Set a network range in the no_proxy environment variable
Solution 1
You're looking at it the wrong way. The no_proxy
environment variable lists the domain suffixes, not the prefixes. From the documentation:
no_proxy
: This variable should contain a comma-separated list of domain extensions proxy should not be used for.
So for IPs, you have two options:
1) Add each IP in full:
printf -v no_proxy '%s,' 10.1.{1..255}.{1..255};
export no_proxy="${no_proxy%,}";
2) Rename wget
to wget-original
and write a wrapper script (called wget
) that looks up the IP for the given URL's host, and determines if it should use the proxy or not:
#!/bin/bash
ip='';
for arg; do
# parse arg; if it's a URL, determine the IP address
done;
if [[ "$ip" =~ ^10\.1\. ]]; then
wget-original --no-proxy "$@";
else
wget-original "$@";
fi;
Solution 2
info wget
says:
`no_proxy'
This variable should contain a comma-separated list of domain
extensions proxy should _not_ be used for. For instance, if the
value of `no_proxy' is `.mit.edu', proxy will not be used to
retrieve documents from MIT.
So the variable should contain a list of domains, not IP ranges. You'll need to set up proper local aliases for your local machines in /etc/hosts
file(s).
Apart from this, bear in mind that setting an environment variable does not guarantee that a proxy will or will not be used. It is just an information that may be used by programs that support it.
Solution 3
Not exactly a correct solution but it might solve the problem for you. If you assume that accessing anything from the outside of the proxy will be using DNS-names and not directly using IP-addresses, you can set it like:
export no_proxy=0,1,2,3,4,5,6,7,8,9
As far as I know, no top domain ends with a number so if it does, it must be an IP-address.
Solution 4
Here's a slightly simpler (one-line) approach based on janmoesen's solution.
export no_proxy=`echo 10.1.1.{1..255} | sed 's/ /,/g'`
which has been further improved based on Cory Ringdahl's input:
export no_proxy="`echo 10.1.1.{1..254},` 10.1.1.255"
sed chokes on all the arguments passed from the expansion of 10.1.{1..255}.{1..255}
, either in his code or mine. So if you really need to expand to 256 * 256 IP addresses, you might be able to further adapt Cory Ringdahl's approach, but if you merely need 256 or so, either of these should work perfectly for you.
I'm guessing the version where 2 octets are expanded would look something like this:
export no_proxy="`echo 10.1.{1..255}.{1..254},` 10.1.255.255"
but iTerm is giving me errors about argument lists being too long, so I can't say for sure whether there is a solution to make this work...
Related videos on Youtube
SamK
Updated on September 18, 2022Comments
-
SamK over 1 year
I'm in a network using a proxy. I've got machines using lots of scripts here and there accessing each other over HTTP.
- The network is 10.0.0.0/8.
My proxy is 10.1.1.1:81, so I set it up accordingly:
export http_proxy=http://10.1.1.1:81/
I want to exclude my own range to be accessed with the proxy. I tried any combination available.
export no_proxy='10.*' export no_proxy='10.*.*.*' export no_proxy='10.0.0.0/8'
None of the above work!
I'm testing with
wget
and it always tries to query the proxy, whatever IP address I want to connect to.- Since lots of scripts lie everywhere in all systems the
--no-proxy
option is actually not an option. I want to set it system wide.
-
SamK over 12 yearsThank's a lot, I'm going to wrap my wget (and use hostnames instead of IP addresses).
-
jtpereyda over 8 yearsWill having 255*255 addresses in no_proxy risk performance issues?
-
janmoesen over 8 yearsAlso, it should be
10.1.{0..255}.{0..255}
, or at least10.1.{0..255}.{1..255}
. (I don't think the last bit can be 0 for "normal" devices, but I am not sure.) -
Ross about 8 yearsDo not add each IP in full - it will be too long and you won't be able to execute any commands in bash.
-
Thomas Decaux over 6 yearsNEVER DO THAT, this will generate something too long for any command, and, if you put this in
/etc/environment
file, this could break your server. -
notes-jj almost 6 yearsFor data center server this is a very clever trick. Has side effect, but acceptable.
-
Erik over 5 yearsthis didn't work for myself .. had to use @iconoclast solution
-
Piotr Dobrogost over 5 yearsIf wget implements this the same way as curl does – and I suspect it does – then there is no difference if it is IP address or domain name as both are treated as strings – see github.com/curl/curl/issues/1208
-
iconoclast almost 5 yearsNice... I'm tweaking it a bit to make the spacing consistent after commas, and I'll add it.
-
nTOXIC about 4 yearsThis should be changed in wget. Other tools are able to parse the CIDR notation in no_proxy (curl, python, ruby, etc.).
-
Time Killer about 4 yearsIt's a real hassle. Not all programs follow these variables
-
Joel Pearson about 4 yearsI think you need to use all numbers between 0 and 255 for this to work, otherwise, I think this solution only works for ip's ending in 0 and 9 not 0 and 255. At least your existing solution didn't work for me with curl with an IP ending in 67 until I did this:
printf -v no_proxy '%s,' {0..255};
-
kubanczyk almost 4 years@JoelPearson Followed by
export no_proxy
-
minus one over 3 yearsAlso see: link