How to avoid proxy issues

When your PC is connected on Network protected by Proxy, in order to avoid proxy issue when downloading Open Source packages, some utilities are embedded in a baseline.

1 Proxy issues

Before downloading a baseline and having access to the "proxy bypass" help (utility described in next chapter), you may already encounter issues with proxy.
A proxy server is generally another computer serving as a hub through which internet traffic is processed and controlled (in both ways). A proxy used in a facility may exercise some controls on web accesses, including controls on the protocol, the ID of the request, the destination internet address...
"ID of the request" means the proxy server needs to authenticate the requester. So within the proxy settings you will find your login and password.

A proxy that is inappropriately configured may brake the access to useful services on the internet.

1.1 Check your computer has the right proxy settings

If needed, ask your IT department for your proxy address.


  • Ping your proxy to make sure you have the right name (you obtain in return its IP address (may be useful))
PC $> ping -c 1 <yourproxy.com>
PING <yourproxy.com> (xx.yyy.zz.v) 56(84) bytes of data.
64 bytes from <yourproxy.com> (xx.yyy.zz.v): icmp_seq=1 ttl=58 time=14.6 ms
                                          
--- <yourproxy.com> ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 14.669/14.669/14.669/0.000 ms

Any application requesting interaction with the Internet will require your proxy server address because every request to the internet will have to be routed to it first. Check your environment variables, this is usually how applications determine the proxy server. These variables may be defined in upper case or lower case.

  • On Linux®:
PC $> env | grep proxy
http_proxy=http://<login>:<password>@<yourproxy.com>:8080
ftp_proxy=http://<login>:<password>@<yourproxy.com>:8080
https_proxy=http://<login>:<password>@<yourproxy.com>:8080

If not done yet, you have to export the required variables, for ex:

PC $> export http_proxy=http://<login>:<password>@<yourproxy.com>:8080


  • On Windows®:

Seach "variables" in your Windows® environment and enter a new variable for your account in the dialog box like below:

Ex: Variable="HTTP_PROXY" value="http://<login>:<password>@<yourproxy.com>:8080"

1.2 Check your proxy can bypass standard requests (needed for Yocto development)

  • HTTP
PC $> curl -v http://github.com
.
.
> Host: github.com
> Accept: */*
.
.
  • HTTPS
PC $> curl -v https://github.com
.
.
> Host: github.com
> Accept: */*
.
.
  • GIT
PC $> git ls-remote git://git.openembedded.org/openembedded-core.git
6b9dd7a589537b12da648be50298cf7d36461797	HEAD
.
.
  • SSH

SSH protocol is not used for ST deliveries, proxy bypass is very complex and IT dependent.
One could test ssh access thanks to Github: See this page.

Info.png Any required protocol blocked by your proxy will prevent you from working. Ask your IT department to allow the required protocols


2 How to use proxy bypass ?

Info.png Default proxy settings may be updated according to your network setup. Check proxy bypass on-line help (--help option) to do so...

From the directory in which the repo sync has been launched, execute the following instructions :

  • First use: initialization required
PC $> ./meta-st/scripts/proxy_bypass.sh init
PC $> ./meta-st/scripts/proxy_bypass.sh enable
  • Populate ENV proxy variables for OpenEmbedded usage (two options)
  • Set ENV proxy variables ONLY for the current bash session
 PC $> source ./meta-st/scripts/proxy_bypass.sh session
  • Preferred solution since modifications are efficient for any new bash session : set/copy ENV proxy variables in your bashrc file
 PC $> ./meta-st/scripts/proxy_bypass.sh bashrc
 PC $> source $HOME/.bashrc


  • Dynamic proxy bypass script activation/deactivation
  • If a PC is not connected on the Network for which the proxy bypass has been configured: you can disable the proxy bypass configuration:
 PC $> ./meta-st/scripts/proxy_bypass.sh disable
  • When a PC is connected again on the Network: you can re-enable you proxy bypass configuration:
 PC $> ./meta-st/scripts/proxy_bypass.sh enable


  • Password update
  • Update of the password: .bashrc file will be automatically updated if it was populated previously
 PC $> ./meta-st/scripts/proxy_bypass.sh update
  • To apply password update:
[current bash session ]  PC $> source ./meta-st/scripts/proxy_bypass.sh session
[bashrc used by script]  PC $> source $HOME/.bashrc



Attachments

Discussions