Topic: How to distribute wpad.dat

The content of this topic has been archived on 6 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Page 1 of 1

Post #1

halmsich

8 Feb 2016, 18:39

Hi,

my internet provider gave me a wpad.dat to use a intranet proxy. I need to add it to my routing and I guess /etc/dnsmasq.conf is the correct file but I tried and added:

dhcp-option=252,http://www.xxxxx.com:80/wpad.dat

and I didn't work.

I tried to google and it didn't really help me.

I would really appreciate some help.

Thanks

System
Hostname OpenWrt
Model TP-Link TL-WR941N/ND v2
Firmware Version OpenWrt Chaos Calmer 15.05 / LuCI (git-15.248.30277-3836b45)
Kernel Version 3.18.20

Post #2

Nilfred

8 Feb 2016, 21:49

https://en.wikipedia.org/wiki/Proxy_aut … e_PAC_File

Post #3

golialive

8 Feb 2016, 23:15

Hey there.

There are hundrets of browsers out there, having an individual understanding of how to treat PAC, if at all. You might, for example, have no luck trying to make this work with smartphone browsers.

To my knowledge, the very best way (read: The way to work on the majority of browsers) would be to set up wpad.
https://en.wikipedia.org/wiki/Web_Proxy … y_Protocol

In short: Setup a host called "wpad" inside your network, make sure it can be resolved by DNS and make it deliver the file under the name of "wpad.dat".

Regards,
Stephan.

Post #4

dartraiden

19 Feb 2017, 18:55

1) Firefox and MacOS doesn't support dhcp-option=252. See http://findproxyforurl.com/browser-support/

2) Try to use DNS instead as golialive mentioned. You need a web server to host the wpad.dat script. The wpad script needs to be located in the document root of the web server. The web server must be configured for .dat files with a MIME type of "application/x-ns-proxy-autoconfig". See http://findproxyforurl.com/deploying-wpad/. You can use uhttpd, it's already contains MIME types for pac and wpad.dat

Add to /etc/config/dhcp:

config 'domain'
option 'name' 'wpad'
option 'ip' 'webserver IP address'

Make sure the client can access this file using the url http://wpad/wpad.dat

See also https://auth0.com/blog/heads-up-https-i … sing-wpad/ and https://nakedsecurity.sophos.com/2016/0 … erability/ about wpad attacks. It is better not to use web proxy auto discovery and manually specify the path to wpad.dat in network settings and browser settings.

(Last edited by dartraiden on 19 Feb 2017, 19:32)

The discussion might have continued from here.

Page 1 of 1