxy PAC File
// — Used to redirect certain addresses to the server through the SOCKS ssh port (1280 for this file), i.e.
// tunnel traffic through server.
// — Useful for easily accessing webpages from services running on a server (Jupyter notebooks, TensorBoard, Spark UI, etc.)
// that is otherwise locked down by a firewall.
// — To install on OS X/MacOS, go to «Settings->Network->Advanced->Proxies->Automatic Proxy Configuration»
// and paste the local file url (`file:///absolute/path/to/proxy.pac`).
// — Alternatively, use `./reinstall_proxy.sh`.
// — SSH to the server with `ssh -D 1280 . `.
function FindProxyForURL ( url , host ) <
// Setup a SOCKS proxy on port 1280.
proxy = «SOCKS5 127.0.0.1:1280; SOCKS 127.0.0.1:1280»
// Log to `chrome://net-internals/#events` for debugging.
alert ( «url: » + url + «, host: » + host )
// Setup proxy filters.
// — Use `host` for IP addresses and domain names.
// — Use `url` for more control over the entire URL (i.e. sub paths).
// — Protip: Use the above debugging log to determine the `url` and `host` for
// a given page.
// — Protip 2: If you add an entry for your server to `/etc/hosts` in the form of
// `IP_address domain_name_url alias`, the `host` can be matched to the `alias`.
if ( shExpMatch ( host , «111.111.111.*» ) || // match IP address
shExpMatch ( host , «server*» ) ) < // match `server1`, `server23`, etc.
// Log to `chrome://net-internals/#events` for debugging.
alert ( host + » passed!» )
// Route through server.
return proxy ;
>
// Route everything else directly!
return «DIRECT» ;
>
#! /usr/bin/env bash
set -x # echo on
DIR= » $( cd » $( dirname » $0 » ) » && pwd ) «
PROXY_FILE_PATH= » $DIR /proxy.pac «
sudo networksetup -setautoproxystate Wi-Fi off
sudo networksetup -setautoproxyurl Wi-Fi file:// $PROXY_FILE_PATH
sudo networksetup -getautoproxyurl Wi-Fi

This comment has been minimized.

Copy link Quote reply

dusenberrymw commented Apr 15, 2017

Note: IntelliJ can’t run remote debugging using a system SOCKS proxy. Therefore, for this use case, simply open a direct ssh connection with local port forwarding to the correct remote port, then start the remote debug session pointing at that local port.

For a remote debug session pointing at localhost:5007 , assuming a debug port is open on REMOTE_HOST:5007 :

This comment has been minimized.

Copy link Quote reply

stefanlasiewski commented Aug 10, 2018

I believe the sudo command is unnecessary on a Mac. I can run networksetup -setautoproxystate Wi-Fi off as a non-root user.

You can’t perform that action at this time.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.

Источник

Proxy Auto-Config Files

Available Languages

Download Options

Table Of Contents

Proxy Auto-Config Files

Overview

Proxy Auto-Configuration (PAC) is a method used by Web browsers to select a proxy for a given URL. The method for choosing a proxy is written as a JavaScript function contained in a PAC file. This file can be hosted locally or on a network. Browsers can be configured to use the file either manually or, in Microsoft Windows environments, automatically using Group Policy Objects. This appendix explains the basics of using PAC files.

How PAC Files Work

A PAC file is referenced each time a new URL is loaded. The host, for example cnn.com, the URL, for example cnn.com/images/logo.jpg, and other information such as the local machine IP address can be evaluated and rules based on this information used to determine whether to send the traffic via a proxy or direct to the Internet.

The following example compares the URL requested by the user, with the URL ipcheckit.com/data/. If the URLs match, the PAC file will instruct the browser to send the request direct to the Internet. This can be used if you need to exception a section of a Web site from going via the Web Scanning Services; if the user had requested only ipcheckit.com, this rule would not apply:

In the next example the local IP address of the machine making a Web request is evaluated. If the IP address falls within the IP address range 10.10.1.* then the PAC file will send the request to proxy182.scansafe.net. If this proxy is unavailable it will then failover to proxy137.scansafe.net. This can be used if you have different office locations using different IP address ranges with a Web Scanning Services proxy or Connector specific to each location:

Although a PAC file can have any name, normally it should be called proxy.pac.

PAC File Deployment

There are three ways to deploy a PAC file:

Local PAC: in some cases it may be appropriate to host the file on the local machine, this can be useful if the machine is likely to leave the network and doesn’t have Anywhere+ installed. Rules can be specified in the PAC file to allow direct Internet access when off-network.

Share PAC: the file can be hosted on a Windows share, assuming that the share is accessible to the machine and that the correct permissions have been applied. If the location of the PAC file is password protected then this is likely to prevent the browser from downloading the file.

Hosted PAC: hosting the file on a Web server is the most popular and widely supported method. The only requirement is that the file be served by the Web server with a specific MIME type (application/x-ns-proxy-autoconfig).

Basic PAC File Examples

Direct all traffic through the first proxy. If it is unreachable, use the second proxy. If both are unavailable go direct:

Direct HTTP traffic as in the first example, but send all HTTPS traffic direct:

Источник

Читайте также:  Как размонтировать диск линукс
Оцените статью
© 2024 Советы по настройке компьютера