##############################################
### wpad caonfiguration on Ubuntu 12.04 LTS
##############################################
### Append the two line below in httpd.conf.
vi /etc/apache2/apache2.conf
AddType application/x-ns-proxy-autoconfig .pac
AddType application/x-ns-proxy-autoconfig .dat
### Edit the dhcpd.conf file and add the following lines.
option wpad-url code 252 = text;
option wpad-url "http://192.168.0.10/proxy.pac\n";
option wpad-url "http://192.168.0.10/wpad.dat\n";
### The dhcp.conf should look something similar to this.
root@instructor01:/# egrep -v "^#|^$" /etc/dhcp/dhcpd.conf
ddns-update-style none;
option domain-name "kenet.or.ke";
option domain-name-servers 41.204.164.3, 41.89.1.4;
default-lease-time 3600;
max-lease-time 7200;
authoritative;
log-facility local7;
option wpad-url code 252 = text;
option wpad-url "http://192.168.0.10/proxy.pac\n";
option wpad-url "http://192.168.0.10/wpad.dat\n";
subnet 192.168.51.0 netmask 255.255.255.0 {
range 192.168.51.51 192.168.51.199;
option domain-name-servers 192.168.51.1;
option domain-name "lan-kenet.or.ke";
option routers 192.168.51.1;
option broadcast-address 192.168.51.255;
default-lease-time 600;
max-lease-time 7200;
}
root@instructor01:/#
### Create the lan-kenet.or.ke zone if it does not exist.
root@instructor01:/# cat /etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "instructor" {
type master;
file "/etc/bind/instructor.local";
};
zone "lan-kenet.or.ke" {
type master;
file "/etc/bind/lan-kenet.or.ke.local";
};
root@instructor01:/#
### Ensure the options file has the necessary configs.
root@instructor01:/# cat /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 41.204.164.3;
// 41.89.1.4;
//};
listen-on {
192.168.0.10;
192.168.51.1;
};
// acl kenet_training {
// 192.168.0.0/24;
// };
recursion yes; # this is the default
// recursion no;
allow-query {
127.0.0.1;
192.168.0.0/24;
192.168.51.0/24;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
root@instructor01:/#
### Populate the zone with the required files.
root@instructor01:/# cat /etc/bind/named.conf
named.conf named.conf.default-zones named.conf.local named.conf.options
root@instructor01:/# cat /etc/bind/lan-kenet.or.ke.local
;
; BIND data file for the lan-kenet.or.ke domian
;
$TTL 604800
@ IN SOA lan-kenet.or.ke. hezron.lan-kenet.or.ke. (
2013082000 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS lan-kenet.or.ke.
@ IN A 192.168.0.10
wpad IN A 192.168.0.10 ; wpad
proxy IN A 192.168.0.10 ;proxy
root@instructor01:/#
### Create wpad.dat and proxy.pac files and place them in the root directory of the webserver.
root@instructor01:/# cat /var/www/wpad.dat
function FindProxyForURL(url,host)
{
if(isPlainHostName(host)||
isInNet(host,"192.168.0.0","255.255.255.0")) {
return "PROXY 192.168.0.10:3128; DIRECT";
}
else return "PROXY 192.168.0.10:3128; DIRECT";
}
root@instructor01:/#
### Copy wpad.dat proxy.pac
root@instructor01:/# cp -rv /var/www/wpad.dat /var/www/proxy.pac
### Ensure the new zone contains the correct syntax.
root@instructor01:/# named-checkconf
root@instructor01:/# named-checkzone lan-kenet.or.ke /etc/bind/lan-kenet.or.ke.local zone lan-kenet.or.ke/IN: loaded serial 2013082000
OK
### Restart the bind service.
root@instructor01:/# /etc/init.d/bind9 restart
### Test the new zone records.
root@instructor01:/# dig lan-kenet.or.ke
; <<>> DiG 9.8.1-P1 <<>> lan-kenet.or.ke
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60876
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;lan-kenet.or.ke. IN A
;; ANSWER SECTION:
lan-kenet.or.ke. 604800 IN A 192.168.0.10
;; AUTHORITY SECTION:
lan-kenet.or.ke. 604800 IN NS lan-kenet.or.ke.
;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Wed Aug 21 15:40:12 2013
;; MSG SIZE rcvd: 63
root@instructor01:/# dig wpad.lan-kenet.or.ke
; <<>> DiG 9.8.1-P1 <<>> wpad.lan-kenet.or.ke
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32780
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;wpad.lan-kenet.or.ke. IN A
;; ANSWER SECTION:
wpad.lan-kenet.or.ke. 604800 IN A 192.168.0.10
;; AUTHORITY SECTION:
lan-kenet.or.ke. 604800 IN NS lan-kenet.or.ke.
;; ADDITIONAL SECTION:
lan-kenet.or.ke. 604800 IN A 192.168.0.10
;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Wed Aug 21 15:40:27 2013
;; MSG SIZE rcvd: 84
root@instructor01:/# dig proxy.lan-kenet.or.ke
; <<>> DiG 9.8.1-P1 <<>> proxy.lan-kenet.or.ke
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26801
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;proxy.lan-kenet.or.ke. IN A
;; ANSWER SECTION:
proxy.lan-kenet.or.ke. 604800 IN A 192.168.0.10
;; AUTHORITY SECTION:
lan-kenet.or.ke. 604800 IN NS lan-kenet.or.ke.
;; ADDITIONAL SECTION:
lan-kenet.or.ke. 604800 IN A 192.168.0.10
;; Query time: 0 msec
;; SERVER: 192.168.0.10#53(192.168.0.10)
;; WHEN: Wed Aug 21 15:40:37 2013
;; MSG SIZE rcvd: 85
root@instructor01:/#
### IS FINISHED!!!