Proxy pacfile hosting without need for Webservers using iFiles on v11
Problem this snippet solves:
The following is an iRule that allows the F5 to serve a proxy pac file to a client without the need of hosting it on a web server or the proxy itself.
Simply create the iRule and associate it to a virtual address running a specific port that has no pools.
Definition
What the heck is a pacfile? Well it's a javascript file that defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL. So you might have specific sites that go through a proxy and some sites that do not. The pac file can do this for you.
To read up more about it you can go to the following links: http://en.wikipedia.org/wiki/Proxy_auto-config http://www.craigjconsulting.com/proxypac.html
Now back to the configuration...
How to use this snippet:
Example
VIP: 192.168.1.20: 80 TCP Domain: Proxypacfile.intranet.com --> 192.168.1.20
Just set your browser up to use the automatic configuration script:
http://proxypacfile.intranet.com/proxy.pac
You can also set to other ports
Example:
VIP: 192.168.1.21: 9090 TCP Domain: Proxypacfile2.intranet.com --> 192.168.1.21
Just set your browser up to use the automatic configuration script:
[http://proxypacfile2.intranet.com:9090/proxy.pac] (http://proxypacfile2.intranet.com:9090/proxy.pac)
iFile Configuration:
1) Create a pacfile for example called "proxy.pac". Contained in the file could be the following logic
function FindProxyForURL(url, host) { if (isPlainHostName(host)) return "DIRECT"; if (shExpMatch(url, "http://10.*")|| shExpMatch(url, "https://10.*")|| shExpMatch(url, "ftp://10.*")|| shExpMatch(url, "http://localhost*")|| shExpMatch(url, "https://localhost*")|| shExpMatch(url, "http://127.0.0.1*")|| shExpMatch(url, "https://127.0.0.1*")|| shExpMatch(url, "http://172.*")|| shExpMatch(url, "https://172.*")|| shExpMatch(url, "ftp://172.*")) return "DIRECT"; if (dnsDomainIs(host, ".extranet.com")|| dnsDomainIs(host, ".extranet2.com")) return "Proxy yourproxy.domain.com:8080"; if (dnsDomainIs(host, ".intrant.com")|| dnsDomainIs(host, ".intranet2.com")) return "DIRECT"; return "PROXY yourproxy.domain.com:8080"; } }
2) Now you are ready to upload the files. This is done in System > File Management--> iFile List --> Import
NOTE: Keep in mind iFiles maximum size is 4M
3) Now create a reference of the ifile. This is done by going to Local Traffic->iRules->iFile List. Fill in the information using the same name as the file itself to make this easy.
4) Now all you need is to create the irule itself
Code :
when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/proxy.pac" { # Retrieve the file contents, send it in a HTTP 200 response HTTP::respond 200 content [ifile get proxy.pac] "Content-Type" "application/x-ns-proxy-autoconfig" "pragma" "no-cache" } default { ## requested something else HTTP::respond 404 content "Oops! You've asked for something we don't have." } } }