Different proxy for different network

Hi all,
is there a way to configure different system proxies based on network connection?

I’d like to use a proxy for when I’m under my workplace’ wifi connection, and a different proxy for when I’m using my home’s wifi.
Presently I’m working the problem around by manually switching cntlm profiles, but that’s not quite optimal.

I’d like to know if there is something more integrated and automated, available presently or at least planned.

Cris

Do you really need to configure a proxy at the system level?
Web browser proxies are typically configured in the web browser often support configuring for multiple connections, FoxyProxy in particular is a very popular FF plugin that does just that.

A web browser proxy of course works only for anything that is accessed using that web browser only, will not be used by anything else.

So, the question then becomes what else you’re doing that can’t be done in only one network?

TSU

tsu2, thank you for your reply.

At work I need to pass everything through the proxy, since it’s the only way out.
At home, I’d like to have everything going through the proxy (browser, OS updates, torrents…), since I have a caching proxy so my 4 computers and two tablets would benefit from the cached contents.
So, configuring the browser is not enough.

Cris

Are you already using any proxy client already or are you researching before doing anything?

For starters,
I just reviewed what is in the YAST proxy applet and it appears to only configure web protocols (http, https, ftp). It doesn’t configure other protocols, and it doesn’t configure SOCKS.

It’s also possible(and a common configuration) to run a proxy on your local machine which truly supports <all> protocols. That way, even apps which have their own proxy configurations (like typical email clients) all have a common and consistent proxy end-point no matter the network connection, which can then point “anywhere”

You need to inspect the <protocols> of all apps you want to proxy, not necessarily just the application. So, for instance for system updates, they all generally use a web protocol (most often http, sometimes ftp). This means that the YAST applet (or similar) can work. But something like an email client (SMTP outbound, POP3 or IMAP or something else inbound) would not work. And, do you need a proxy connection only for inbound or both directions?

Also proxy caching can be automatic but has some drawbacks. You may find that it’s better in some cases to simply set up a VPN to your office so that you can use the same proxy in both networks or set up an Internet-facing proxy at work or some other similar solution.

After you gather sufficient information about what your requirements are, <then> you can look at choices

TSU

Tsu,
thank you very much for your extensive reply!

I’m not sure as to what you mean by “proxy client”. I am presently using the proxy configuration offered by Yast (and I configure KDE to “Use system proxy configuration”). So KDE programs work correctly and, as yast sets the proxy environment variables, most CLI programs do, too.

I’m also using cntlm because it is needed when I’m at work to connect to the dreaded MS proxy my employer use.

OTOH, having cntlm installed enables me to do some proxy-switching tricks by stopping cntlm, changing its profile and restarting it. But, as I said in my original post, this is less than optimal because it is not automatic and because I need to maintain the different profiles every time there’s a password change (at least every three months).

Actually, this is what I’m doing with cntlm (although cntlm technically is not a proxy). Having a software that can automatically switch configuration based on the attached WIFI network would be awesome! Do you know of any such software?

I am already covered for all the protocols/applications I need. It’s just the switching that I want to optimize.

Cris

Actually, this is what I’m doing with cntlm (although cntlm technically is not a proxy). Having a software that can automatically switch configuration based on the attached WIFI network would be awesome! Do you know of any such software?

I’m wondering if cntlm could be configured on a per-network connection basis by use of a suitable NM dispatcher script. It would take a bit of effort to implement, but once configured to recognise the networks, it shouldn’t be too difficult?

Reference
https://wiki.archlinux.org/index.php/NetworkManager#Network_services_with_NetworkManager_dispatcher

Example

Wow Deano, this is very interesting!
I don’t know if I’m able to, but I could even come up with something generally usable by people having my same problem.
I will let you know.

Cris

I’d also recommend you take a look at something I haven’t personally used, scpm which has been in SUSE and openSUSE since forever. Install it and read the MAN pages, you’ll find it promises to do exactly what you want… store system(network) profiles, and can be used to switch betwen proxies at the system level.

Also, this very old but likely still very relevant suse documentation
https://www.novell.com/documentation/suse91/suselinux-adminguide/html/ch08s02.html

A couple years ago I was also just clicking through the /proc/* tree, and found to my surprise that nowadays the kernel supports network profiles natively. I just don’t know if an app has been written to easily manage that functionality, IIRC from what I saw it was all command line which required you to know exactly where this functionality was located, but was easily configurable.

TSU

Thank you TSU,
this is very inspiring!
I look forward to install SCPM and begin studying its usage.

Cris

Hi tsu2,
I still have not had time to study scpm, but I’ve noticed that the yast gui for scpm is not available anymore, and I’ve not been able to find another gui.
Do you know of any?

Cris