Using proxy.pac and/or wpad.dat files in browsers to set proxy settings can be very useful but writing these files and getting them to work can often be a challenge. Here are a few resources and tips to make that process easier.
Writing a PAC file
The Smoothwall proxy can generate and host both proxy.pac and wpad.dat files automatically.
To see the options for customizing and setting up PAC files, in the Smoothwall, on the WEB PROXY menu, under the Web proxy submenu, click Automatic configuration.
You can setup a basic PAC file for proxies on any interface as well as add proxy exceptions to the PAC file configuration.
You should turn on both the options listed for bypassing local addresses and accessing the proxy by host name.
As a curiosity, the file proxy.pa is also downloadable in this way. That is due to a bug in Internet Explorer 7. When IE7 was supposed to ask for proxy.pac it only asked for proxy.pa that never got fixed.
The automatically generated PAC files are great for a basic setup using just one Smoothwall, but in some cases, you might need to make more complex modifications to the PAC file. The automatically generated PAC file can serve as a template for your own customization and once the customization has been done, you can upload the PAC file to the Smoothwall again, using the "Custom script template" option. The file uploaded here will then be available using the same links as previously stated.
Customizing the PAC file
When more advanced features are needed in the PAC file, they can be added to a Smoothwall created template and uploaded to the Smoothwall or you can host it on another server, for example, if the PAC file needs to be made available to external users.
This website is a fantastic resource for writing PAC files: https://findproxyforurl.com/
This site has extensive information on both writing and deploying PAC files. They also explain how to use automatic proxy discovery, which most desktop browsers support, to make it easy to get proxy settings on a user system.
A few often used PAC features in more complex setups
Failover proxies can be set in the PAC file. While not as smooth as using load balancers, it can be useful in certain cases:
return "PROXY proxy1.domain.local:8080; PROXY proxy2.domain.local:8080; DIRECT";
Proxy by subnet with added failover:
// If the IP address of the local machine is in a subnet, send to a specific proxy.
if (isInNet(myIpAddress(), "10.10.160.0", "255.255.224.0"))
return "PROXY proxy1.domain.local:8080;PROXY proxy2.domain.local:8080;"
There's a lot of good examples on the FindProxyForUrl site, like the two above. So make sure to take a look if you are wanting to write your own customized PAC file.