Thanks for the reply, I purchased a Raspberry Pi to run an Apache2 server on it and host my wpad. It is working should I use and proxy settings to block pivots to it? Example an invasive container accesses the proxy and pivots to other devices on the network from inside the cage
> On Dec 10, 2024, at 06:50, David Touzeau <da...@articatech.com> wrote: > > Hi Jonathan > > Using squid as a PAC proxy provider is not an efficient solution. > - Squid cache error pages, which may cause problems when modifying the source. > - The PAC proxy will generate events in squid that are polluting for > troubleshooting. > - If squid has issues or is stopped ( disk full, false config..) , it will be > difficult to provide an alternative way. > > To this end, we're offering a free, open-source service dedicated to PAC > proxies, with the distinctive feature of offering several PAC proxies > depending on the client source and browser. > A web-based management console lets you build the Proxy PAC, test your rules > and view access events. > This solution is independent, leaving the squid free to focus on its > designated mission. > > https://wiki.articatech.com/en/proxy-service/proxy-pac > > regards > > > Le 09/12/2024 à 14:40, ngtech1...@gmail.com <mailto:ngtech1...@gmail.com> a > écrit : >> Hey Jonathan, >> >> Can you give more details on the setup? >> I am unsure how this setup work. >> Is this an intercept proxy or a simple forward proxy? >> Is the 192.168.1.1 the proxy ip and port? Also is the client on the same >> subnet? >> >> I understand that you are trying to use the proxy to serve the wpad file >> somehow. >> >> Thanks, >> Eliezer >> >> From: squid-users <squid-users-boun...@lists.squid-cache.org> >> <mailto:squid-users-boun...@lists.squid-cache.org> On Behalf Of Jonathan Lee >> Sent: Monday, December 2, 2024 12:04 AM >> To: Jonathan Lee <jonathanlee...@gmail.com> <mailto:jonathanlee...@gmail.com> >> Cc: squid-users <squid-users@lists.squid-cache.org> >> <mailto:squid-users@lists.squid-cache.org> >> Subject: Re: [squid-users] Wpad >> >> this is the wpad file I am using >> >> function FindProxyForURL(url, host) >> { >> url = url.toLowerCase(); >> host = host.toLowerCase(); >> >> if (isPlainHostName(host)) >> { >> return 'DIRECT'; >> } >> >> if (isResolvable(host)) >> { >> var hostIP = dnsResolve(host); >> >> if (isInNet(hostIP, '0.0.0.0', '255.0.0.0') || isInNet(hostIP, '10.0.0.0', >> '255.0.0.0') || >> isInNet(hostIP, '127.0.0.0', '255.0.0.0') || isInNet(hostIP, '169.254.0.0', >> '255.255.0.0') || >> isInNet(hostIP, '172.16.0.0', '255.240.0.0') || isInNet(hostIP, >> '192.168.0.0', '255.255.0.0') || >> isInNet(hostIP, '198.18.0.0', '255.254.0.0') || isInNet(hostIP, '224.0.0.0', >> '240.0.0.0') || >> isInNet(hostIP, '240.0.0.0', '240.0.0.0')) >> { >> return 'DIRECT'; >> } >> >> if (false) >> { >> return 'DIRECT'; >> } >> } >> >> if (url.substring(0, 5) == 'http:' || url.substring(0, 6) == 'https:' || >> url.substring(0, 4) == 'ftp:') >> { >> return 'PROXY 192.168.1.1:3128'; >> } >> >> return 'DIRECT'; >> } >> >> >> On Dec 1, 2024, at 13:58, Jonathan Lee <jonathanlee...@gmail.com >> <mailto:jonathanlee...@gmail.com>> wrote: >> >> this is what I have tried it also fails >> >> acl wpad urlpath_regex ^/wpad.dat$ >> acl wpad urlpath_regex ^/proxy.pac$ >> deny_info 200:/usr/local/www/wpad.dat wpad >> deny_info 200:/usr/local/www/proxy.pac wpad >> http_access deny wpad >> >> reply_header_access Content-Type deny wpad >> reply_header_replace Content-Type application/x-ns-proxy-autoconfig >> >> when you run squid -k parse it take the config file >> >> >> What I want to do is when it sees that reg ex to send it to this URL >> https://192.168.1.1:8080/wpad.dat >> >> >> >> >> On Dec 1, 2024, at 09:01, Jonathan Lee <jonathanlee...@gmail.com >> <mailto:jonathanlee...@gmail.com>> wrote: >> >> Thank you again this works perfectly for my issues I had >> >> >> On Oct 2, 2024, at 20:51, Amos Jeffries <squ...@treenet.co.nz >> <mailto:squ...@treenet.co.nz>> wrote: >> >> On 2/10/24 05:05, Jonathan Lee wrote: >> >> Hello fellow squid users, >> Can you please help? I am attempting to run wpad on the same machine as >> squid however port 80 443 is blocked, I have a url redirect >> 192.168.1.1/wpad.dat to https://192.168.1.1:8080/wpad.dat this is done with >> use of squid guard, however you must disable bypass for 192.168.1.1 on >> squid. Squid resides on 192.168.1.1:3128, >> It works on the iMac for auto config proxy I can access the url file within >> the redirect. >> My question is how can this be managed directly with squid custom config ?? >> Is there a way to have squid manage a simple wpad? >> >> >> acl wpad urlpath_regex ^/wpad.dat$ >> deny_info 200:/etc/squid/wpad.dat wpad >> http_access deny wpad >> >> reply_header_access Content-Type deny wpad >> reply_header_replace Content-Type application/x-ns-proxy-autoconfig >> >> >> >> HTH >> Amos >> _______________________________________________ >> squid-users mailing list >> squid-users@lists.squid-cache.org <mailto:squid-users@lists.squid-cache.org> >> https://lists.squid-cache.org/listinfo/squid-users >> >> >> >> >> >> _______________________________________________ >> squid-users mailing list >> squid-users@lists.squid-cache.org <mailto:squid-users@lists.squid-cache.org> >> https://lists.squid-cache.org/listinfo/squid-users > > -- > David Touzeau - Artica Tech France > Development team, level 3 support > ---------------------------------- > P: +33 6 58 44 69 46 > www: https://wiki.articatech.com <https://wiki.articatech.com/> > www: http://articatech.net <http://articatech.net/> > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org <mailto:squid-users@lists.squid-cache.org> > https://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users