Search squid archive

Re: {Disarmed} Re: site cannot be accessed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2015-01-13 at 09:30 +0200, Eliezer Croitoru wrote:
> Hey,
> 
> Did you had the chance to see this page:
> http://findproxyforurl.com/example-pac-file/
> 
> Eliezer
> 
> On 13/01/2015 06:22, Simon Dcunha wrote:
> > Dear Sarfraz,
> > appreciate your immediate reply
> >
> > Heres attached is my pac file
> > i am accessing the 10.101.101.10 server
> >
> > regards
> >
> > simon
> > ----------------
> >
> >
> >
> >
> >
> >
> > From: "***some text missing***" <shozii1@xxxxxxxxx>
> > To: "simon" <simon@xxxxxxxxxxxxxx>, "squid-users" <squid-users@xxxxxxxxxxxxxxx>
> > Sent: Monday, January 12, 2015 1:18:06 PM
> > Subject: {Disarmed} Re:  site cannot be accessed
> >
> >
> > Share your PAC file please.
> >
> > Regards,
> > Sarfraz
> >
> >
> > From: Simon Dcunha <simon@xxxxxxxxxxxxxx>
> > To: squid-users <squid-users@xxxxxxxxxxxxxxx>
> > Sent: Monday, January 12, 2015 11:41 AM
> > Subject:  site cannot be accessed
> >
> >
> > Dear All,
> >
> > I have squid-3.1.10-22.el6_5.x86_64 running on centos 6.5 64 bit for quite sometime and working fine
> > just a couple of days back some users reported an issue
> >
> > i have a intranet site which just stopped working .
> > if I uncheck the proxy option in the browser the site works fine
> > the above users also use internet and is working fine
> >
> > I am using the pac file to bypass local sites and the local intranet websites are alredy added in the pac file
> >
> > also i am quite sure the above intranet website were working before
> >
> > the squid log shows
> > ------------
> > 1421053747.139 70984 172.16.6.21 TCP_MISS/000 0 GET MailScanner warning: numerical links are often malicious: http://10.101.101.10/ - DIRECT/10.101.101.10 -
> > 1421053779.524 32021 172.16.6.21 TCP_MISS/000 0 GET MailScanner warning: numerical links are often malicious: http://10.101.101.10/ - DIRECT/10.101.101.10 -
> > ----------
> >
> > appreciate your advice and concern
> >
> > regards
> >
> > simon
> >
> >
> >
> > _______________________________________________
> > squid-users mailing list
> > squid-users@xxxxxxxxxxxxxxxxxxxxx
> > http://lists.squid-cache.org/listinfo/squid-users
> >
> 
> 
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> http://lists.squid-cache.org/listinfo/squid-users

an example pac file i started with...
function FindProxyForURL(url,host)
{

	//The DOMAINS listed in this array will be send direct -- unproxied
	var direct_access_domains = new Array();
		direct_access_domains[0] = ".domain.tld";

	//The HOSTS listed in this array will be send direct -- unproxied
	var direct_access_hosts = new Array();
		direct_access_hosts[0] = "host.domain.tld";

	//The NETWORKS listed in these arrays will be sent direct -- unproxied
	//This is an associative array -- the network and mask are in separate arrays
	//Please be carefull when modifying this
	var direct_access_nets = new Array();
	var direct_access_mask = new Array();
		direct_access_nets[0] = "192.168.0.0";
		direct_access_mask[0] = "255.255.0.0";

	//DOMAINS in this array override all other logic in this script and are forced through the proxy
	var proxied_domains = new Array();
		proxied_domains[0] = "proxied-domain.tld";
		proxied_domains[1] = ".proxied-domain.tld";

	//HOSTS in this array override all other logic in this script and are forced through the proxy
	var proxied_hosts = new Array();
		proxied_hosts[0] = "host.proxied-domain.tld";

	//HOSTS in this array override all other logic in this script and are forced through proxy1
	var proxy1_hosts = new Array();
		proxy1_hosts[0] = "direct1.domain.tld";

	//HOSTS in this array override all other logic in this script and are forced through proxy2
	var proxy2_hosts = new Array();
		proxy2_hosts[0] = "direct2.domain.tld";

	var home_source_nets = new Array();
	var home_source_mask = new Array();
		home_source_nets[0] = "192.168.1.0";
		home_source_mask[0] = "255.255.255.0";
		home_source_nets[1] = "192.168.2.0";
		home_source_mask[1] = "255.255.255.0";

	var vpn_source_nets = new Array();
	var vpn_source_mask = new Array();
		vpn_source_nets[0] = "192.168.3.0";
		vpn_source_mask[0] = "255.255.255.0";

	//INITIALIZE VARIABLES
	var proxy_code = 0;
	var isnumeric = 0;
	var loc = 0;
	var myip = myIpAddress();

	//evaluate source IP to determine if user should utilize a proxy in a particular order
	for (var i=0; i<home_source_nets.length; i++) {
		if (isInNet(myip, home_source_nets[i], home_source_mask[i])) var loc = 1;
	}

	for (var i=0; i<vpn_source_nets.length; i++) {
		if (isInNet(myip, vpn_source_nets[i], vpn_source_mask[i])) var loc = 2;
	}

	//PROXY SELECTION
	//var proxy = "proxy.domain.tld:8080"
	var proxy1 = "proxy.domain.tld:8081"
	var proxy2 = "proxy.domain.tld:8082"

	//Site Selection
	switch (loc) {
	case 1:
		var primary = "proxy.domain.tld:8080";
		var secondary = "proxy.domain.tld:8081";
		var tertiary = "proxy.domain.tld:8082";
		break;
	case 2:
		var primary = "proxy.domain.tld:8082";
		var secondary = "proxy.domain.tld:8081";
		var tertiary = "proxy.domain.tld:8080";
		break;
	default:
		var primary = "proxy.domain.tld:8080";
		var secondary = "proxy.domain.tld:8081";
		var tertiary = "proxy.domain.tld:8082";
		break;
	}

	//MAIN SCRIPT LOGIC
	var proxy_code = 1;  //proxy code 1 = send to proxy server

	// SEND DIRECT ACCESS DOMAINS DIRECT
	for (var i=0; i<direct_access_domains.length; i++) {
		if (dnsDomainIs(host, direct_access_domains[i])) var proxy_code = 2;  //proxy code 2 = send direct
	}

	// SEND DIRECT ACCESS HOSTS DIRECT
	for (var i=0; i<direct_access_hosts.length; i++) {
		if ( host == direct_access_hosts[i] ) var proxy_code = 2;  //proxy code 2 = send direct
	}

	// SEND SHORT NAMES DIRECT
	if (isPlainHostName(host)) var proxy_code = 2;  //proxy_code 2 = send direct

	// SEND DIRECT ACCESS NETS DIRECT
	var isnumeric = parseFloat(host.substring(0, 1));
		if ( isFinite(isnumeric) ) {
			for (var i=0; i<direct_access_nets.length; i++) {
				if (isInNet(host, direct_access_nets[i], direct_access_mask[i])) var proxy_code = 2;  //proxy code 2 = send direct
			}
		}

	// SEND PROXIED DOMAINS TO PROXY
	for (var i=0; i<proxied_domains.length; i++) {
		if ( dnsDomainIs(host, proxied_domains[i])) var proxy_code = 1;  //proxy_code 1 = override -- and use proxy
	}
	
	// SEND PROXIED HOSTS TO PROXY
	for (var i=0; i<proxied_hosts.length; i++) {
		if ( host == proxied_hosts[i] ) var proxy_code = 1;  //proxy_code 1 = override -- and use proxy
	}

	// SEND PROXY1 ONLY HOSTS TO PROXY1
	for (var i=0; i<proxy1_hosts.length; i++) {
		if ( host == proxy1_hosts[i] ) var proxy_code = 3;  //proxy code 3 = send to proxy1
	}

	// SEND PROXY2 ONLY HOSTS TO PROXY2
	for (var i=0; i<proxy2_hosts.length; i++) {
		if ( host == proxy2_hosts[i] ) var proxy_code = 4;  //proxy code 4 = send to proxy2
	}

	// SEND PORT 981 TRAFFIC VIA PROXY1
	if ( (proxy_code !=2)  && (shExpMatch(url, "*:981*"))) { var proxy_code = 3; } // proxy code 3 = send to proxy1

	// SEND PORT 982 TRAFFIC VIA PROXY2
	if ( (proxy_code !=2)  && (shExpMatch(url, "*:982*"))) { var proxy_code = 4; } // proxy code 4 = send to proxy2

	//END MAIN SCRIPT LOGIC

	//RETURN PROXY SPECIFICATION TO BROWSER
	switch (proxy_code){
	case 1:  //send to proxy server
		return "PROXY "+primary+"; PROXY "+secondary+"; PROXY "+tertiary;
		break;
	case 2:  //send direct
		return "DIRECT";
		break;
	case 3:  // send to proxy1
		return "PROXY "+proxy1;
		break;
	case 4:  // send to proxy2
		return "PROXY "+proxy2;
		break;
	default:  //send to proxy server
		return "PROXY "+primary+"; PROXY "+secondary+"; PROXY "+tertiary;
		break;
	}
}
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux