From my Linux workstation, the only application that can access the
internet are a) Firefox (using its own proxy configuration and
authentication stored in Firefox), as well as applications running in
a Windows VM (Note - the windows VM is a domain member and the user
authenticates against the domain when logging in)
Solution option: Run a web proxy on your windows VM. Setup your system to use that instance as your proxy.
Since your Windows VM is already authenticated and traffic is allowed through it, setting up a SOCKS proxy on that VM instance will centralized your authentication needs. If it is just for you and your boxes, this should be fine and is probably fairly straightforward.
Piggybacking on this idea is to get an SSHD daemon running on the Windows VM so you can do things like SSH SOCKS tunnels from your other boxes through the VM:
ssh -D 1080 windows-user@windows-vm
For those apps that may have problems or where you don't want to reconfigure the apps, you can make use of sshtunnel, which will setup iptables rules to route traffic. Works for Linux and Mac systems.
If you need to avoid installing a proxy on the Windows VM itself, you can setup a Squid proxy box configured to authenticate itself against the windows AD. A guide on doing that located here:
Solution option: Squid Proxy Authenticated via AD/NTLM
http://techmiso.com/1934/howto-install-squid-web-proxy-server-with-active-directory-authentication/ (dead link)
Another NTLM proxy solution, though I think this one actually runs on a Windows machine:
Solution option: NTLM proxy
http://cntlm.sourceforge.net/
Browsers with JavaScript support usually support PAC files. Anything else usually doesn't, in particular I'm not aware of any off-the-shelf proxy software that does. There are many proxies that support a way to perform differently based on the target URL, however, just not through a JavaScript program. See Transparent local proxy to many proxies
A PAC file is a JavaScript program, so support for PAC files requires a JavaScript interpreter. While there are proxies written in JavaScript, I can't find one that supports PAC files. The Python library pacparser implements PAC support (on top of Mozilla's JavaScript engine), and there are many proxies written in Python, but amazingly there doesn't seem to be any actual proxy program that uses pacparser.
Best Answer
I think pretty much all linux/unix software that uses networking will honor the
http_proxy
andftp_proxy
environment variables. Depending on how your distribution is set up,/etc/environment
will exist and be read by default by login shells.You can add a line saying
http_proxy=123.45.67.89:1011
in
/etc/environment
easily enough, but changes in that file will only take hold the next time you start a shell process -- and only in that shell process. I don't think you can modify global variables in a shell other than your current one.