Help Needed: Auto-Configure Proxy Settings via DHCP

By | 2009/04/04

At home I run my own DHCP, DNS and Squid proxy. I implemented the proxy because my DSL connection is pretty bad and anything I can do to improve that goes a long way.  Now my proxy works fine, but the issue that I’m running into is having it auto-configure the browser(s) on each machine in the house. It doesn’t do me any good to be running a proxy if it doesn’t actually get used.

Can anyone outline for me, or point me to a reliable resource, on how to automagically configure proxy settings via DHCP.  I have spent some time googling this but nothing has worked so far. Either the pages I found were out dated or missing information. Basically I would like any browsing within the LAN to go through the proxy. This will include Firefox, Safari and Epiphany browsers.

Thanks in advance.

14 thoughts on “Help Needed: Auto-Configure Proxy Settings via DHCP

  1. Darwin Survivor

    I don’t know about auto-config, but if you are looking to “prevent” http/https traffic bypassing the server, try putting the server between the lan and your dsl connection. Then you can set iptables rules, etc for the entire network and use the linux machine as a firewall, etc.

    Oh, yeah, don’t forget udp to proxy your streaming, etc.

  2. JaspEr

    HI, I know it’s not exactly the answer to Your question, but how about setting a redirect on firewall?
    There is a buch on howtos on the internet how to do it, bu basically it goes like this:
    iptables -t nat -A PREROUTING -p tcp –dport 80 -j REDIRECT –to-ports 3128 //default for squid?
    Try looking for: iptables transparent proxy.
    It is a different approach, but is quick.

  3. Himuraken

    Although this wouldn’t be the ideal setup in a business, my suggestion may work for a more static environment such as your home. Using DHCP, make your proxy box the default gateway for your LAN. I did this yesterday in a pinch on a ESX test server with IPCop and it worked fine. A better solution may just be to have your proxy replace your gateway device if it hasn’t already.

    So if that works for you, then no need to worry about .pac and wpad’s.


  4. Mark Drago

    You could also set the proxy up to be a transparent proxy. Squid supports this just fine, you just need to add a few firewall rules to send port 80 traffic through the proxy. This way the whole thing will work without any need for configuration on the client end.

  5. Zeeta

    I once setup my own dhcp server/http proxy this way:

    1. dnsmasq to assign ip addresses and used as a nameserver
    2. squid proxy
    3. iptables to redirect http requests (port 80) to the squid proxy port (3128 by default)

    therefore, no need to autodiscover a proxy.pac file.

  6. Alan Pope

    As others have suggested transparent proxying will help. I use ipcop which has a nice easy tickbox to set transparent proxying on. Job done. 🙂

  7. RoAkSoAx

    As other have said… the best solution is to configure a transparent proxy!! go for it! It’s really painful to use a non-transparent proxy if you have many machines 🙂

Comments are closed.