Forum Discussion
Kevin,
Right now, I have the i-rule as below.
when RULE_INIT { set pacfile { function FindProxyForURL(url, host) {
if (isPlainHostName(host))
return "DIRECT";
// If IP of the requested host falls within any of the below address ranges specified, send direct.
if (isInNet(dnsResolve(host), "10.206.192.0", "255.255.224.0") ||
isInNet(dnsResolve(host), "10.206.240.0", "255.255.248.0") ||
isInNet(dnsResolve(host), "10.206.248.0", "255.255.252.0") ||
isInNet(dnsResolve(host), "10.206.252.0", "255.255.252.0"))
return "DIRECT";
return "PROXY proxy.company.com:8080";
}
} } when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/proxy.pac" { HTTP::respond 200 content $::pacfile "Content-Type" "application/x-ns-proxy-autoconfig" "pragma" "no-cache" } } }
My requirement is how can I dynamically add address ranges to pass to the PAC function isInNet(dnsResolve(host) using data-groups ?
Using your idea, can I do something like below ?
1> Create a string data-group as 'noproxy-address-space' and add the address ranges.
2> Modify the i-rule as below -
when RULE_INIT { set y "" foreach x [class get noproxy-address-space] { append y [lindex $x 0] } set pacfile { function FindProxyForURL(url, host) {
if (isPlainHostName(host))
return "DIRECT";
// If IP of the requested host falls within any of the below address ranges specified in the data-group, send direct.
if (isInNet(dnsResolve(host), foreach y)
return "DIRECT";
return "PROXY proxy.company.com:8080";
}
} } when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/proxy.pac" { HTTP::respond 200 content $::pacfile "Content-Type" "application/x-ns-proxy-autoconfig" "pragma" "no-cache" } } }
My goal is to give liberty for admins to add new address ranges to the data-group, without bothering them to make changes to the i-rule.
Appreciate your reply.
Regards, Shridhar