https://github.com/fermi-ad/proxy-auto-config

A proxy auto-config example for allowing access to a list of domains behind a firewall.

https://github.com/fermi-ad/proxy-auto-config

Science Score: 21.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
    Organization fermi-ad has institutional domain (ad.fnal.gov)
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (11.5%) to scientific vocabulary

Keywords

network proxy
Last synced: 4 months ago · JSON representation

Repository

A proxy auto-config example for allowing access to a list of domains behind a firewall.

Basic Info
  • Host: GitHub
  • Owner: fermi-ad
  • Language: JavaScript
  • Default Branch: main
  • Homepage:
  • Size: 59.6 KB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Topics
network proxy
Created over 5 years ago · Last pushed over 1 year ago
Metadata Files
Readme

README.md

Proxy Auto-Configuration (PAC)

Note: In order for this config to be used, the repo must be public so that the URL is reachable. This requires Kerberos authentication via SSH.

I explored this because I wanted have a browser that can search Google while accessing resources only available behind a firewall.

My first Google search led me to StackOverflow and consequently to MozillaZine and WikiPedia.

These references and example were enough to get me started and I took the opportunity to refactor it and make it more flexible.

Originally, I was using Firefox's manual proxy to get behind the firewall, but the method sends all traffic to the proxy with a list of exceptions. I want the other way around. I want only certain request to go behind the firewall. Proxy auto-config allows custom code to route traffic and solves my problem.

Example

```javascript function FindProxyForURL(url, host) { host = host.toLowerCase(); if (dnsDomainIs(host, "blocked.com") || dnsDomainIs(host, "censored.stuff.com")) return "PROXY 123.45.67.89:80"; // (IP:port)

return "DIRECT"; } ```

Refactor

``javascript function FindProxyForURL(url, host) { const shouldProxy = () => { return dnsDomainIs(host.toLowerCase(),fnal.gov) || isInNet(host,131.225.0.0,255.255.0.0`) }

if (shouldProxy())
    return `SOCKS5 localhost:1080; SOCKS localhost:1080; DIRECT`

return `DIRECT`

} ```

Enable proxy

There must be a proxy at localhost:1080 for pages within the firewall to work.

bash ssh -D 1080 basion_host

The above command will proxy requests to localhost:1080 through to bastion_host.

Run this in a terminal to enable requests behind the firewall.

Install proxy.pac

While an OS wide proxy could be useful I found it difficult to troubleshoot and wasn't able to make it work on my MacBook Pro. There are recomendations from around the web to "just use the browser."

Firefox

In the Firefox settings about:preferences#general>Network Settings there is a field for Automatic proxy configuration URL where you can link to an external URL or a local file using file://.

The file must be named proxy.pac.

Chromium

The Chromium team recommends using an extension to enable a proxy on Chromium browsers. I found the Proxy Switcher extension to be well liked and simple.

This also works with Firefox.

Safari

TODO

Owner

  • Name: Fermilab Accelerator Directorate
  • Login: fermi-ad
  • Kind: organization
  • Location: United States of America

Fermilab Accelerator Systems

GitHub Events

Total
Last Year