Mac Proxy Automation
From BNL Physics Computing
The following perl script will determine the IP address of your Mac and make a link between the appropriate pac file (the three files whose conents are available on the previous page) and the generic wpad.pac file that your browser or application should be configured to use.
You will need to customize the script by setting the path to the four pac files in the $WPAD... variables. A chdir is executed just before linking to the appropriate file, so the paths in the variable needs to be relative to that location or absolute.
#! /usr/bin/perl -w
#
# Script to check IP address and, based on that, set the active
# proxy file used by Firefox or other applications
#
# Three cases;
#
# inside Lab - wpad_inside.pac
# on Corus - wpad_corus.pac
# outside Lab - wpad_outside.pac
#
# Assume that most applications will read the file at startup.
# If the application is running when the script is run, you will
# need to refresh or reload the pac file in the application
#
use strict;
my $WPAD_Onsite = 'wpad_inside.pac';
my $WPAD_Offsite = 'wpad_outside.pac';
my $WPAD_Corus = 'wpad_corus.pac';
my $WPAD = 'wpad.pac';
my $WPAD_Active;
my $IFCONFIG = '/sbin/ifconfig';
my $GREP = '/usr/bin/grep';
my $CUT = '/usr/bin/cut';
my $ip;
#------------------------------------------------------------#
# here are at least two ways of getting the IP address on a Mac
#
# ifconfig -u | grep "inet " | grep -v 127 | cut -d " " -f 2
#
# or
#
# networksetup -getinfo AirPort 2>&1 | grep "^IP address" | cut -d ":" -f 2
# networksetup -getinfo Ethernet 2>&1 | grep "^IP address" | cut -d ":" -f 2
#
# Since the networksetup method requires two calls, one for each
# type of interface, use the first. There can be a problem when
# both the wireless and the wire are active.
$ip = `$IFCONFIG -u | $GREP "inet " | $GREP -v 127 | $CUT -d " " -f 2`;
chomp $ip;
# Known Corus subnets are 130.199.152, 153, and 155, there may be others
# at the moment do one check for 130.19.15 - if this overlaps with an internal
# subnet you might use, then you will have to make a more specific test
if ($ip =~ /130\.199\.15/)
{
$WPAD_Active = $WPAD_Corus;
}
elsif ($ip =~ /130\.199\./)
{
$WPAD_Active = $WPAD_Onsite;
}
else
{
$WPAD_Active = $WPAD_Offsite;
}
# go to the home directory - assuming that is where the .pac files are
chdir;
# Check if current file linked to $WPAD is the one we want. If so, exit,
# else set the link
if (readlink($WPAD) eq $WPAD_Active)
{
# OK, just exit
}
else
{
# change it
unlink $WPAD;
symlink $WPAD_Active, $WPAD;
}
exit;
Using the Script
Once you have installed the three pac files and the above script with your customization, all you have to do is run the script and you will be ready to use your browser from any location.
After the script is run, starting your browser will pick up the correct pac file and you are ready to access the Web. If your browser was already running before the script was run, you need to have it reload the pac file. If you use Firefox, you can use an add-on such as FoxyProxy to get access to the proxy configuration using the mouse. For any browser, you can always go into the preferences GUI and refresh the pac file there.
You will have to initiate your tunnel to the internal BNL HTTP proxy for *.bnl.gov addresses to work. You only have to start the tunnel if you are outside the Lab or on Corus, but it will not hurt to start the tunnel if you are inside the Lab (it will just not get used)
Full Automation
If you do not want to run the script by hand each time you change location, you can run the script out of cron or use launchd. You can also set FoxyProxy to periodically reload the pac file. Using these method, your proxy setup will be correct after some delay due to the frequency of the cron job and the proxy file refresh.
The SSH Tunnel Manager program attempts to reestablish the tunnel connection when it detects it is down, but it does not always appear to be successful at reestablishing it. It is always simple to toggle the tunnel off and back on, especially if you use an SSH agent.
