Web proxy client

From Grid5000
Revision as of 10:08, 25 May 2011 by Pmorillo (Talk | contribs)

Jump to: navigation, search

Contents

See also: Web proxy access | Web proxy policy | Web proxy client | Web proxy server (admin)

How to setup its environments to use the Web proxy service available across the Grid'5000 sites.

Using Debian

The Web proxy to use, for the HTTP, HTTPS and FTP protocols, is defined in the /etc/environment file on Debian:

https_proxy="http://proxy.site.grid5000.fr:3128"
http_proxy="http://proxy.site.grid5000.fr:3128"
ftp_proxy="http://proxy.site.grid5000.fr:3128"

This file, filled with environment variables, is read at connection time if PAM configuration says:

auth       required     pam_env.so

Following PAM configuration files must declare the previous line to enable /etc/environment read:

/etc/pam.d/login
/etc/pam.d/ssh
/etc/pam.d/su

With the https_proxy, http_proxy and ftp_proxy environment variables most of the programs will benefit from the Web proxy configuration, for instance elinks, wget and apt-get. Moreover, for the last one there is no need to adapt its /etc/apt/sources.list configuration file.

Warning.png Warning

When you use the sudo command, most of your environment variables are lost. Thus sudoed commands do not know about the proxy configuration, because they do not receive the related environment variables.

Note.png Note

the /etc/environment file has to be converted during the postinstall step of the deployment to target the right proxy.site.grid5000.fr host

Using Fedora

The Web proxy to use, for the HTTP, HTTPS and FTP protocols, is defined in the /etc/environment file on Fedora:

https_proxy="http://proxy.site.grid5000.fr:3128"
http_proxy="http://proxy.site.grid5000.fr:3128"
ftp_proxy="http://proxy.site.grid5000.fr:3128"

This file, filled with environment variables, is read at connection time if PAM configuration says:

auth       required     pam_env.so


Yum inherits from that proxy configuration you just have to check that in /etc/yum.repos.d/fedora-*.repo the following line is uncomented:

baseurl=http://download.fedora.redhat.com/...


Warning.png Warning

When you use the sudo command, most of your environment variables are lost. Thus sudoed commands do not know about the proxy configuration, because they do not receive the related environment variables. If you want to accept some environment variables you can add with the visudo command : Defaults>userName env_reset,env_keep = "environment vars"

Note.png Note

the /etc/environment file has to be converted during the postinstall step of the deployment to target the right proxy.site.grid5000.fr host

Transparent proxy

For experiments who need to use external and internal web services transparently, use iptables.

Note.png Note

Need a root access (kadeploy is required)

For example : an experiment at Rennes who want to access services on www.ebi.ac.uk

# iptables -t nat -A OUTPUT --dest 193.62.197.12 -p tcp --dport 80 -j DNAT --to 131.254.202.9:3128
# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  anywhere             www.ebi.ac.uk       tcp dpt:www to:131.254.202.9:3128
Personal tools
Namespaces

Variants
Actions
Public Portal
Users Portal
Admin portal
Wiki special pages
Toolbox