HowTo: Use Auto Config Proxy PAC File For Specific Domain

I would like to use the squid proxy server only for one domain called foo.example.com. How do I auto-configuring proxy settings with a PAC file to hide one domain and connect everything else directly? How do I specify a URL in a PAC file to bypass proxy server? How do I create exceptions using a PAC file?

A PAC file is nothing but proxy auto-configuration file. This is a specialized JavaScript function definition that a browser calls to determine how requests are handled. In other words, you need the Javascript skills for most PAC file development.

Syntax

A very simple example of a PAC file is:

   function FindProxyForURL(url, host)
   {
      return "PROXY server1.sxi.io:3128; DIRECT";
   }

You need to create and upload proxy.pac file in your web server DocumentRoot. This file set a basic proxy server for every request your browser makes using server1.sxi.io at port 3128. Firefox, Chrome, Opera, and IE uses your computer’s system proxy settings to connect to the network. However, you can change these settings by visiting network settings option. You need to supply the url for proxy.pac file. In the Automatic proxy connfiguration URL box, type the url of the proxy.pac file such as http://192.168.1.100/proxy.pac or http://server1.sxi.io/proxy.pac:

Fig.01: Setting firefox pac file url

Example

In this example, you use the proxy server for foo.example.com, and directly connect to all other site.

function FindProxyForURL(url, host) {
    if ( localHostOrDomainIs(host, "foo.example.com") ) {
        return "PROXY server1.sxi.io:3128";
    } else {
        return "DIRECT";
    }
}

This proxy.pac file allows to connect various hosts / domains via the proxy server and rest hosts directly to the Internet:

function FindProxyForURL(url, host) {
    // Your proxy server name and port
    var proxyserver = 'server1.sxi.io:3128';
    //
    //  Here's a list of hosts to connect via the PROXY server
    //
    var proxylist = new Array(
        "nixcraft.com",
        "reddit.com",
        "sxi.io",
        "mail.google.com",
        "www.pandora.com",
        "www.google.com"
    );
    // Return our proxy name for matched domains/hosts
    for(var i=0; i<proxylist.length; i++) {
        var value = proxylist[i];
        if ( localHostOrDomainIs(host, value) ) {
            return "PROXY "+proxyserver;
        }
    }
    return "DIRECT";
}

You create a PAC files are easily modified to specify any number of URLs that will bypass the proxy or include in the proxy i.e. exceptions can be created using the following syntax:

if (shExpMatch(url, "*.slashdot.org/*"))
   {return "DIRECT";}

OR connect reddit.com via the proxy server:

if (shExpMatch(url, "*.reddit.com/*"))
   {return "PROXY proxy42.ca.sxi.io:8080";}

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.