Proxy pacfile hosting without need for Webservers for v9, v10 and v11

Problem this snippet solves:

The following is an iRule that allows the F5 to serve a proxy pac file to a client without the need of hosting it on a web server or the proxy itself.

Simply create the iRule and associate it to a virtual address running a specific port that has no pools.

Definition

What the heck is a pacfile? Well it's a javascript file that defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL. So you might have specific sites that go through a proxy and some sites that do not. The pac file can do this for you.

To read up more about it you can go to the following links: http://en.wikipedia.org/wiki/Proxy_auto-config http://www.craigjconsulting.com/proxypac.html

Now back to the configuration...

How to use this snippet:

Example

VIP: 192.168.1.20: 80 TCP
Domain: Proxypacfile.intranet.com --> 192.168.1.20

Just set your browser up to use the automatic configuration script:

http://proxypacfile.intranet.com/proxy.pac

You can also set to other ports

Example:

VIP: 192.168.1.21: 9090 TCP
Domain: Proxypacfile2.intranet.com --> 192.168.1.21

Just set your browser up to use the automatic configuration script:

http://proxypacfile2.intranet.com:9090/proxy.pac

Code :

when RULE_INIT {
   set pacfile {
     function FindProxyForURL(url, host) {

         if (isPlainHostName(host))
         return "DIRECT";

         if (shExpMatch(url, "http://10.*")||
         shExpMatch(url, "https://10.*")||
         shExpMatch(url, "ftp://10.*")||
         shExpMatch(url, "http://localhost*")||
         shExpMatch(url, "https://localhost*")||
         shExpMatch(url, "http://127.0.0.1*")||
         shExpMatch(url, "https://127.0.0.1*")||
         shExpMatch(url, "http://172.*")||
         shExpMatch(url, "https://172.*")||
         shExpMatch(url, "ftp://172.*"))
         return "DIRECT";

      if (dnsDomainIs(host, ".extranet.com")||
         dnsDomainIs(host, ".extranet2.com"))
         return "Proxy yourproxy.domain.com:8080";
         
         if (dnsDomainIs(host, ".intrant.com")||
         dnsDomainIs(host, ".intranet2.com"))
         return "DIRECT";
        
      return "PROXY yourproxy.domain.com:8080";
      }
   }
}

when HTTP_REQUEST {
  switch -glob [string tolower [HTTP::uri]] {
   "/proxy.pac" {
      HTTP::respond 200 content $::pacfile "Content-Type" "application/x-ns-proxy-autoconfig" "pragma" "no-cache"
   }
 }
}
Published Mar 18, 2015
Version 1.0
devops
iRules
No CommentsBe the first to comment