A small command line tool to set proxy configuration on Windows.
Using command-line only windows version (Core or Nano) behind a proxy can be problematic: some windows applications use IE settings but there is no good way to set them, other use WinHTTP settings that netsh winhttp can configure but it's not available on latest nano server images.
proxyconf aim to be a simple command line tool that can do this configuration and is suitable to use in containers (Docker).
FROM microsoft/nanoserver:1803
COPY proxyconf.exe .
RUN proxyconf set proxy 10.0.0.1:8080 "*.my-company;<local>" \
&& proxyconf winhttp proxy 10.0.0.1:8080 "*.my-company;<local>"proxyconf showShow the current proxy configurationproxyconf setSet the current user proxy configuration. One of theses must be specified:no-proxyNo proxy should be used.auto-detectAutomatically detect settings. Windows will use the Web Proxy Autodiscovery Protocol or fallback to direct connectionproxy <ADDRESS:PORT> [BYPASS_LIST]Use an hardcoded proxy (or proxies, see below) with an optional bypass list.setup-script <URL>Use Proxy auto-config (PAC) from the specified URL.
proxyconf winhttpSet the system-wide winhttp proxy configuration. One of theses must be specified:no-proxyNo proxy should be used.proxy <ADDRESS:PORT> [BYPASS_LIST]Use an hardcoded proxy (or proxies, see below) with an optional bypass list.
Common values:
ADDRESS:PORTThe proxy server and optional port to use.
Can also be a list ofprotocol=address:portseparated by semicolons (;). The protocols arehttp,https,ftpandsocks.BYPASS_LISTOptional list of addresses that bypass the proxy separated by semicolons (;).
Use<local>to bypass all short name hosts.
Default to<local>if not specified.
Per-user settings (by default, there is a registry flag to have system ones) used by Internet Explorer initially and now by most applications.
They can be edited in the GUI from Internet Explorer settings or on recent versions of Windows directly from the control panel.
A binary key storing settings for applications using the WinHTTP programming interface. It doesn't support much more than a static proxy but it's supported by services like windows update.
This tool set some specific keys in the registry, with the following format:
Stored as a REG_BINARY value.
- One key per connection exists under
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connectionswith the default one for LAN underDefaultConnectionSettings. - If
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet SettingskeyProxySettingsPerUseris1(DWORD) the same location is used inHKEY_LOCAL_MACHINEinstead and the settings are global. - The WinHTTP settings use an old version in a value named
WinHttpSettingsunder the keyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
I know of 3 versions:
- 0x28 Used by
netsh winhttp - 0x3C Used in IE 6
- 0x46 Used since IE 7 and still used in IE 11 / Windows 10
The (undocumented) format is (With all values in little endian):
version: u32Version numbercounter: u32An incremential counter used to detect changes.configuration_bits: u32A bit field with the following bits:1Always set2Use manual proxy3Use setup script (version >= 0x3C)4Automatically detect settings (version >= 0x3C)
proxy_address_len: u32Length of the proxy address string.proxy_addres: Vec<u8>Proxy address (ASCII).bypass_list_len: u32Length of the bypass list string.bypass_list: Vec<u8>Bypass list (ASCII).setup_script_len: u32Length of the setup script url string. (version >= 0x3C)setup_script: Vec<u8>Setup script url (ASCII). (version >= 0x3C)- 28 unknown bytes for version 0x3C, 32 for version 0x46
They aren't used anymore but are kept for applications that might access them directly, the GUI set them when a change is done but doesn't read it.
They are stored in the registry key HKCU:SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections.