Jump to content

Serving a proxy.cap file through nginx on KWTS all in one appliance (ISO)


Recommended Posts

Posted

Hi all,

A possible way of serving a "proxy.pac" file from your KWTS "all in one" appliance (.ISO based setup) --> please note that this might not be officially supported
Obviously, you need SSH access to your KWTS appliance.

----> edit /etc/nginx/mime.types and add the following line where it alphabetically belongs, respecting the identation:
[root@kwts ~]# vim /etc/nginx/mime.type
types {
  ~
  application/x-ns-proxy-autoconfig			pac;
  ~
}

----> create a folder which will be hosting our .pac file:
[root@kwts ~]# mkdir /usr/share/nginx/pac

----> create /etc/nginx/conf.d/pacserver.conf (you need to edit the lines below according to your wanted scheme: <port>, <fqdn>):
[root@kwts ~]# vim /etc/nginx/conf.d/pacserver.conf
server {
  listen <port>;
  server_name  <fqdn>;
  charset utf8;
  location / {
    root /usr/share/nginx/pac;
    index proxy.pac;
  }
}
    
----> create your proxy.pac file and edit accordingly:
[root@kwts ~]# vim /usr/share/nginx/pac/proxy.pac 
function FindProxyForURL(url, host) 
{
        
        // Convert host to lower case
        var lhost = host.toLowerCase();
        host = lhost;
        
        // Convert url to lower case
        var lurl = url.toLowerCase();
        url = lurl;
        
        // Defining proxy Services
        var direct = "DIRECT";
        var kwts = "PROXY 10.1.1.250:3128";
        
        // Forced through --> KWTS
        if (shExpMatch(host, "Hostname.FQDN"))
            return kwts;
        
        // If the hostname suffix is within *.xxx --> DIRECT.
        if (shExpMatch(host, "*.local"))
            return direct;
        
        // DEFAULT RULE: Catchall --> KWTS
            return kwts;

}    
    
----> restart nginx services
[root@kwts ~]# systemctl restart nginx.service

----> verify that the assigned PACSERVER:PORT is up and listening:
[root@kwts ~]# ss -tnlp

----> test a proxy.pac retrieval:
[root@kwts ~]# curl http://<your.fqdn.suffix:port>/proxy.pac
function FindProxyForURL(url, host) 
{
        
        // Convert host to lower case
        var lhost = host.toLowerCase();
        host = lhost;
        
        // Convert url to lower case
        var lurl = url.toLowerCase();
        url = lurl;
        
        // Defining proxy Services
        var direct = "DIRECT";
        var kwts = "PROXY 10.1.1.250:3128";
        
        // Forced through --> KWTS
        if (shExpMatch(host, "Hostname.FQDN"))
            return kwts;
        
        // If the hostname suffix is within *.xxx --> DIRECT.
        if (shExpMatch(host, "*.local"))
            return direct;
        
        // DEFAULT RULE: Catchall --> KWTS
            return kwts;

}   
[root@kwts ~]#

You should afterwards be able to configure your OS'es/Browsers using the PAC file: http://kwts.domain.suffix:PORT/proxy.pac

Hope this helps,
Kind regards.
m.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...