PAC stands for "Proxy Auto Configuration"
With a PAC file we can define how web browsers can automatically choose the appropriate proxy server for looking up a given URL. This is done based on a JavaScript function "FindProxyFor URL(url, host)".
To use PAC, you publish a PAC file on a Web server and instruct your browser to read it.
This can be done manually by open a web browser on the client and navigating to: tools - internet options - Connections - LAN settings - Use automatic configuration script and entering the path where the PAC file is located. Of course, it can also be done on a larger scale by defining the PAC file in a client applied GPO.
There is a catch! Due to security restrictions of Windows 2003 servers, you must instruct your web server to declare the mime type of this file to be: application/x-ns-proxy-autoconfig. On Windows 2000 servers, this is not necessary.
The Mime type can be added on your IIS server under the tab "HTTP" and clicking on "MIME".
Examples of PAC-files which can be easily adjusted to your needs.
Simple PAC file
function FindProxyForURL(url, host)
{
if (isInNet(myIpAddress(), "192.168.1.0", "255.255.255.0"))
return "PROXY 192.168.1.1:8080";
else
return "DIRECT";
}
More complex PAC file
function FindProxyForURL(url, host)
{
if (shExpMatch(url, "http://principia.mo.techpaths.com*")) {
return "DIRECT";
}
if (isInNet(myIpAddress(), "192.168.1.0", "255.255.255.0"))
return "PROXY 192.168.1.1:8080";
else
return "DIRECT";
}
Complex PAC file
function FindProxyForURL(url, host)
{
// variable strings to return
var proxy_yes = "PROXY 192.168.1.1:8080";
var proxy_no = "DIRECT";
if (shExpMatch(url, "http://www.mycompanywebsite.com*")) { return proxy_no; }
if (shExpMatch(url, "http://www.myotherwebsite.com*")) { return proxy_no; }
if (shExpMatch(url, "http://www.my3rdlocalsite.com*")) { return proxy_no; }
// Proxy anything else
return proxy_yes;
}
Very complex PAC file
function FindProxyForURL(url, host)
{
// variable strings to return
var proxy_yes = "PROXY 192.168.1.1:8080";
var proxy_no = "DIRECT";
if (shExpMatch(url, "http://www.mycompanywebsite.com*")) { return proxy_no; }
if (shExpMatch(url, "http://www.myotherwebsite.com*")) { return proxy_no; }
if (shExpMatch(url, "http://www.my3rdlocalsite.com*")) { return proxy_no; }
if (shExpMatch(url, "http://192.168.1.100*")) { return proxy_no; }
// Proxy if PC is on local LAN
if (isInNet(myIpAddress(), "192.168.1.0", "255.255.255.0"))
return "PROXY 192.168.1.1:8080";
else
return "DIRECT";
}
Friday, June 01, 2007
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment