Yo cree un servidor virtual en Apache /var/www/proxy/
Cree 3 archivos, wpad.dat wpad.da proxy.pac todos en /var/www/proxy/
function FindProxyForURL(url, host)
{
if (isInNet(host, "192.168.0.0", "255.255.255.0")) {
return "DIRECT";
} else {
if (shExpMatch(url, "http:*"))
return "PROXY proxy.example.org:3128" ;
if (shExpMatch(url, "https:*"))
return "PROXY proxy.example.org:3128" ;
if (shExpMatch(url, "ftp:*"))
return "PROXY proxy.example.org:3128" ;
return "DIRECT";
}
}
nano /etc/apache2/sites-available/proxy.example.org
#
# VirtualHost: proxy.example.com
# Publica archivos proxy.pac y wpad.dat
#
<VirtualHost *:80>
ServerAdmin proxy@example.com
ServerName proxy.example.com
ServerAlias proxy 192.168.1.254 wpad wpad.example.com
DocumentRoot /var/www/proxy
<Directory /var/www/proxy/>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
a2ensite proxy.example.com
apache2ctl -t -D DUMP_VHOSTS
a2enmod mime
vim /etc/apache2/mods-available/mime.conf
Agregue los tipos MIME antes del cierre de la definición del modulo:
# Proxy PAC y WPAD
AddType application/x-ns-proxy-autoconfig .dat
AddType application/x-ns-proxy-autoconfig .pac
sudo nano /usr/share/zentyal/stubs/dhcp/dhcpd.conf.mas
option wpad code 252 = text;
option wpad "http://192.168.1.254/wpad.dat\n";
A pesar que lo tengo transparente funciona, yo lo utilizo para las https. agregue de manera manual
/usr/share/zentyal/stubs/squid/squid-external.conf.mas
acl accountant src 192.168.1.211
acl fb dstdomain .facebook.com
acl fb dstdomain .yourube.com
acl officetime time MTWHFA 10:00-17:00
http_reply_access deny fb accountant officetime
http_access deny CONNECT fb accountant officetime
acl stop_https_sites dstdomain .facebook.com
acl stop_https_sites dstdomain .youtube.com
acl stop_https_sites dstdomain .googlevideo.com
acl stop_https_sites dstdomain .video.msn.com
acl stop_https_sites dstdomain .catalog.video.msn.com
#acl stop_https_sites url_regex -i "/etc/squid3/adslist.txt"
#http_access deny stop_https_sites
http_access deny CONNECT stop_https_sites accountant officetime
deny_info http://proxy.example.com/psb.html stop_https_sites
acl ipblock src "/etc/squid3/ipcblock.txt"
http_access deny CONNECT stop_https_sites ipblock officetime
acl adsites url_regex -i "/etc/squid3/adslist.txt"
http_access deny adsites ipblock
Luego en la configuracion de zentyal
Dominios ❱ example.com
Dirección IP 192.168.1.254
Dominios ❱example.com ❱ proxy
Agregue en ALIAS
proxy.example.com
proxy.example.com
Y solo resta reiniciar los modulos de squid y dhcp