Auto-use proxy based on IP address received from DHCP server
Edit by Administrator: This feature is now part of FoxyProxy Plus
Hi,
As silly as this may sound, I have people who refuse to use FoxyProxy because they cannot take the 1 second it takes to right-click on the foxyproxy task bar and select the proxy or disable it (or press the middle middle on the taskbar icon).
Such users, hmm, how can I put it as nicely as possible, drive me insane.
These users have notebooks that they take to work and then take home, and they don't want to be switching proxy on or off each time they turn on their machine whether it be at work or at home.
But it does bring up a good point. Why not have FoxyProxy support auto-proxy selection based on the IP address is receives from the DHCP server?
So if the user comes into work, they pickup (say) a 10.x.x.x address (and Foxyproxy select the 10.x.x.x proxy based on the IP the notebook has) and then when they go home, they get a 192.168.23.x address, so Foxyproxy can then auto-select "disable proxy" when they are at home.
Michael.
Hi Michael, This has been
Hi Michael,
This has been requested before and is an excellent idea. I recently did the research on how to get the system IP addresses from Firefox. One caveat: *all* IP addresses are returned. That means if one of your users has two internet connection simultaneously (e.g., VPN connection and their home connection), FoxyProxy will find two addresses. What to do in that situation?
Second question:
I realize you are asking for the ability to switch proxies based on IP address. Are you also asking to *disable* FoxyProxy based on IP address?
Thanks,
Eric
Thanks for replying
Thanks for replying back.
For the first question, maybe just make that feature unavailable for those users with two connections, for users without multiple connections, make the feature available. In my experience although I realise there will be users with multiple connections, none of my clients would need that.
For the second question, yes I'm asking to disable Foxyproxy based on IP address. Because when users go home it's extremely rare they have caching proxies of any type at home.
Thanks.
Michael.
I second this idea. If you
I second this idea. If you could tie a proxy setting to an IP or a range of IPs through a mask of some kind, then you'd be able to set up a configured enabling of proxies. If multiple IPs are found either on a single proxy setting or on multiple settings, you could resolve this by setting priorities (or defaults) both within the proxy and at the proxy group layer.
Great product by the way, I wonder how many people use it primarily as a quick proxy change tool, I know I do....
Hi Michael, you could
Hi Michael,
you could resolve this by setting priorities (or defaults) both within the proxy and at the proxy group layer.
I thought I understood what you meant until the "proxy group layer" part. Can you elaborate?
Great product by the way, I wonder how many people use it primarily as a quick proxy change tool, I know I do....
Thank you. The best way to thank me, though, is to leave a positive review here.
Regards,
Eric
quoted: you could resolve
quoted:
you could resolve this by setting priorities (or defaults) both within the proxy and at the proxy group layer.
I thought I understood what you meant until the "proxy group layer" part. Can you elaborate?
Sure,
If you allow more than one IP to be 'assigned' to a given proxy selection, then you'd need 2 layers of priorities.
1) Intraproxy (within the proxy selection) resolves which IP to use first in case both IPs are assigned to the machine. I'm not sure if this is handled by your whitelisting/blacklisting model (this is more routing (route print) functionality, rather than proxy settings), so maybe its not applicable for your add-on.
2) Interproxy (between proxy selections) this one a default or priority scheme would make sense, if more than one proxy selection is a match, then you can resolve the contention.
Mike
Just to be clear, FoxyProxy
Just to be clear, FoxyProxy wouldn't select which IP address to use. It selects which *proxy* to use based on current IP or IP addresses. FoxyProxy and Firefox have no way of knowing which local IP address is actually used to load URLs. So I don't think your "intraproxy" example is accurate. Correct me if I'm wrong.
Concerning #2, wouldn't the current ordering (with Move Up/Down) buttons handle this? If more than one proxy matches the current IP or IPs, *and* they have conflicting patterns, then the ordering (top to bottom) would be used to select which proxy to use.
Looking forward to see this
Looking forward to see this feature. I'm also starting to be annoyed when I have to switch it manually every day when I move between office and home.
Here is how I imagine that:
For every proxy I have configured, there will be one more option, like: "associate with IP address *".
* this proxy will be automatically used, when configured IP address is found as address configured for one of your network interfaces and you have 'auto select proxy mode' turned on
** auto select mode will handle proxies in order in which they appear in 'FoxyProxy Options' list and will try to match all IPs from network interfaces to IP configured for specific proxy
New option in General settings: 'auto select proxy based on IP address found among network interfaces'
Nice approach, but it
Nice approach, but it doesn't account for patterns, does it?
What's wrong with:
For every proxy I have configured, there will be one more option, like: "associate with IP address *".
* this proxy will be automatically used, when configured IP address is found as address configured for one of your network interfaces
* patterns and priorities are obeyed as normal
Mode must be set to "Use proxies based on their pre-defined patterns and priorities"
Hmm, so will this allow to
Hmm, so will this allow to create rule: "If my IP address is 192.168.0.1 AND my pattern matches "google.com" then use this proxy, otherwise don't use it"?
What about this:
For every proxy I have configured, there will be one more option, like: "associate with IP address *"
* priorities are obeyed as normal
* if proxy is configured for specific IP address, this IP address must match one of your interfaces before any patterns are considered
I'm thinking about something that would allow me to combine my IP and patterns, not just if "IP match" then "use this proxy and forget about patterns".
I'm thinking about something
"I'm thinking about something that would allow me to combine my IP and patterns, not just if "IP match" then "use this proxy and forget about patterns".
Precisely. I like the approach you detail here much more. The idea I came up with was more complicated than yours. Mine is this:
* A set of patterns and priorities can optionally be associated with one or more wildcarded IP addresses. Example:
When localIP address is in the range 10.0.0.* or 172.16.1.*, use proxy ABC for http://google.com/* and proxy XYZ for http://yahoo.com/*
When localIP address is in the range 172.17.*.*, use proxy DEF for http://mozdev.org/* and proxy GHJ for http://google.com/*
When localIP address is in the range 192.168.*.*, use proxy QWR for http://slashdot.org/* and proxy HJK for http://youtube.com/*
You can see the rules can overlap or be different for each IP address.
Now that I think about it, I think we're effectively saying the same thing. Do you agree? See RFC 1918 for a list of valid IP addresses for private networks.
Yes, I think we are saying
Yes, I think we are saying the same thing. Your idea is slightly more complicated, mainly for you as developer, because you would need to probably add some new form to define set of "patterns and priorities" IP address(es) should be associated with.
wildcards - good idea, I haven't thought about it
RFC 1918 - I don't think there should be any limitations just for IP addresses defined for private networks
This is the feature I need.
I'm currently using FoxyProxy on my work laptop to switch when I go home and when I'm at work. When I'm at work I use the work proxy for everything except internal sites *company*
When I go home it gets a little more complicated. I am typically VPN'd to work, but it is rather slow to go
Home->Work->proxy halfway across the US->out to the internet.
So I have a Linux box at home running Squid that I tell FoxyProxy to use (192.168* is allowed to wander out by the VPN) so instead it's:
Home->out to the internet
I use the patterns so that internal sites go through the work proxy, and all this works fine.
What I would LOVE would be to just set it to patterns (or auto-detecting proxy existance/failover) so that when logged in at home it would detect the 192.168 in my ip list, and use the home proxy, and when at work just fail over to using the work proxy.
Even better would be (as I read the above) the ability to say (like the patterns):
if( homeIp.detected & not workIP.detected)
No proxy
if( homeIp.detected & workIP.detected)
Squid/Home proxy rules apply
if( not homeIp.detected )
Work proxy rules apply
I hope this is clear enough, and I hope it's implemented soon :)
Hi RichS, Yes, that is very
Hi RichS,
Yes, that is very clear. You mention being able to say NOT workIP detected. That's an important distinction that no one else has mentioned yet. So is the capability to switch based on multiple, simultaneous IPs.
I really need beta testers for this. The subset of people who want to use FoxyProxy based on internal IP rules are hard to find. Will you please help me by testing this?
Anyone else want to test this? Please contact me at eric dot jung at yahoo dot com.
Thank you,
Eric
mail sent...
The logic I stated would be the ideal, but just enabling/disabling rules based on ip's that pattern match would solve the issues I'm having. I wouldn't mind using the home proxy when at home, but not logged into work, it's not slow enough to cause concern, it would just be nice :)
As I said in my e-mail, let me know how I can help.
OK. I thought this through,
OK. I thought this through, and there's another way of writing your logic without using NOTs. I don't want to provide NOTs and ANDs and ORs because I'll end up writing a complex boolean expression builder GUI. Some of that logic, though, is usable with the whitelist/blacklist patterns that FoxyProxy makes use of for URL patterns. I'm writing this IP switching feature the same way: you specify white and black IP patterns to switch. If you only have static IPs, then you don't have to use wildcards in your patterns.
Anyway, here's how to write your logic using what I just described. I'm going to give a concrete example so it's easier to follow.
Suppose your home IP is 192.168.2.* and your work ip is 10.28.110.* You'll define 2 proxies in FoxyProxy in this order from top to bottom:
Proxy 1: 192.168.2.* whitelisted and 10.28.110.*blacklisted ==> Direct internet connection (no proxy). Whitelisted URL pattern * so all URLs go through this proxy when it's selected
Proxy 2: 10.28.110.* whitelisted and 192.168.2.* blacklisted ==> work proxy (note you can also specify URL whitlist/blacklist patterns so you can blacklist internal URLs as you mentioned)
Default ==> Squid HTTP proxy (this has a hard-coded whitelisted URL pattern * so all URLs go through this proxy when it's selected)
Now, to test these rules we have 3 test cases:
1. You're at home not connected to VPN (192.168.2.1 is the only IP address) ==> Proxy 1 is selected
2. You're at home and connected to the VPN (192.168.2.1 and 10.28.110.90 are both present) ==> Proxy 2 is selected
3. You're at work (only 10.28.110.90 is present) ==> Default is selected
Please confirm I've thought this through correctly!
thanks,
eric
looking good
The thought had occurred to me to re-use the pattern matching and white/black list logic from other parts of your code, but I figured I'd leave it to you for ease of implementing.
you are very close, I don't think the details I've changed below matter much to the implementation...
Proxy 1: 192.168.2.* whitelisted and 10.28.110.*blacklisted ==> Direct internet connection (no proxy). Whitelisted URL pattern * so all URLs go through this proxy when it's selected
Proxy 2: 10.28.110.* whitelisted and 192.168.2.* blacklisted ==> Squid proxy (note you can also specify URL whitlist/blacklist patterns so you can blacklist internal URLs as you mentioned)
Default ==> work (PAC) proxy (this has a hard-coded whitelisted URL pattern * so all URLs go through this proxy when it's selected)
Now, to test these rules we have 3 test cases:
1. You're at home not connected to VPN (192.168.2.1 is the only IP address) ==> Proxy 1 is selected (Direct Connection)
2. You're at home and connected to the VPN (192.168.2.1 and 10.28.110.90 are both present) ==> Proxy 2 is selected (Squid Proxy used)
3. You're at work (only 10.28.110.90 is present) ==> Default is selected (PAC from work proxy used)
nice ideas
I like your ideas, it can be annoying to switch proxies inbetween work and home.
however, maybe some things you didn't consider:
1) the complexity this plugin will present after this change is implemented will daunt even technical users. I might suggest you have an advanced settings page and a basic settings page.. and maybe the basic one you just enter 2 proxies, one work and one home, and then foxyproxy makes a bunch of assumptions (eg assumes 10.0.0.0/8 is work and 192.168.0.0/16 is home).
2) we're assuming that each network segment is exclusive - eg the 10.* address is work ONLY, and 192.168.* address is home ONLY. This isn't always the case.. eg my work network is 10.*, but also my wireless mobile broadband network (little usb card that i connect to the laptop) also give a 10.* address, and i need a direct connection for that one. In my work environment we have to detect whether we are at work or not, and the only really sure way we could do it was if we could ping our internal DHCP server (or any arbitrary server).
3) in your examples above, what's the difference between test case 2 and 3? if you're connected to the company VPN, why would you have a different proxy than when you're at work? All the companies i've worked for, when you VPN in you use the same proxy as if you're at work. i guess i don't really understand your whitelisting / blacklisting either.
it seems like:
a) you whitelist 192.*, blacklist 10.*, and this means when you're ONLY on the 192.* address, you get proxy1. this is fine.
b) you blacklist 192.*, whitelist 10.*, and for some reason this means that when you're on both 192.* and 10.* addresses, you get proxy 2. seems like a logic shift? surely this scenario would only be satisfied if you ONLY had the 10.* address, not both 192.* and 10.*
c) "default ==> work (PAC) proxy".. whtas this? a fancy name for proxy3? or do you call it default because it has priority assigned to it? Then it appears this proxy is used when you ONLY have a 10.* address.. as mentioned i dont understand why proxy2 wouldn't get used, because 192.* has been blacklisted for that one.
i think i really must not understand this at all, as both of you seem to fine with it :)
1) the complexity this
Here is a screenshot ofthe proposed interface. Does you still think it's complex? It's just another tab on the Proxy Settings dialog. The new tab is called "IP Address Patterns" (and the previous one has been renamed from "Patterns" to "URL Patterns"). Input of IP patterns is identical to the way you input URL patterns today. If you know how to do that, you already know how to write IP patterns. Note that IP patterns are completely optional. You can ignore this new tab if you want to. However, it's important to understand that IP address patterns take precedence over URL patterns. In other words, URL patterns for a proxy are only checked if your internal IP address matches one of the whitelisted IP patterns a proxy. If your IP address doesn't match a whitelisted IP pattern, the URL patterns for that proxy are ignored and the next proxy's patterns are checked (according to the "priority" or order in which you've stacked the proxies, just like it works today).
True. The solution to this is for FoxyProxy to switch proxies based on your WAN-facing IP address instead of your internal/LAN-facing IP address. This is planned for a future release. In the interim, if you absolutely must have this feature, you could always change the IP address assigned to you at home.
Right, I think that's true for most people. RichS said that when he's on the VPN at home, he only wants to use the company proxy for internal work addresses. He doesn't want to use it to surf the general internet because the work proxy is on the other side of the country....i.e., connection has high-latency.
OOPS, you're right! I'm not sure RichS will be able to achieve what he wants now.
Some people configure the Default entry in FoxyProxy to use a proxy. The Default entry has the lowest priority of all. Most people leave Default as "Direct internet connect (no proxy)", but not everyone. If you set it to use a proxy, you can think of this Default as a "catch-all". That is, any URL that doesn't match one of the other proxies will always match Default and load through the proxy you've defined there. In fact, internally FoxyProxy has a hard-coded whitelist "*" pattern for the Default with no blacklists. Some people don't like using Default this way and prefer to define another proxy in FoxyProxy with a higher priority than Default. I don't know why. Both work the same.
It's good to have someone check my work. I do hope you stay around, omniwolf, especially as a beta tester.
Eric
oops
So somehow I didn't see this when I posted just now...so:
1. You'll note that I admitted I reversed things in my head on the logic when I replied to you initially, so I think what you are working on works just fine.
2. So as I understand it you will call a function to get your current IP address and Firefox will return a list. I would suggest adding the current list of IP addresses to the text at the bottom of the page, so that users can see it while they are trying to figure out how to set things up.
I hope that clears things up...
I'll start with saying I'm
I'll start with saying I'm not even close to a network expert...so all I know is my situation, and I work for a rather large corporation so I do make the assumption that we do things in the "typical" way...but like I said I'm not expert :)
1) I only know bits about ip assignment, but I like the default idea if it works for a large group of people....
2) There's a few things here I'll break out. The beauty of the solution that Eric has proposed is that you should be able to come up with a regex/wildcard on the ip's that will figure out the difference between 10.xxx.*.* and 10.yyy.*.* (I assume that there is some sort of division, I know our workstations at work are on a different subnet than the laptops...) But your later statement about pinging the server sort of breaks my first assumption...
2/3) Part of this is my assumptions coming back in. Eric had said before that when you are connected to the VPN that the query for "what is my IP" will return a list of addresses. In my case the 192.168.*.* AND the 10.*.*.*. The other part of this is that my VPN allows traffic to the 192.168.*.* range directly without diverting it to the work network...
I take advantage of all of this to speed up my web-browsing. I have a Linux server at home running Squid (proxy server). So when I'm at home and connected to the VPN (and Firefox should be reporting both addresses) I want to connect using the "home/squid" proxy (which I set up so that addresses that are work related don't use a proxy and everything else goes through my linux box).
Sometimes I fire up my laptop for just browsing the web at home, and would like to connect directly without a proxy, that is the case where the IP list only has the 192.168.*.* address.
And then there's the case where I'm physically at work, and my IP addresses (wired and wireless) are 10.*.*.*, and I have to use the work proxy.
So just to re-iterate
a) as you said this is the surfing the web at home, without connecting to the VPN, so we don't use a proxy (or the "no proxy" proxy :) )
b) So this is where I'm at work. In this case My "correction" was wrong, and Eric's initial analysis I believe is correct. If both IPs are present, and we have blacklisted one of them then this is used. The logic as I see it is "if IP list contains 10.*.*.* AND if IP list does Not contail 192.168.*.*".
c) So this is the fall through condition. In this case we have determined that we have BOTH 192.168.*.* AND 10.*.*.*, and we use the squid proxy because I'm at home connected to the VPN.
the PAC is the file that work uses for the "automatic" configuration of the proxy...nothing too special (remember to ignore my last post as far as which proxy goes, the one before it is correct).
I hope this clears things up? The one thing this does not address is if you are not sub-netted so that you can reliably create a regex/pattern to match the possible Ip addresses for your case.
Rich, you should be aware
Rich, you should be aware that my initial analysis was flawed as pointed out by omniwolf. There is no way to say "if IP list contains 10.*.*.* AND if IP list does Not contain 192.168.*.*"." unless I implement priorities with patterns. I'm not really willing to do that since URL patterns don't have priorities (well, the only priority is that blacklists supersede whitelists).
I will add a list of found IP addresses to the screenshot, as you suggest.
Eric
p.s. if you're not subnetted then you don't need to use any wildcards in your patterns
I take back that last
I take back that last statement in the P.S. about subnets.
I'm confused
So if you can't do a Not in blacklist, but IS in whitelist, then what point does the whitelist have?
If you can supply both white and black list IP patterns then you don't need priorities, if you can't specify whitelist you would need priorities.
But from how I understand it this is what would happen:
Proxy 1: 192.168.2.* whitelisted and 10.28.110.*blacklisted ==> Direct internet connection (no proxy). Whitelisted URL pattern * so all URLs go through this proxy when it's selected
Proxy 2: 10.28.110.* whitelisted and 192.168.2.* blacklisted ==> work proxy (note you can also specify URL whitlist/blacklist patterns so you can blacklist internal URLs as you mentioned)
Default ==> Squid HTTP proxy (this has a hard-coded whitelisted URL pattern * so all URLs go through this proxy when it's selected)
So say I'm at home and connected to the VPN, and I have both 10.* and 192.* in my IP list.
First you go through the blacklist(s) and remove Proxy 1 and 2 from consideration, in this case the default is the only one left.
Then I disconnect from the VPN nad only have 192.* in my IP list, and I tell foxyProxy to re-configure...(or just go to a new website...not sure exactly about that) but then:
We blacklist Proxy 2. Then we have a "problem" where Proxy1 and the Default are left (which is where I'm afraid you say you stop...but that doesn't make sense to me...if that's the case then the whitelists have no meaning...).
Then I assume you test the whitelists, and see that Proxy1 still matches, and so does the Default... but at that point if a proxy matches the whitelist shouldn't that have priority?
Then I go to work. I have 10.* in my IP list.
Proxy1 is blacklisted, and as above we have the 2 possibilities Proxy2 and Default, by the same logic Proxy1 should be chosen....
I guess the real question comes in if you have more proxies set up, what do you do if multiple match...and then priority would have to take over...but you said you can't/won't/don't have time for that... so the results are indeterminant. Now if you are just running down the list in the order shown then you sort-of have priority already built in, but the inability to move them is a user interface "issue"....but I think I wander too far.
At this point being able to do just the blacklist to get a dual mode (at work, not at work) scenario working it would be helpfull, and if I'm going to be doing some surfing directly connected to the internet then I can manually change things (it doesn't happen too often, and using the proxy in that case still works fine, just a hair slower and there's some load to my server, no big deal).
I'm in complete agreement
I'm in complete agreement with most of what you said. Firstly, though, my comment about priorities was in reference to pattern priorities. In other words, ordering patterns (just like you can order proxies today) is pretty much off the table. Not because of the time involved, but because I don't think it's worthwhile. Pattern priority (whether URL or IP patterns) will remain as it does today: blacklists have priority over whitelists. There is no other "priority" to patterns.
Proxies can still be ordered with the move up/move down buttons to affect proxy priority.
You wrote:
If multiple match, FoxyProxy behaves the same way it does today: the proxy that comes FIRST is chosen. So, as I said before, we have priorities with proxy ordering but not pattern ordering. Blacklists have priority over whitelists. There is no other "priority" to patterns.
So on to your analysis of how switching should work. The only flaw in your analysis that I can see is this (and I think it's a typo on your part). You wrote:
I think you meant to write "by the same logic Proxy2 should be chosen", right?
yep, a typo
Yep, I guess I was typing fast. It should be Proxy2, otherwise logic everywhere ceases to function :)
Yes please. I've been
Yes please. I've been waiting for this feature for a long time, and I'm glad its getting this much attention now. I hope you can keep up the momentum and get it implemented. I'd just like to reiterate that I think the most common use case is:
if(myIp.match(company_ip_mask)) {
proxy_on();
} else {
proxy_off();
}
JohnPape: totally agree, i
JohnPape: totally agree, i think in the vast majority of cases, your pseudo code will be all that's required
Here is a screenshot ofthe proposed interface. Does you still think it's complex?
quite frankly.. yes. "whitelisting" or "blacklisting" a source IP doesn't really make sense to me. I'm not sure if it can be worded differently.. but it seems like you're trying to keep the interface for each "pattern" tab similar for consistency, but at the cost of understandablility? This is just my personal opinion, please ignore if you think i'm wrong. and having said that.. i can't think of anything better. if you understand this system (which took me a while to grasp, had to read this thread a couple of times), then i guess it does make sense.
maybe with your blurb "here you can specifiy when this proxy is and is not used", u can be a bit more specific.. something like "Here you can specify if your local IP address affects whether this proxy is used or not - useful for switching proxies between work and home!".. something like that.
True. The solution to this is for FoxyProxy to switch proxies based on your WAN-facing IP address instead of your internal/LAN-facing IP address.
ok i don't fully see how this will work, but i'll trust you on this one.
Right, I think that's true for most people. RichS said that when he's on the VPN at home, he only wants to use the company proxy for internal work addresses. He doesn't want to use it to surf the general internet because the work proxy is on the other side of the country....i.e., connection has high-latency.
ah ok i understand why you used that example now.. im surprised that companies would let that happen tho.. its a pretty big security risk to have split tunnels.
Some people don't like using Default this way and prefer to define another proxy in FoxyProxy with a higher priority than Default. I don't know why. Both work the same.
some people like me :) the final catch proxy doesn't allow you to enter URL patterns, so i basically ignore it. in my work environment things are constantly changing, so my "default" proxy changes fairly regularly, and i have URL patterns that i enable and disable to allow this.. a lot easier than changing the actual proxy of the "default proxy". my catch all proxy is about 3rd on the list of my proxies.. and i have 4 other proxies below it just sitting there.. waiting their turn :)
richS: good points. i didnt realise you were using split tunnels with your VPN (long time since i've seen that), but eric's proposal appears to allow you to maxmise on that, same way the current foxyproxy allows me to use different proxies for different websites cos some of our proxies have funny quirks.
beta tester
I don't quite follow everything on here, but I think I follow enough to know I could be one of your beta testers for some of the requested functionality. I really only use my notebook computer at home or away from the office, but I need to connect to my company's network with VPN to work from home occasionally. In this situation, I must connect with one of my company's proxy servers to access the internet. I would like to be able to set it up so that the proxy is only used when connected to the VPN and disabled otherwise.
I know internet explorer has this option, but that may be possible only because of some tighter integration with Windows which allows IE to recognize that it is connected to a VPN??
It is definitely easy enough to manually select the correct proxy in the status bar, but every bit of automation can make for a better user experience.
Thanks for a great add-on!
Darryl, please email me to
Darryl, please email me to get on the beta list for this feature.
Thanks,
Eric
testing
hi,
is it possible to get a beta for 2.9 (for testing) ?
Yes, email me.
Yes, email me.
Update for all those
Update for all those interested:
There is no beta yet. I've mostly been on vacation (working vacation) this month, so haven't done much with FoxyProxy except support in the forums. I have a final 2.8.5 patch about to be released.... in the next day or two I expect. After that, I can finish route by IP (the topic of this thread)... the work is mostly (more than 85%) complete.
Eric
well...
I just want to say, that, most of wireless connection software administration (but the one included in windows distro), have the capability of setting proxy settings, printer default on the configuration wireless connection they can connect to, maybe this is the way to go on this issue.
Regards
Profiles
I use FoxyProxy with Portable Firefox, and specifically when working in an office environment where I have a number of local servers which I need to connect to, as well as a choice of two proxy servers (with different rulesets) to access the net. I also use this Portable Firefox instance at home, as well as at a number of different locations with different network configurations.
I would suggest that the best approach would be to allow the grouping of Proxies into folders called "Profiles" (or similar) and for these Profiles to be activated or deactivated based on IP Address settings. Recognising that some PC configurations may result in more than one IP address being returned, having options in these Profiles to allow users to utilise as much, or as little of that data as they choose could be useful.
IE. I would have a grouping of settings called "Work". I would have that group of settings be active if one of my IP addresses were within the 172.27.4.0/24 Subnet, or within the 10.15.34.0/24 Subnet.
Alternately, a couple of other options for setting these rules may be:
All in all, though, as it stands, I love FoxyProxy - it's one of the extensions I religiously install with Firefox whenever working on a larger LAN, specifically one with internal servers.
Luke, Thanks for the
Luke,
Thanks for the suggestions and the compliments. I plan to release this in a few weeks and most of it is already "set in stone". So although I really like your folder concept, I think it's too late to do that for the first implementation. It'll have to wait for the next release.
I've got big plans for FoxyProxy. Stay tuned, although balancing it with my day job can be challenging :)
Hi there, I totally agree
Hi there,
I totally agree with this approach - defining proxy profiles, but not only to select which proxies to use, but maybe to change to different proxy priority/URL pattern combinations. I believe that another useful thing would be to allow patterns to be defined centrally and then re-used across different proxy configurations. A proxy profile would then need only to associate proxies to patterns and prioritize the proxy/pattern combinations. I think this would be the best thing for a mobile user. Also, to simplify, this functionality could be disabled for non-mobile users through some check-box (think 'Use advanced proxy profiles' or something similar).
Here's an example, to illustrate what I'm trying to say. A mobile user could do the following:
1) Define the URL patterns:
- a pattern called "Yahoo" for "http://www.yahoo.com/*"
- a pattern called "Meebo" for "http://www.meebo.com/*"
- a pattern called "Work" for some office intranet sites
- a pattern called "Default" for "*"
2) Define the proxies:
- a proxy called "Home" - direct connection only
- a proxy called "Work" - a proxy server used in the office
- a proxy called "Tor" - TOR proxy
3) Define the profiles:
- a profile called "Home"
- prority 1, proxy "Home", whitelist pattern "Default"
- a profile called "Work"
- priority 1, proxy "Tor", whitelist patterns "Meebo" and "Yahoo"
- priority 2, proxy "Work", whitelist pattern "Default", blacklist pattern "Work"
- a profile called "Internet cafe"
- priority 1, proxy "Tor", whitelist pattern "Default"
I wouldn't personally want the profiles to be auto-selected based on my current IP address, rather I would manually select the profile I need. I travel a lot with my laptop, and more often than not I find myself being assigned similar (private) IP addresses in different networks.
Anyway, thanks for a great piece of software and keep up the excellent work!
Regards,
Dan
Nice work. I wish you'd
Nice work. I wish you'd written this as a new feature request instead of putting it in this thread.
Sorry about that, you're
Sorry about that, you're absolutely right. I did write a feature request earlier but I didn't develop the subject as much as I have here.
I'll do that right now.
Testin this new functionality
hi,
is it possible to get a beta that includes this functionallity (for testing) ?
If this is make emailing you, where can I obtain it?
Hi, Beta is ready. Email me
Hi,
Beta is ready. Email me at eric dot jung at yahoo dot com for a copy.
Thanks,
Eric
maybe i am missing the point...
... but the answer to all of this might be as easy as 'autodetect proxy'
The tech behind is simply to have the proxy provided by DHCP.
If a proxy is provided it gets used, if not the browser connects direct.
Whats needed is that the DHCP server in the office provides the info (DHCP option 252) or alternatively via a hostname 'wpad' in dns.
Now have the host wpad providing a pac-file named wpad.dat and you're set.
Hi, Most people don't have
Hi,
Most people don't have control of their office's DHCP server to do what you describe.
Eric
good point but it still is
good point but it still is worth a try to get the dhcp settings changed.
On the long run this is a benefit to the corporation too
What if someone wants to use
What if someone wants to use a proxy not specified in the corporation's wpad? The solution you offer is pretty limited.
Any linux or mac os/x users
Any linux or mac os/x users out there who want this feature? I have everything working on Windows (thanks to beta testers for the help!), but could use help testing on non-Windows operating systems. It will only take 10 minutes of your time. Please email me if you can help: eric dot jung at yahoo dot com.
Thanks,
Eric
p.s. this feature will be in FoxyProxy 2.9, to be released sometime this week
Select proxy based on DNS suffix
Could you get foxyproxy to select proxy based on the DNS suffix recieved by DHCP. I work for two companies, the DHCP gives me a domain suffix. However, at home I don't get a suffix from my DSL router. Therefore, if I am on domain xxxx.com use proxy #1, if I am on domain yyy.com, user proxy #2, if I don't get any dns suffix, disable/use default proxy.
If foxyproxy you would have a exntry per proxy - use this proxy when on domain aaaaaaa
sorry, that information
sorry, that information isn't available to firefox without writing native code.
Another thread on this
Another thread on this topic: http://foxyproxy.mozdev.org/drupal/content/multiple-proxypattern-lists-d...
Long time since this feature
Long time since this feature has been requested. Is there a date for roll out this?
The feature is complete,
The feature is complete, tested, and works well. I'm trying to get it into FoxyProxy Plus. Should be available any day. I am literally working day and night to get it out the door. Will post here again when it's ready.
Eric
edit: This feature is now part of FoxyProxy Plus