* is not supported (as it wasn't supported by the underlying Go proxy code).
However
"bar.com" matches foo.bar.com, as does ".bar.com"
So while we don't allow "*.bar.com" it can be expressed as just "bar.com"
and ".bar.com".
On Sat, May 26, 2018 at 2:43 AM, Dmitrii Shcherbakov <
<email address hidden>> wrote:
> Public bug reported:
>
> Looks like *.domain.com[:port] syntax is no supported by no-proxy (CIDR
> syntax is supported judging by other tests I performed):
>
> cat model-config.yaml
> logging-config: '<root>=ERROR;unit=TRACE;juju.worker.proxyupdater=TRACE'
> #no-proxy: 'localhost,127.0.0.1,10.10.101.0/24,10.10.10.0/24'
> #http-proxy: 'http://10.10.10.88:3128'
> #https-proxy: 'http://10.10.10.88:3128'
> no-proxy: ''
> http-proxy: ''
> https-proxy: ''
> juju-no-proxy: 'localhost,127.0.0.1,10.10.101.0/24,10.10.10.0/24,*.
> canonical.com,*.ubuntu.com'
> juju-http-proxy: 'http://10.10.10.88:3128'
> juju-https-proxy: 'http://10.10.10.88:3128'
> apt-http-proxy: 'http://10.10.10.88:3128'
> apt-https-proxy: 'http://10.10.10.88:3128'
>
> juju model-config -m controller model-config.yaml
>
> dd6ca7e2-1304-456b-8d0a-d2eaa3993f53: machine-0 2018-05-25 22:17:54 DEBUG
> juju.worker.proxyupdater proxyupdater.go:165 new legacy proxy settings
> proxy.Settings{Http:"", Https:"", Ftp:"", NoProxy:"10.10.101.3",
> AutoNoProxy:""}
> dd6ca7e2-1304-456b-8d0a-d2eaa3993f53: machine-0 2018-05-25 22:17:54 DEBUG
> juju.worker.proxyupdater proxyupdater.go:186 new apt proxy settings
> proxy.Settings{Http:"http://10.10.10.88:3128", Https:"
> http://10.10.10.88:3128", Ftp:"", NoProxy:"*.canonical.com,*.ubuntu.com,
> 10.10.10.0/24,10.10.101.0/24,127.0.0.1,localhost", AutoNoProxy:""}
> 32041e72-121e-4e4c-89f7-7a35918f4a4c: unit-ubuntu-0 2018-05-25 22:18:13
> INFO unit.ubuntu/0.juju-log server.go:284 Reactive main running for hook
> update-status
>
> ubuntu@proxytest:~$ juju model-config -m controller | grep proxy
> apt-ftp-proxy default ""
> apt-http-proxy model http://10.10.10.88:3128
> apt-https-proxy model http://10.10.10.88:3128
> apt-no-proxy default ""
> ftp-proxy default ""
> http-proxy default ""
> https-proxy default ""
> juju-ftp-proxy default ""
> juju-http-proxy model http://10.10.10.88:3128
> juju-https-proxy model http://10.10.10.88:3128
> juju-no-proxy model localhost,127.0.0.1,10.10.101.
> 0/24,10.10.10.0/24,*.canonical.com,*.ubuntu.com
> logging-config model <root>=ERROR;unit=TRACE;juju.
> worker.proxyupdater=TRACE
> no-proxy model ""
> proxy-ssh default false
>
> With this model-config I still get requests sent out to a proxy.
>
> 1527286866.141 285 10.10.101.3 TCP_TUNNEL/200 3529 CONNECT
> streams.canonical.com:443 - HIER_DIRECT/91.189.88.141 -
> 1527286866.431 289 10.10.101.3 TCP_TUNNEL/200 6692 CONNECT
> streams.canonical.com:443 - HIER_DIRECT/91.189.88.141 -
> 1527286866.929 150 10.10.101.3 TCP_MISS/404 507 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/index2.sjson -
> HIER_DIRECT/91.189.92.141 text/html
> 1527286866.994 64 10.10.101.3 TCP_MISS/200 2894 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/index.sjson -
> HIER_DIRECT/91.189.92.141 -
> 1527286867.061 65 10.10.101.3 TCP_MISS/404 507 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/mirrors.sjson -
> HIER_DIRECT/91.189.92.141 text/html
> 1527286867.200 137 10.10.101.3 TCP_MISS/200 21719 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/com.
> ubuntu.cloud:released:gce.sjson - HIER_DIRECT/91.189.92.141 -
> 1527286869.411 5170 10.10.101.3 TCP_TUNNEL/200 52275 CONNECT
> api.jujucharms.com:443 - HIER_DIRECT/162.213.33.121 -
>
> Example implementation of wildcard support:
> https://go-review.googlesource.com/c/go/+/75730/
> 3/src/net/http/no_proxy.go#162
> https://go-review.googlesource.com/c/go/+/75730/
> 3/src/net/http/no_proxy.go#60
>
> ** Affects: juju
> Importance: Undecided
> Status: New
>
>
> ** Tags: cpe-onsite
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1773463
>
> Title:
> [2.4-beta3] wildcard syntax is not supported by no-proxy/juju-no-proxy
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1773463/+subscriptions
>
* is not supported (as it wasn't supported by the underlying Go proxy code).
However
"bar.com" matches foo.bar.com, as does ".bar.com"
So while we don't allow "*.bar.com" it can be expressed as just "bar.com"
and ".bar.com".
On Sat, May 26, 2018 at 2:43 AM, Dmitrii Shcherbakov <
<email address hidden>> wrote:
> Public bug reported: =ERROR; unit=TRACE; juju.worker. proxyupdater= TRACE' 127.0.0. 1,10.10. 101.0/24, 10.10.10. 0/24' 10.10.10. 88:3128' 10.10.10. 88:3128' 127.0.0. 1,10.10. 101.0/24, 10.10.10. 0/24,*. com,*.ubuntu. com' 10.10.10. 88:3128' 10.10.10. 88:3128' 10.10.10. 88:3128' 10.10.10. 88:3128' 1304-456b- 8d0a-d2eaa3993f 53: machine-0 2018-05-25 22:17:54 DEBUG proxyupdater proxyupdater.go:165 new legacy proxy settings Http:"" , Https:"", Ftp:"", NoProxy: "10.10. 101.3", 1304-456b- 8d0a-d2eaa3993f 53: machine-0 2018-05-25 22:17:54 DEBUG proxyupdater proxyupdater.go:186 new apt proxy settings Http:"http:// 10.10.10. 88:3128", Https:" 10.10.10. 88:3128", Ftp:"", NoProxy: "*.canonical. com,*.ubuntu. com, 0/24,10. 10.101. 0/24,127. 0.0.1,localhost ", AutoNoProxy:""} 121e-4e4c- 89f7-7a35918f4a 4c: unit-ubuntu-0 2018-05-25 22:18:13 0.juju- log server.go:284 Reactive main running for hook 10.10.10. 88:3128 10.10.10. 88:3128 10.10.10. 88:3128 10.10.10. 88:3128 127.0.0. 1,10.10. 101. 10.10.0/ 24,*.canonical. com,*.ubuntu. com ERROR;unit= TRACE;juju. proxyupdater= TRACE canonical. com:443 - HIER_DIRECT/ 91.189. 88.141 - canonical. com:443 - HIER_DIRECT/ 91.189. 88.141 - cloud-images. ubuntu. com/releases/ streams/ v1/index2. sjson - 91.189. 92.141 text/html cloud-images. ubuntu. com/releases/ streams/ v1/index. sjson - 91.189. 92.141 - cloud-images. ubuntu. com/releases/ streams/ v1/mirrors. sjson - 91.189. 92.141 text/html cloud-images. ubuntu. com/releases/ streams/ v1/com. cloud:released: gce.sjson - HIER_DIRECT/ 91.189. 92.141 - com:443 - HIER_DIRECT/ 162.213. 33.121 - /go-review. googlesource. com/c/go/ +/75730/ http/no_ proxy.go# 162 /go-review. googlesource. com/c/go/ +/75730/ http/no_ proxy.go# 60 /bugs.launchpad .net/bugs/ 1773463 juju-no- proxy /bugs.launchpad .net/juju/ +bug/1773463/ +subscriptions
>
> Looks like *.domain.com[:port] syntax is no supported by no-proxy (CIDR
> syntax is supported judging by other tests I performed):
>
> cat model-config.yaml
> logging-config: '<root>
> #no-proxy: 'localhost,
> #http-proxy: 'http://
> #https-proxy: 'http://
> no-proxy: ''
> http-proxy: ''
> https-proxy: ''
> juju-no-proxy: 'localhost,
> canonical.
> juju-http-proxy: 'http://
> juju-https-proxy: 'http://
> apt-http-proxy: 'http://
> apt-https-proxy: 'http://
>
> juju model-config -m controller model-config.yaml
>
> dd6ca7e2-
> juju.worker.
> proxy.Settings{
> AutoNoProxy:""}
> dd6ca7e2-
> juju.worker.
> proxy.Settings{
> http://
> 10.10.10.
> 32041e72-
> INFO unit.ubuntu/
> update-status
>
> ubuntu@proxytest:~$ juju model-config -m controller | grep proxy
> apt-ftp-proxy default ""
> apt-http-proxy model http://
> apt-https-proxy model http://
> apt-no-proxy default ""
> ftp-proxy default ""
> http-proxy default ""
> https-proxy default ""
> juju-ftp-proxy default ""
> juju-http-proxy model http://
> juju-https-proxy model http://
> juju-no-proxy model localhost,
> 0/24,10.
> logging-config model <root>=
> worker.
> no-proxy model ""
> proxy-ssh default false
>
> With this model-config I still get requests sent out to a proxy.
>
> 1527286866.141 285 10.10.101.3 TCP_TUNNEL/200 3529 CONNECT
> streams.
> 1527286866.431 289 10.10.101.3 TCP_TUNNEL/200 6692 CONNECT
> streams.
> 1527286866.929 150 10.10.101.3 TCP_MISS/404 507 GET
> http://
> HIER_DIRECT/
> 1527286866.994 64 10.10.101.3 TCP_MISS/200 2894 GET
> http://
> HIER_DIRECT/
> 1527286867.061 65 10.10.101.3 TCP_MISS/404 507 GET
> http://
> HIER_DIRECT/
> 1527286867.200 137 10.10.101.3 TCP_MISS/200 21719 GET
> http://
> ubuntu.
> 1527286869.411 5170 10.10.101.3 TCP_TUNNEL/200 52275 CONNECT
> api.jujucharms.
>
> Example implementation of wildcard support:
> https:/
> 3/src/net/
> https:/
> 3/src/net/
>
> ** Affects: juju
> Importance: Undecided
> Status: New
>
>
> ** Tags: cpe-onsite
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https:/
>
> Title:
> [2.4-beta3] wildcard syntax is not supported by no-proxy/
>
> To manage notifications about this bug go to:
> https:/
>