Feb 072018
 

Since the last time I looked up how to configure the Web Proxy, apparently somebody came up with WPAD – the Web Proxy Auto-Discovery Protocol (Or maybe I simply missed it).

The idea is quite neat: In the dhcp server, add an entry where the browser can request an url which in turn returns the information for Proxy configuration. Alternatively, instead of the dhcp server, the name server can have entries for wpad.company.com or wpad.department.company.com which are then used to request the configuration.

I decided I’d go with the dhcp entry (bust just in case I also added a wpad entry to bind). So, what exactly needs to be done?

1. Add an option local-pac-server with number 252 and type text to the dchp configuration and set its value to the download url of a wpad.dat file. This can be done for the isc-dchp-server with an entry like this to the /etc/dhcp/dhcpd.conf file:

option local-pac-server code 252 = text;
option local-pac-server "http://someserver.excample.com/wpad.dat";

2. Set up a web server on that computer that serves the file. I didn’t want to install a full blown Apache for this, so I went with mini_httpd. I simply installed the Ubuntu package for it and made two changes to the configuration file /etc/mini-httpd.conf:

# was:
# host=localhost
host=[the IP adress]
# was
# data_dir=/var/www/http
data_dir=/var/www

3. Create a wpad.dat file in the root of the data_dir like this:

function FindProxyForURL(url, host) {
return "PROXY proxy.example.com:8080; DIRECT";
}

4. Wonder WhyTF this was so complicated:

  1. Why not simply configure the string “PROXY proxy.example.com:8080; DIRECT” in the dhcp server?
  2. Why return a text file with a JavaScript function rather than a text file with just the string that JavaScript function returns?

This worked fine even for the Avira Antivirus updater.

Feb 072018
 

In olden times, we would add entries for name resolution to /etc/resolv.conf and be done with it. Nowadays, with these newfangled scripts that change the configuration all the time, this file simply gets overwritten by a tool/library called resolvconf, so if we want to add something permanently to it, we must do it somewhere else.

Fortunately it’s quite easy, once you know where:
resolfconf uses the directory /etc/resolvconf/resolv.conf.d as the base for its entries. It usually contains three files:

  • head
  • base
  • tail

(And sometimes a file called original which contains the original contents of /etc/resolv.conf before resolvconf was installed. This file is ignored.)

To add something permanently, just edit the file “head” and be done with it.

But wait, there is more:
Most likely you don’t want to add the information to “head” but rather add it to the iface entries in the /etc/network/interfaces file. It allows you to add one or more name servers like this:

iface eth0 inet static
  address 192.168.1.3
  netmask 255.255.255.0
  gateway 192.168.1.1
  dns-nameserver 192.168.1.254
  dns-nameserver 8.8.8.8
  dns-search foo.org bar.com
%d bloggers like this: