Difference between revisions of "PAC file example"
From Tech-Wiki
| (5 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
| − | PAC file | + | This example PAC file is used as proxy selector. It can bypass based several factors, or forward to different proxies servers. |
<nowiki> | <nowiki> | ||
| Line 9: | Line 9: | ||
var privateIP = /^(0|10|127|192\.168|172\.1[6789]|172\.2[0-9]|172\.3[01]|169\.254|192\.88\.99)\.[0-9.]+$/; | var privateIP = /^(0|10|127|192\.168|172\.1[6789]|172\.2[0-9]|172\.3[01]|169\.254|192\.88\.99)\.[0-9.]+$/; | ||
var resolved_ip = dnsResolve(host); | var resolved_ip = dnsResolve(host); | ||
| + | var myIp = myIpAddress(); | ||
/* Don't send non-FQDN or private IP auths to us */ | /* Don't send non-FQDN or private IP auths to us */ | ||
| Line 15: | Line 16: | ||
return "DIRECT"; | return "DIRECT"; | ||
} | } | ||
| − | |||
| − | |||
| − | |||
| − | + | if (dnsDomainIs(host, "www.acme.com") || | |
| − | + | dnsDomainIs(host, "webmail.acme.com")) | |
| − | + | return "PROXY proxy.acme.com:3128; DIRECT"; | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| + | /*If the host is an internal IP range (RFC1918), send direct */ | ||
| + | if (isInNet(resolved_ip, "10.0.0.0", "255.0.0.0") || | ||
| + | isInNet(resolved_ip, "172.16.0.0", "255.240.0.0") || | ||
| + | isInNet(resolved_ip, "192.168.0.0", "255.255.0.0") || | ||
| + | isInNet(resolved_ip, "127.0.0.0", "255.255.255.0")) | ||
| + | return "DIRECT"; | ||
| + | |||
/* FTP goes directly */ | /* FTP goes directly */ | ||
if (url.substring(0,4) == "ftp:") { | if (url.substring(0,4) == "ftp:") { | ||
| Line 37: | Line 35: | ||
// Domains to bypass | // Domains to bypass | ||
if ((host == "webmail.acme.com") || | if ((host == "webmail.acme.com") || | ||
| − | + | (host == "www.acme.com") || | |
| − | + | (dnsDomainIs(host, "sso.acme.com"))) | |
| − | return "DIRECT"; | + | return "DIRECT"; |
| + | |||
| + | if (shExpMatch(host, "*.microsoft.com") || | ||
| + | shExpMatch(host, "*windowsupdate*")) | ||
| + | return "PROXY proxy.acme.com:3128; DIRECT"; | ||
| + | |||
| + | // Balancing based on source | ||
| + | if (isInNet(myIp, "10.1.0.0", 255.255.255.0") || | ||
| + | isInNet(myIp, "10.2.0.0", 255.255.255.0")) | ||
| + | return "PROXY proxy2:8080; PROXY proxy1:8080; DIRECT"; | ||
| + | |||
| + | |||
| + | // Load balancing | ||
| + | var ipBits = myIp.split("."); | ||
| + | var mySeg = parseInt(ipBits[3]); | ||
| + | |||
| + | // Modulus % 2 | ||
| + | if((mySeg % 2) == 0) // Even | ||
| + | return "PROXY proxy1:8080; PROXY proxy2:8080;"; | ||
| + | else | ||
| + | return "PROXY proxy2:8080; PROXY proxy1:8080;"; | ||
| + | |||
/* Default Traffic Forwarding */ | /* Default Traffic Forwarding */ | ||
| − | return "PROXY | + | return "PROXY proxy1.acme.com:8080; PROXY proxy2.acme.com:8080; DIRECT"; |
} | } | ||
Latest revision as of 22:01, 20 June 2018
This example PAC file is used as proxy selector. It can bypass based several factors, or forward to different proxies servers.
function FindProxyForURL(url, host) {
var privateIP = /^(0|10|127|192\.168|172\.1[6789]|172\.2[0-9]|172\.3[01]|169\.254|192\.88\.99)\.[0-9.]+$/;
var resolved_ip = dnsResolve(host);
var myIp = myIpAddress();
/* Don't send non-FQDN or private IP auths to us */
// note this will defeat host file entries for external systems
if (isPlainHostName(host) || privateIP.test(host)) {
return "DIRECT";
}
if (dnsDomainIs(host, "www.acme.com") ||
dnsDomainIs(host, "webmail.acme.com"))
return "PROXY proxy.acme.com:3128; DIRECT";
/*If the host is an internal IP range (RFC1918), send direct */
if (isInNet(resolved_ip, "10.0.0.0", "255.0.0.0") ||
isInNet(resolved_ip, "172.16.0.0", "255.240.0.0") ||
isInNet(resolved_ip, "192.168.0.0", "255.255.0.0") ||
isInNet(resolved_ip, "127.0.0.0", "255.255.255.0"))
return "DIRECT";
/* FTP goes directly */
if (url.substring(0,4) == "ftp:") {
return "DIRECT";
}
// Domains to bypass
if ((host == "webmail.acme.com") ||
(host == "www.acme.com") ||
(dnsDomainIs(host, "sso.acme.com")))
return "DIRECT";
if (shExpMatch(host, "*.microsoft.com") ||
shExpMatch(host, "*windowsupdate*"))
return "PROXY proxy.acme.com:3128; DIRECT";
// Balancing based on source
if (isInNet(myIp, "10.1.0.0", 255.255.255.0") ||
isInNet(myIp, "10.2.0.0", 255.255.255.0"))
return "PROXY proxy2:8080; PROXY proxy1:8080; DIRECT";
// Load balancing
var ipBits = myIp.split(".");
var mySeg = parseInt(ipBits[3]);
// Modulus % 2
if((mySeg % 2) == 0) // Even
return "PROXY proxy1:8080; PROXY proxy2:8080;";
else
return "PROXY proxy2:8080; PROXY proxy1:8080;";
/* Default Traffic Forwarding */
return "PROXY proxy1.acme.com:8080; PROXY proxy2.acme.com:8080; DIRECT";
}