DEV Community

Mehdi Pourfar
Mehdi Pourfar

Posted on

7

Easily use multiple proxies with PAC rules

I use proxies to view the contents of the websites that are blocked either for censorship reasons or by sanctions.

But using proxies all the time makes working with websites that are not blocked a little bit slower. There are also some internal websites (like for example.. bank websites) which cannot be opened with any proxy. And also for my own job, I need an ssh tunnel connection to open internal urls.

It can be really tiresome to switch between these proxies manually. After some research, I found a solution for this kind of situations: Setting up a PAC (Proxy auto-config) file.

PAC is a javascript file consisting of a function named FindProxyForUrl with .pac extension

function FindProxyForURL(url, host) {
    if (host === 'a.com') {
        return 'DIRECT';
    } else if {host === 'b.com') {
        return 'SOCKS5 127.0.0.1:1081';
    }
    return 'SOCKS5 127.0.0.1:1080';
};

When you configure your proxy setting to use a PAC file, each time you open an address, your browser checks the url with this function to find out which proxy to use. But writing a function like this and changing it frequently can be complex and error prone.

So I decided to create a command line tool named PacGen to create this file. Here I want to show you how to work with it.

First we install it using pip:

pip install pacgen

Then we define our rules in .yml format in a file at ~/.pacgen.yml. This file consists of four segements:

  • proxies which defines our proxy servers with a name assigned to each of them.
  • routes which is a list of predefined routes for some specific hosts.
  • excludes which is list of the hosts that we want to browse without any proxy.
  • default_proxy which is the name of the default proxy for the hosts that are neither in routes nor in excludes.

Here is an example of ~/.pacgen.yml file.

proxies:
  ssh_tunnel: socks5://127.0.0.1:1081
  shadowsocks: socks5://127.0.0.1:1080
  httpproxy: http://127.0.0.1:1082
routes:
  172.19.20.10: ssh_tunnel
  youtube.com: shadowsocks
  viemo.com: shadowsocks
  news.com: httpproxy
  analytics.google.com: shadowsocks
default_proxy: shadowsocks
excludes:
  - bank.com
  - google.com

After you defined your rules and saved the file, you should run the command below in your terminal.

updatepac

Then it will create your PAC file in this path: ~/.proxy.pac.

Now that we have created our pac files, it's time to serve it with a webserver. The most straightforward way to do it is using nginx:

sudo apt install nginx
sudo cp ~/.proxy.pac /var/www/html/proxy.pac

Your file will be served at http://localhost/proxy.pac.
Now go to your system proxy setting and choose automatic proxy option and copy the address above into Configuration URL field. That's all.

Image of Docusign

Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

Top comments (1)

Collapse
 
mfat profile image
Mehdi mFat

Wonderful Mehdi jan, thanks a million!

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay