Menu

#62 NoProxy Regex or Extended Wildcard Matching

Next Release (example)
open
nobody
NoProxy (3)
5
2016-05-09
2015-08-18
Felix
No

I realized it is very hard to wildcard-match hostnames that contain NO dots. I ended up with this "NoProxy *[!.]???", which doesn't really work. Is there some way to exclude simple hostnames without dots from using parent proxy? If not, I'd like to use a regular expression or extended wildcard to exclude those hostnames.

Discussion

  • Nathan Revo

    Nathan Revo - 2016-05-05

    Update: I was able to match a simple hostname using the following

    NoProxy [:alnum:]*

    End Update

    I have run into this same issue. Many of our developers access systems with the simple hostname, and thus it is always being directed through the corporate proxy. I would love to have the developers use the FQDN, but most forget/refuse.

    examples of hosts that should bypass the proxy:
    utdev100
    utaba009
    txabc123

    Looking through the code I found the use of the function "fnmatch()", hoping to figure out how to match a string with no dots. So far nothing has worked.

    http://man7.org/linux/man-pages/man3/fnmatch.3.html
    http://man7.org/linux/man-pages/man7/glob.7.html

    I have tried all variations of the *[!.] expression in hope of matching a simple hostname (NO dots), with no luck so far. Some of them match, but they also match things like 'www.google.com' and 'www.ibm.com'.

    Here are my attempts: "NoProxy [!.], ?[^.], ?[!.], +, .+, !+[.], ![.]+, +[^.], +[!.], [^.]+, [!.]+"

    P.S. The code reference is in main.c function noproxy_match.

     

    Last edit: Nathan Revo 2016-05-05

  • Felix

    Felix - 2016-05-09

    Hi Nathan,
    thanks for pointing me to the man pages, I gave it one more though and came up with this workaround

    NoProxy *[!.][!.][!.][!.][!.]

    which will match any string that doesn't have a dot in the last 5 characters. Obviously this won't work with top level domains longer than 4 characters.
    I think your suggested solution

    NoProxy [:alnum:]*

    won't work because it'll match a single alpha-numeric character followed by any number of other characters. Don't confuse globbing with regular expressions.
    So now we have a workaround, but regex support would still be a nice feature.

    Please tell me if my workaround works for you.
    Felix

     

Log in to post a comment.