I use the following to not have to use the VPN software, this will create a SSH tunnel to a machine in NCSA, and then proxy traffic to specific hosts. This is probably a mac only solution.
Startup script
This script will do a few things, create a SSH tunnel, start a simple webserver for the auto proxy file, and monitor SSH and server in case on crashes.
run.sh
#!/bin/bash # some config variables SSHSERVER="somemachinein.ncsa.illinois.edu" PROXYPORT=9050 WEBPORT=5678 # trap specific signals trap cleanup INT trap checkup CHLD # check all child processes function checkup() { if [ "$SSHPID" != "" ]; then if ! kill -0 ${SSHPID} &> /dev/null ; then echo "ssh is dead [${SSHPID}]" cleanup fi else echo "SSH is dead" fi if [ "$WEBPID" != "" ]; then if ! kill -0 ${WEBPID} &> /dev/null ; then echo "webserver is dead [${WEBPID}]" cleanup fi else echo "WEB is dead" fi } # cleanup function at the end function cleanup() { trap - INT trap - CHLD # turn off proxy networksetup -setautoproxystate "Wi-Fi" off # kill webserver if [ "$WEBPID" != "" ]; then if kill -0 ${WEBPID} &> /dev/null ; then echo "Killing webserver [${WEBPID}]" kill ${WEBPID} fi fi # kill tunnel if [ "$SSHPID" != "" ]; then if kill -0 ${SSHPID} &> /dev/null ; then echo "Killing ssh [${SSHPID}]" kill ${SSHPID} fi fi exit 0 } # kill existing tunnel and start a new one, otherwise we can't trap CHLD OLDSSHPID=$(pgrep -f 'ssh -D ${PROXYPORT}') if [ "$OLDSSHPID" != "" ]; then kill ${OLDSSHPID} fi ssh -D ${PROXYPORT} -f -q -C -N ${SSHSERVER} SSHPID=$(pgrep -f "ssh -D ${PROXYPORT}") # kill existing server and start a new one, otherwise we can't trap CHLD OLDWEBPID=$(pgrep -f 'SimpleHTTPServer ${WEBPORT}') if [ "$OLDWEBPID" != "" ]; then kill ${OLDWEBPID} fi python -m http.server ${WEBPORT} 2> /dev/null & WEBPID=$(pgrep -f "http.server ${WEBPORT}") # fix proxy networksetup -setautoproxyurl "Wi-Fi" "http://localhost:${WEBPORT}/proxy.pac" # show proxy setup echo "export http_proxy=socks5://127.0.0.1:${PROXYPORT}" echo "export https_proxy=socks5://127.0.0.1:${PROXYPORT}" # now just wait while [ 1 == 1 ]; do sleep 1 checkup done
Auto Proxy File
This file is a list of all URL's that go over the SSH tunnel
proxy.pac
function FindProxyForURL(url, host) { if (shExpMatch(host, "nebula.ncsa.illinois.edu") || shExpMatch(host, "netdot.ncsa.illinois.edu") || shExpMatch(host, "bhr.ncsa.illinois.edu") || shExpMatch(host, "bhr.security.ncsa.illinois.edu") || shExpMatch(host, "events.ncsa.illinois.edu") || shExpMatch(host, "events.ncsa.uiuc.edu") || shExpMatch(host, "ba.engr.illinois.edu")) { return "SOCKS localhost:9050"; } return "DIRECT"; }