Configuring WPAD under OpenBSD

Posted on August 4, 2011 by spawn

Hello there,

First of all, what is wpad ?

WPAD is acronym to Web Proxy Autodiscovey Protocol, it is reponsible for automatic detecting of proxy under web browsers.

I will assume that you know OpenBSD, know configure a basic DHCP Server, and know configure Apache.

First step:

create a file named “wpad.pac” with this content:

function FindProxyForURL(url, host)
{
if( shExpMatch(url, “!ftp:*”) || isPlainHostName(host) || dnsDomainIs(host, “.example.com”) isInNet(host, “127.0.0.1”, “255.255.255.255”))
{
return “DIRECT”;
} else {
return “PROXY proxy.example.com:3128; DIRECT”;
}
}

Put this file under your DocumentROOT of your Apache

example : /var/www/htdocs/wpad.pac

Understanding the javascript :

  • shExpMatch(str, shellexp) True if str matches the shell expression (not regexp) shellexp. E.g. shExpMatch(“a/b/c”,”*/b/*”) is true
  • isPlainHostName(host) Returns true if host contains no dots (“.”).
  • dnsDomainIs(host, domain) True if domain is in host.
  • isInNet(host, pattern, mask) True if the IP address or hostname in host is in the network specified by pattern and mask.

    • If these conditions are true, so You will access directly without proxy, else you will use proxy.

    Now, the configuration of Apache.

    Virtual Host Configuration:

    ServerAdmin postmaster@example.com
    DocumentRoot /var/www/htdocs
    Servername www.example.com
    ErrorLog logs/default_error
    CustomLog logs/default_access common
    AddType application/x-ns-proxy-autoconfig .pac

    Reload your apache doing:

    # apachectl restart

    Now it’s time to configure DHCP

    Put this into your dhcpd.conf

    option autoproxy-script “http://www.example.com/wpad.pac”;

    Kill you dhcp server:

    # pkill dhcpd && sleep 3 && dhcpd

    Ok, All configuration are done 🙂

    Internet Browsers, must have AutoDetection Proxy option enabled:

    Internet explorer -> Internet Options/Conections TAB/Lan Settings : “Automatically detect settings” check box. must be checked

    Troubleshoting:

    Internet Explorer -> Internet Options/Advanced TAB/Reset
    Mozilla Firefox -> Set manually address of pac file, in case of us, http://www.example.com/wpad.pac
    Google Chrome: Same of Firefox

    On Microsoft OS, Skype, Messenger etc will catch configuration very fine 🙂

    Now block at your firewall the rule to port { www https }

    References:
    http://www.wlug.org.nz/WPAD
    http://www.sxlist.com/techref/app/inet/wpad_dat.htm
    http://wiki.squid-cache.org/Technology/WPAD
    http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol
    http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/web-browser-auto-proxy-configuration.html

    Until next time 🙂

    Like it? Comment

    This entry was posted in Network, OpenBSD and tagged , , , . Bookmark the permalink.