Bash Scripting: Proxies

By Amsys

Hi all. Welcome back to part 2 of the network configuration series.
In this blog I will advise how to apply some proxy settings to your network locations
Catching up
In last month’s bash scripting blog, we created a new network location called “Home”, auto populated it with the available network interfaces, switched to it and deleted the “Automatic” location. This was using the below combination of commands:

networksetup –createlocation "Home" populate
networksetup –switchtolocation "Home"
networksetup –deletelocation "Automatic"

Additionally, I will create another location called “Office” (to apply the proxy settings to) and switch to this location with the below commands:

networksetup –createlocation "Office" populate
networksetup –switchtolocation "Office"

Now let’s apply some settings.

Adding HTTP proxies

The command used to add the HTTP proxies is “networksetup –setwebproxy”. The man page for “networksetup” shows the following for “setwebproxy”

The options translate to:

“networkservice” – This is the physical interface. For example “Wi-fi”, “Airport”, “Ethernet”, “Ethernet 2” and “Thunderbolt-Ethernet” are all valid examples.
“domain” – This is the IP or DNS address HTTP requests should be forwarded to, the proxy server address.
“portnumber” – This is the port number to be used for the proxy server.
“authenticated” – If the proxy requires authentication, and you want to input it now, this should be turned on. The only valid options are “on” or “off”.
“username” – Authenticated needs to be on. This should be the username to be authenticated with.
“password” – Authenticated needs to be on. This should be the password to be authenticated with.

Please Note: The last three options only work with the currently logged in user and will not work system wide through this method.

HTTP examples

To set a HTTP proxy of “proxy.amsys.co.uk” on port “8080” on the Ethernet interface, you would use:

networksetup –setwebproxy "Ethernet" "proxy.amsys.co.uk" "8080"

To set a HTTP proxy of “proxy.google.com” on port “8888” on the Wi-Fi interface, along with authentication of “darren” with the password “123” you would use (this is all on one line):

networksetup –setwebproxy "Wi-Fi" "proxy.google.com" "8888" "on" "darren" "123"

Adding HTTPS proxies

The setting of the HTTPS proxy details is the same as for HTTP, but instead of using “-setwebproxy” you need to use “-setsecurewebproxy”.
For example, to set the same proxies on HTTPS as the first HTTP example, you would use:

networksetup –setsecurewebproxy "Ethernet" "proxy.amsys.co.uk" “8080"

To set the same proxies on HTTPS as the second HTTP example, you would use (this is all on one line):

networksetup –setsecurewebproxy "Wi-Fi" "proxy.google.com" "8888" "on" "darren" "123"

Other protocols

The “networksetup” tool details many options for setting proxies on other protocols, such as:

FTP – -setftpproxy
Streaming – -setstreamingproxy
Gopher – -setgopherproxy
SOCKS – -setsocksfirewallproxy

These all operate on the same general usage of “interface” “address” “port” “authentication” “username” “password” as HTTP detailed above.

Points to note

When running these commands, they work on the current network location, hence why we switched to the “Office” location before running these commands.
Also, as mentioned above, setting the authentication will add the provided details into the currently logged in user’s Keychain. To add these to the system, the keychain item/s need to be copied into the System Keychain using Keychain Utility (/Applications/Utilities/) or scripted using the “security” command line tool.
Finally, as each proxy setting is tied to an interface, you will need to repeat your commands for each required physical or virtual interface.

Summary

I hope that this has given you some starting points or ideas on configuring your proxies using the command line, scripts or payload-free packages. Next time, I will go through adding exceptions to the proxies, and then tying it up into a single script, that can be added to a payload free installer or ran on first boot of a new machine.
Any hints, tips or opinions? Let us know in the comments below and I’ll try to respond to as many as I can.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.