Advanced Proxy Pac File

AdvancedProxyPacFile

When a number of computers reside on a single network, especially in a corporate setting a Proxy Server is often installed to provide a secure and efficient way of providing Internet access.

A Proxy Server basically sits at the boundary of a network and provides Internet access by allowing the client computers to talk directly to it whilst it heads off to the Internet to retrieve content.

The browsers need to be pointed at this proxy server in order for the connection to work and although having a single proxy server is fairly easy to configure by simply either it’s IP address or DNS address in the Browser settings page, configuring multiple clients for multiple Proxy servers can become very complicated very quickly.

A Proxy Pac File is a configuration file that instructs the Browser which Proxy Server it needs to use in order to get to a certain destination (usually the Internet).

When combined with smart distribution and configuration techniques such as Active Directory, PAC files can be a very powerful tool.

Writing an advanced Proxy Pac File can be both time consuming and frustrating.  The following is an example of an advanced Proxy Pac File that is capable of using a number of different Proxy Server addresses depending on both the source IP of the client and the destination.  There are a number of additional factors to take into account when using this Proxy Pac File, particularly around the use of the myIpAddress function which is known to have mixed results around both incorrectly using the local loop back address (127.0.0.1) and IPv6 when installed.  In my experience, this file has worked without problem – but your mileage may vary.

The main backbone of the Proxy Pac File is built around using the Javascript logical operators AND (&&) / OR (||) (double click to select all for copy/paste).

// Advanced Proxy PAC File
// Please feel free to copy, paste and edit as much as you like!function FindProxyForURL(url, host)
{// *** Proxy Pac File checks local IP to see if it is in the 192.168.10.0/24 network ***
if (
isInNet(myIpAddress(), "192.168.10.0", "255.255.255.0") &&
(
// *** Proxy Pac File then checks to see if the destination address is in any of the following addresses ***
shExpMatch (host, "10.10.10.*") ||
shExpMatch (host, "10.10.20.*") ||
shExpMatch (host, "10.10.30.*") ||
dnsDomainIs (host, ".corporate")
)
)
// *** Proxy Pac File then sets the Proxy Server as the following Proxy Server address and port ***
{return "PROXY proxy1.proxypacfile.com:8080";}// *** Proxy Pac File checks local IP to see if it is in the 192.168.20.0/24 network ***
if (
isInNet(myIpAddress(), "192.168.20.0", "255.255.255.0") &&
(
// *** Proxy Pac File then checks to see if the destination address is in any of the following addresses ***
shExpMatch (host, "10.10.10.*") ||
shExpMatch (host, "10.10.20.*") ||
shExpMatch (host, "10.10.30.*") ||
dnsDomainIs (host, ".corporate")
)
)
// *** Proxy Pac File then sets the Proxy Server as the following Proxy Server address and port ***
{return "PROXY proxy2.proxypacfile.com:8080";}// *** Proxy Pac File checks local IP to see if it is in the 192.168.30.0/24 network ***
if (
isInNet(myIpAddress(), "192.168.30.0", "255.255.255.0") &&
(
// *** Proxy Pac File then checks to see if the destination address is in any of the following addresses ***
shExpMatch (host, "10.10.10.*") ||
shExpMatch (host, "10.10.20.*") ||
shExpMatch (host, "10.10.30.*") ||
dnsDomainIs (host, ".corporate")
)
)
// *** Proxy Pac File then sets the Proxy Server as the following Proxy Server address and port ***
{return "PROXY proxy3.proxypacfile.com:8080";}// *** Proxy PAC File checks the following destination addresses regardless of client IP ***
if (
shExpMatch (host, "172.16.10.*.*") ||
shExpMatch (host, "172.16.20.*.*") ||
shExpMatch (host, "172.16.30.*.*")
)
// *** Proxy Pac File then sets the Proxy Server as the following Proxy Server address and port ***
{return "PROXY proxy4.proxypacfile.com:8080";}// *** Proxy Pac File checks the following destination addresses regardless of client IP ***
if (
dnsDomainIs (host, ".internal") ||
dnsDomainIs (host, ".local") ||
dnsDomainIs (host, ".intranet")
)
// *** Proxy Pac File then sets the Proxy Server as Direct which will bypass all Proxy Servers ***
{return "DIRECT";}// *** Proxy Pac File will set the global Proxy Server in the event that no other conditions are met ***
else
{return "PROXY globalproxy.proxypacfile.com:8080";}
}

Author: BigGeek

Wayne is a self-proclaimed geek, IT Professional, father of two and husband who's still much closer to 40 than 50. When he's not busy in an otherwise hectic life he takes time to blog on all things that warrant an online opinion. Founded in 2012, ePINIONATED has been a guilty pleasure for Wayne, giving him an online voice in a very noisy Interweb – some of which might even be useful, maybe.

We would love to hear from you...