Ubuntu 18, proxy not working on terminal but work

2019-08-17 10:41发布

问题:

(related and perhaps more simple problem to solve: proxy authentication by MSCHAPv2)

Summary: I am using a Ubuntu 18, the proxy is working with web-browser but not with terminal applications (wget, curl or apt update). Any clues?
Seems the problem is to interpretate a proxy's "PAC file"... Is it? How to translate to Linux's proxy variables?
... Or the problem is simple: my proxy-config (see step-by-step procedure below) was wrong?


Details:

By terminal env | grep -i proxy we obtain

https_proxy=http://user:pass@pac._ProxyDomain_/proxy.pac:8080
http_proxy=http://user:pass@pac._ProxyDomain_/proxy.pac:8080
no_proxy=localhost,127.0.0.0/8,::1
NO_PROXY=localhost,127.0.0.0/8,::1
ftp_proxy=http://user:pass@pac._ProxyDomain_/proxy.pac:8080

and browser (Firefox) is working fine for any URL, but:

  • wget http://google.com say
    Resolving pac._ProxyDomain_ (pac._ProxyDomain_)... etc.etc.0.26
    connecting to pac._ProxyDomain_ (pac._ProxyDomain_)|etc.etc.0.26|:80... conected.
    Proxy request has been sent, waiting for response ... 403 Forbidden 2019-07-25 12:52:19 ERROR 403: Forbidden.

  • curl http://google.com say
    "curl: (5) Could not resolve proxy: pac._ProxyDomain_/proxy.pac"



Notes

(recent news here: purge exported proxy changes something and not tested all again...)

The proxy configuration procedures that I used (there are some plug-and-play PAC file generator? I need a PAC file?)

Config procedures used

  1. All machine was running, with a direct non-proxy internet connection... Them the machine goes to the LAN with the proxy.

  2. Add lines of "export *_proxy" (http, https and ftp) in my ~/.profile. The URL definitions are in the form http_proxy="http://user:pwd@etc"
    (supposing that is correct, because testesd before with user:pwd@http://pac.domain/proxy.pac syntax and Firefox promped proxy-login)
    (if the current proxy-password is using # character, need to change?)

  3. Add lines of "export *_proxy" in my ~root/.profile.
    (need it?)

  4. (can reboot and test with echo $http_proxy)

  5. visudo procedure described here

  6. reboot and navigate by Firefox without need of login, direct (good is working!). Testing env | grep -i proxy, it shows all correct values as expected.

  7. Testing wget and curl as the begin of this report, proxy bug.

  8. Testing sudo apt update, bug.

  9. ... after it more one step, supponing that for apt not exist a file, created by sudo nano /etc/apt/apt.conf.d/80proxy and add 3 lines for Acquire::*::proxy "value"; with value http://user:pass@pac._ProxyDomain_/proxy.pac:8080. where pass is etc%23etc, url-encoded.


Summary of tests performed

CONTEXT-1.1

(this was a problem but now ignoring it to focus on more relevant one)

After (the proxied) cable connection and proxy configurations in the system. (see above section "Config procedures used"). Proxy-password with special character.

  1. curl http://google.com say "curl: (5) Could not resolve proxy..." When change all .profile from %23 to # the error on wget changes, but curl not. Wget changes to
    "Error parsing proxy URL http://user:pass@pac._ProxyDomain_/proxy.pac:8080: Bad port number"

PS: when used $ on password the system (something in the internal export http_proxy command or use of http_proxy confused it with a variable).

CONTEXT-1.2

Same as context-1.1 above, but password with no special character. Good and clean proxy-password.

  1. curl http://google.com say "curl: (5) Could not resolve proxy..."

CONTEXT-2

After (the proxied) cable connection and no proxy configurations in the system (but confirmed that connection is working on browser after automatic popup form login).

  1. curl -x 192.168.0.1:8080 http://google.com "curl: (7) Failed to connect..."

  2. curl --verbose -x "http://user:pass@pac._proxyDomain_/proxy.pac" http://google.com say "curl: (5) Could not resolve proxy..."


Other configs in use

As @Roadowl suggested to check:

  • files ~/.netrc and ~root/.netrc not exists
  • file more /etc/wgetrc exists, but all commented, exept by passive_ftp = on
标签: linux proxy