In an earlier post I shared a Bash script that automated proxy settings and Wi‑Fi management for macOS. It worked, but in practice the level of complexity and number of moving parts made it hard to maintain and occasionally affected user connectivity.

After revisiting the requirements and reviewing feedback, I decided to strip the solution back to essentials. The result is Proxymon, a lightweight monitor that toggles a Proxy Auto‑Config (PAC) file on or off based solely on network reachability. Thanks to Fred from Jamf for putting this together and making it ten zillion times simpler.

Key changes

  • The script enables the PAC URL across all network services when the PAC host is resolvable, and disables it when unreachable.
  • Network change events are tracked via notifyutil for immediate reaction to interface changes.
  • There’s no Wi‑Fi toggling or user state tracking – this version focuses exclusively on proxy settings to reduce risk.

The script

Edit the hostName and pacFileUrl variables to suit your environment.

#!/bin/bash
hostName="pac.domain.local"
pacFileUrl="http://${hostName}/filename.pac"

setPac(){ 
    local state="${1}"
    interfaces=($(networksetup -listallnetworkservices | grep -v '*'))
    for k in ${interfaces[@]}
    do
        currentSetting=$(networksetup -getautoproxyurl ${k})
        if [[ ! ${currentSetting} = ${pacFileUrl} ]] && [[ ${state} = "on" ]]
        then
            networksetup -setautoproxyurl "${k}" "${pacFileUrl}"
            networksetup -setautoproxystate "${k}" on
        elif [[ ${currentSetting} = ${pacFileUrl} ]]  && [[ ${state} = "on" ]]
        then
            networksetup -setautoproxystate "${k}" on
        else
            networksetup -setautoproxystate "${k}" off
        fi
    done
}

notifyutil -w "com.apple.system.config.network_change.dns" -w "com.apple.system.config.network_change.nwi" | while read line; do
        if host -W 1 ${hostName} > /dev/null 2>&1
        then
            setPac on
        else
            setPac off
        fi
done

For automatic loading at startup, deploy a LaunchDaemon:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>Label</key>
        <string>com.proxymon.daemon</string>
        <key>ProgramArguments</key>
        <array>
            <string>/usr/local/proxymon.sh</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
    </dict>
</plist>

Deployment in Jamf Pro

  1. Copy the script to /usr/local/proxymon.sh.
  2. Copy the LaunchDaemon to /Library/LaunchDaemons/com.proxymon.daemon.plist.
  3. Use a Jamf Pro policy to deploy the files and run launchctl load /Library/LaunchDaemons/com.proxymon.daemon.plist once.

By focusing on proxy configuration alone, Proxymon is easier to maintain and should integrate smoothly into your existing management workflows.

Categorized in:

Jamf,