Linux · Networking · Open Source · Proxy

Setting up Automatic Proxy Configuration (PAC) file


I tried to make this tutorial for users with medium to advance linux administrative skills. Even if you are not one of those one of them feel free to leave a comment and I shall try to help you out.

To make your Proxy Auto Configuration APC work you need a PAC file and a server to host it.

We shall do it in the following steps

  1. Write a PAC file with appropriate proxy configuration
  2. Hosting the file: Put it on a web server where the client browser can access it
  3. Setting up client browser for suing the PAC file to get and use proxy configuration
  4. Check if the traffic is going through the proxy server

Example Automatic Proxy Configuration PAC file

Proxy Auto-Configuration is a specialized JavaScript function definition that a browser calls to determine how requests are handled.

First of all create a PAC file which has all the proxy necessary setting you would like your browser to use,

[root@example html]# cat proxy.pac

function FindProxyForURL(url, host)

{

   if (isInNet(host, “192.168.0.0”, “255.255.0.0”)) {

      return “DIRECT”;

   } else {

      if (shExpMatch(url, “http:*”))

         return “PROXY 192.168.0.250:3128” ;

      if (shExpMatch(url, “https:*”))

         return “PROXY 192.168.0.250:3128” ;

      if (shExpMatch(url, “ftp:*”))

         return “PROXY 192.168.0.250:3128” ;

      return “DIRECT”;

   }

}

#EOF

In this configuration file, I am declaring my proxy server as 192.168.0.250 port 3128. The client should use this proxy for http, https and ftp requests.

Read more on how to write a pac file

Hosting the PAC file on a web server for client to access

Host your Proxy Auto Configuration file in a web server. This should work on any web environment as long as the right configuration parameters are entered. amusing the name of the web serverserver is http://www.example.com

i have tested it using apache 2 on redhat 5

Upload the file in server root /var/www/html/proxy.pac

Add the following line in your /etc/httpd/conf/httpd.conf

AddType application/x-ns-proxy-autoconfig .pac

AddType application/x-ns-proxy-autoconfig .dat #used for configuring auto detect setting using DNS

Restart/Reload apache to activate the new configuration

This is to make the “proxy.pac” file accessible  using the url http://www.example.com/proxy.pac

Setting up client browser for using the PAC file to get and use proxy configuration

After we are down with creating a PAC file appropriate for the network and hosting it on a web server from where web client has a direct access to, we need to configure the client use the PAC file for proxy configuration.

I shall put an example of firefox, Chrome and IE

Firefox

proxy setup, automatic Proxy configaration , Proxy configaration, firefox

Option -> network -> Settings

Select automatic proxy configuration URL:

Enter the full url where you have placed your PAC file and this url should be access able directly from the client browser, example

http://webserver.example.com/proxy.pac

To ensure that the file is accessible from the browser, try accessing the url from the browser with no proxy setting.  This should download the file in the local machine.

Chrome

proxy setup, automatic Proxy configaration , Proxy configaration, chrome, IE

Settings -> show advanced settings (at the bottom) -> Change proxy settings

Under connections tab click on LAN settings

Enable Use Automatic configuration script (disable all other option)

Enter the full url where you have placed your PAC file and this url should be access able directly from the client browser, example

http://webserver.example.com/proxy.pac

IE

proxy setup, automatic Proxy configaration , Proxy configaration, chrome, IE

Tools -> internet option -> connection -> LAN setting

Enable Use Automatic configuration script (disable all other option)

Enter the full url where you have placed your PAC file and this url should be access able directly from the client browser, example

http://webserver.example.com/proxy.pac

Check if the traffic is going through proxy

In my setup I have been using squid as a proxy, so I monitor for “tail -f /var/log/squid/access.log” and check for traffic request from the client. Make sure any transparent proxy configuration is turned off to avoid wrong reading.

Please share if you know of any other way to check from the client side.

If your traffic is passing through the proxy server, congratulations you have successfully configured automatic proxy configuration server with a PAC file.

Setting up web proxy Autodiscovery protocol using DNS

Read more on idea behind Proxy auto configuration for an enterprise network

Advertisements

5 thoughts on “Setting up Automatic Proxy Configuration (PAC) file

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s