############################################## ### wpad caonfiguration on Ubuntu 12.04 LTS ############################################## ### Append the two line below in httpd.conf. vi /etc/apache2/apache2.conf AddType application/x-ns-proxy-autoconfig .pac AddType application/x-ns-proxy-autoconfig .dat ### Edit the dhcpd.conf file and add the following lines. option wpad-url code 252 = text; option wpad-url "http://192.168.0.10/proxy.pac\n"; option wpad-url "http://192.168.0.10/wpad.dat\n"; ### The dhcp.conf should look something similar to this. root@instructor01:/# egrep -v "^#|^$" /etc/dhcp/dhcpd.conf ddns-update-style none; option domain-name "kenet.or.ke"; option domain-name-servers 41.204.164.3, 41.89.1.4; default-lease-time 3600; max-lease-time 7200; authoritative; log-facility local7; option wpad-url code 252 = text; option wpad-url "http://192.168.0.10/proxy.pac\n"; option wpad-url "http://192.168.0.10/wpad.dat\n"; subnet 192.168.51.0 netmask 255.255.255.0 { range 192.168.51.51 192.168.51.199; option domain-name-servers 192.168.51.1; option domain-name "lan-kenet.or.ke"; option routers 192.168.51.1; option broadcast-address 192.168.51.255; default-lease-time 600; max-lease-time 7200; } root@instructor01:/# ### Create the lan-kenet.or.ke zone if it does not exist. root@instructor01:/# cat /etc/bind/named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "instructor" { type master; file "/etc/bind/instructor.local"; }; zone "lan-kenet.or.ke" { type master; file "/etc/bind/lan-kenet.or.ke.local"; }; root@instructor01:/# ### Ensure the options file has the necessary configs. root@instructor01:/# cat /etc/bind/named.conf.options options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 41.204.164.3; // 41.89.1.4; //}; listen-on { 192.168.0.10; 192.168.51.1; }; // acl kenet_training { // 192.168.0.0/24; // }; recursion yes; # this is the default // recursion no; allow-query { 127.0.0.1; 192.168.0.0/24; 192.168.51.0/24; }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; root@instructor01:/# ### Populate the zone with the required files. root@instructor01:/# cat /etc/bind/named.conf named.conf named.conf.default-zones named.conf.local named.conf.options root@instructor01:/# cat /etc/bind/lan-kenet.or.ke.local ; ; BIND data file for the lan-kenet.or.ke domian ; $TTL 604800 @ IN SOA lan-kenet.or.ke. hezron.lan-kenet.or.ke. ( 2013082000 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS lan-kenet.or.ke. @ IN A 192.168.0.10 wpad IN A 192.168.0.10 ; wpad proxy IN A 192.168.0.10 ;proxy root@instructor01:/# ### Create wpad.dat and proxy.pac files and place them in the root directory of the webserver. root@instructor01:/# cat /var/www/wpad.dat function FindProxyForURL(url,host) { if(isPlainHostName(host)|| isInNet(host,"192.168.0.0","255.255.255.0")) { return "PROXY 192.168.0.10:3128; DIRECT"; } else return "PROXY 192.168.0.10:3128; DIRECT"; } root@instructor01:/# ### Copy wpad.dat proxy.pac root@instructor01:/# cp -rv /var/www/wpad.dat /var/www/proxy.pac ### Ensure the new zone contains the correct syntax. root@instructor01:/# named-checkconf root@instructor01:/# named-checkzone lan-kenet.or.ke /etc/bind/lan-kenet.or.ke.local zone lan-kenet.or.ke/IN: loaded serial 2013082000 OK ### Restart the bind service. root@instructor01:/# /etc/init.d/bind9 restart ### Test the new zone records. root@instructor01:/# dig lan-kenet.or.ke ; <<>> DiG 9.8.1-P1 <<>> lan-kenet.or.ke ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60876 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;lan-kenet.or.ke. IN A ;; ANSWER SECTION: lan-kenet.or.ke. 604800 IN A 192.168.0.10 ;; AUTHORITY SECTION: lan-kenet.or.ke. 604800 IN NS lan-kenet.or.ke. ;; Query time: 0 msec ;; SERVER: 192.168.0.10#53(192.168.0.10) ;; WHEN: Wed Aug 21 15:40:12 2013 ;; MSG SIZE rcvd: 63 root@instructor01:/# dig wpad.lan-kenet.or.ke ; <<>> DiG 9.8.1-P1 <<>> wpad.lan-kenet.or.ke ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32780 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;wpad.lan-kenet.or.ke. IN A ;; ANSWER SECTION: wpad.lan-kenet.or.ke. 604800 IN A 192.168.0.10 ;; AUTHORITY SECTION: lan-kenet.or.ke. 604800 IN NS lan-kenet.or.ke. ;; ADDITIONAL SECTION: lan-kenet.or.ke. 604800 IN A 192.168.0.10 ;; Query time: 0 msec ;; SERVER: 192.168.0.10#53(192.168.0.10) ;; WHEN: Wed Aug 21 15:40:27 2013 ;; MSG SIZE rcvd: 84 root@instructor01:/# dig proxy.lan-kenet.or.ke ; <<>> DiG 9.8.1-P1 <<>> proxy.lan-kenet.or.ke ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26801 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;proxy.lan-kenet.or.ke. IN A ;; ANSWER SECTION: proxy.lan-kenet.or.ke. 604800 IN A 192.168.0.10 ;; AUTHORITY SECTION: lan-kenet.or.ke. 604800 IN NS lan-kenet.or.ke. ;; ADDITIONAL SECTION: lan-kenet.or.ke. 604800 IN A 192.168.0.10 ;; Query time: 0 msec ;; SERVER: 192.168.0.10#53(192.168.0.10) ;; WHEN: Wed Aug 21 15:40:37 2013 ;; MSG SIZE rcvd: 85 root@instructor01:/# ### IS FINISHED!!!