Kevin,
Right now, I have the i-rule as below.
when RULE_INIT {
set pacfile {
function FindProxyForURL(url, host) {
if (isPlainHostName(host))
return "DIRECT";
// If IP of the requested host falls within any of the below address ranges specified, send direct.
if (isInNet(dnsResolve(host), "10.206.192.0", "255.255.224.0") ||
isInNet(dnsResolve(host), "10.206.240.0", "255.255.248.0") ||
isInNet(dnsResolve(host), "10.206.248.0", "255.255.252.0") ||
isInNet(dnsResolve(host), "10.206.252.0", "255.255.252.0"))
return "DIRECT";
return "PROXY proxy.company.com:8080";
}
}
}
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"/proxy.pac" {
HTTP::respond 200 content $::pacfile "Content-Type" "application/x-ns-proxy-autoconfig" "pragma" "no-cache"
}
}
}
My requirement is how can I dynamically add address ranges to pass to the PAC function isInNet(dnsResolve(host) using data-groups ?
Using your idea, can I do something like below ?
1> Create a string data-group as 'noproxy-address-space' and add the address ranges.
2> Modify the i-rule as below -
when RULE_INIT {
set y ""
foreach x [class get noproxy-address-space] {
append y [lindex $x 0]
}
set pacfile {
function FindProxyForURL(url, host) {
if (isPlainHostName(host))
return "DIRECT";
// If IP of the requested host falls within any of the below address ranges specified in the data-group, send direct.
if (isInNet(dnsResolve(host), foreach y)
return "DIRECT";
return "PROXY proxy.company.com:8080";
}
}
}
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"/proxy.pac" {
HTTP::respond 200 content $::pacfile "Content-Type" "application/x-ns-proxy-autoconfig" "pragma" "no-cache"
}
}
}
My goal is to give liberty for admins to add new address ranges to the data-group, without bothering them to make changes to the i-rule.
Appreciate your reply.
Regards,
Shridhar