Skip to content

robbiemcmichael/paxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
.circleci
.circleci
 
 
internal
internal
 
 
pkg/proxy
pkg/proxy
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

paxy

paxy is an HTTP proxy with support for PAC files.

The main use case is to expose a single HTTP proxy which follows a set of rules to select different proxies depending on the hostname of the connection.

Installation

Binaries are available from the releases page.

Alternatively, you can build and install paxy with the following command:

go get -u -v github.com/robbiemcmichael/paxy

Usage

paxy path/to/proxy.pac

Then configure your software to use the proxy. For example:

export http_proxy=https://127.0.0.1:8228
export https_proxy=https://127.0.0.1:8228
curl https://github.com

Options

Usage: paxy [options] pac_file
  -p int
    	The port on which the server listens (default 8228)

Examples

Pairing paxy with cntlm

Some corporate networks require users to access the internet through an HTTP proxy that uses the NTLM protocol for authentication. cntlm handles NTLM authentication and allows an unauthenticated HTTP proxy to be exposed on localhost. However, if your network has complicated rules then they will be difficult to express in the configuration file for cntlm.

Instead you can express your proxy rules in a PAC file and forward HTTP connections that need to go through the corporate proxy to cntlm instead.

function FindProxyForURL(url, host) {
  if (shExpMatch(host, "*.internal.example.com")) {
    return "DIRECT";
  }

  return "HTTP 127.0.0.1:3128";
}

SSH dynamic port forwarding

SSH dynamic port forwarding exposes a SOCKS proxy that allows you to tunnel traffic through another host via SSH.

For example, if a section of your network has the domain name suffix .private.example.com which is only accessible via the host remote-host, you can create the dynamic port forward with:

ssh -D 8229 remote-host

Then use the following PAC file:

function FindProxyForURL(url, host) {
  if (shExpMatch(host, "*.private.example.com")) {
    return "SOCKS5 127.0.0.1:8229";
  }

  return "DIRECT";
}

This will route all HTTP connections to *.private.example.com via remote-host while all other HTTP connections are made from your host directly.

Working with other PAC proxies

As a special case, paxy will serve its own PAC file when a HTTP GET request is made to the /pac URL. This is useful to use as a PAC file source for other PAC-using proxies on the same system, e.g. your system proxy settings.

About

An HTTP proxy with support for PAC files

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

6 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases 1

v0.1.0 Latest
Oct 22, 2021

Packages

No packages published

Contributors 2

  •  
  •  

Languages