Proxy Issue wpad?

killmasta93 · Feb 8, 2019, 8:15 PM

Hi,
I was wondering if someone else has had the issue with WPAD not autodetecting? whats odd if i put on chrome http://192.168.3.254/wpad.dat it downloads the config so im guessing it detects it. Also if i put it http://wpad.mydomain.local/wpad.dat it also downloads. But i navegate and wont block the https sites. this is my config on the wpad

function FindProxyForURL(url, host) {
//proxy  wpad.mydomain.com:3128 == 192.168.3.254:3128;
var wpad = "PROXY wpad.mydomain.com:3128";
host = host.toLowerCase();
var hostIP = dnsResolve(host);
if (hostIP == 0) return wpad; 
if (isPlainHostName(host)) return "DIRECT";
if (shExpMatch(host, ".local")) return "DIRECT";
//mi dominio casa.local;
if (shExpMatch(host, ".mydomain.com)) return "DIRECT";
//redes privadas;
// If the hostname matches, send direct.
if (dnsDomainIs(host, "api.mydomain.com") || dnsDomainIs(host, "api.mydomain.com"))
        return "DIRECT";
// If the hostname matches, send direct.
if (dnsDomainIs(host, "webservices.mydomain.com) || dnsDomainIs(host, "webservices.mydomain.com"))
        return "DIRECT";
// If the hostname matches, send direct.
if (dnsDomainIs(host, "co.mydomain.com") || dnsDomainIs(host, "co.mydomain.com"))
        return "DIRECT";
// If the hostname matches, send direct.
if (dnsDomainIs(host, "mydomain.com") || dnsDomainIs(host, "www.mydomain.com"))
        return "DIRECT";
if (isInNet(dnsResolve(host), "127.0.0.0", "255.0.0.0")) return "DIRECT";
if (isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0")) return "DIRECT";
if (isInNet(dnsResolve(host), "10.0.0.0", "255.255.0.0")) return "DIRECT";
if (isInNet(dnsResolve(host), "10.0.0.0", "255.255.255.0")) return "DIRECT";
//end mi red privada;
if (isInNet(dnsResolve(host), "192.168.0.0", "255.255.0.0")) return "DIRECT";
if (isInNet(dnsResolve(host), "192.168.0.0", "255.255.255.0")) return "DIRECT";
if (isInNet(dnsResolve(host), "172.16.0.0", "255.240.0.0")) return "DIRECT";
if (shExpMatch(host, "fe80::*")) return "DIRECT";
if (shExpMatch(url, "http:*")) return wpad;
if (shExpMatch(url, "https:*")) return wpad;
return wpad;
}

KOM · Feb 8, 2019, 8:48 PM

WPAD has nothing to do with blocking sites. It simply allows clients to find the proxy on their own. How the proxy behaves is a different thing altogether. Your wpad.dat seems overly complicated. Here is mine:

function FindProxyForURL(url,host)
{
// If the requested website is hosted within the internal network, send direct.
    if (isPlainHostName(host) ||
        shExpMatch(host, "*.local") ||
        isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0") ||
        isInNet(dnsResolve(host), "172.16.0.0",  "255.240.0.0") ||
        isInNet(dnsResolve(host), "192.168.0.0",  "255.255.0.0") ||
        isInNet(dnsResolve(host), "127.0.0.0", "255.255.255.0"))
        return "DIRECT";
// Else use the proxy
    return "PROXY 10.10.4.1:3128";
}

killmasta93 · Feb 9, 2019, 12:35 AM

Thanks for the reply, yours worked perfectly, just one issue if i have web services and want to go direct how would it be done?

KOM · Feb 11, 2019, 2:12 PM

@killmasta93 What do you mean, "if i have web services"? My wpad.dat file goes direct for all local traffic.

vallum · Feb 11, 2019, 3:27 PM

@killmasta93 said in Proxy Issue wpad?:

Thanks for the reply, yours worked perfectly, just one issue if i have web services and want to go direct how would it be done?

You Can add exception for FQDN, Domain wildcards or IP address in wpad file itself.
below is the syntax for IP address you can find for others as well from google:-

############
if (isInNet(dnsResolve(host), "IP_Address1", "255.0.0.0") ||
isInNet(dnsResolve(host), "IP_Address2", "255.255.255.0"))
return "DIRECT";
############
http://findproxyforurl.com/pac-functions/

killmasta93 · Feb 12, 2019, 1:43 AM

@KOM i figured it was an issue with the WPAD quotes which was not pasting correctly on my machine
What has always happened to me is that if i have a webservice mydomain.com running https wpad wont go direct so i have to add it

// If the hostname matches, send direct.
if (dnsDomainIs(host, "webservices.mydomain.com) || dnsDomainIs(host, "webservices.mydomain.com"))
        return "DIRECT";

killmasta93 · Feb 12, 2019, 2:04 PM

quick question, how can WPAD be implemented for the VLANS? Any particular specification? or configuration? The LAN is working but would also want WPAD to capture VLANS, already have squid using the VLAN interface

KOM · Feb 12, 2019, 2:17 PM

WPAD doesn't care about VLANs. All that is required for WPAD to work is that either clients get served a DHCP 252, or they can resolve wpad.your.domain, and then fetch wpad.dat, wpad.da or proxy.pac from the returned IP address.

https://en.wikipedia.org/wiki/Web_Proxy_Auto-Discovery_Protocol

https://findproxyforurl.com/deploying-wpad/

killmasta93 · Feb 12, 2019, 6:25 PM

thanks for the reply, i currently have DHCP 252 which gets severed on my LAN i guess i have to do the same for the VLANS, going to try it out and post back

killmasta93 · Feb 13, 2019, 12:14 AM

correct i added the DHCP 252 on the VLANS and worked flawless the WPAD, Thanks again

KOM · Feb 14, 2019, 3:18 PM

Glad its working for you now.