Why browsers ignores /etc/hosts behind a SOCKS proxy?

My MacBook in office does not have internet access. So I set up an instant SOCKS Proxy over SSH to surf the web.

However, when I try to add an entry to /etc/hosts, the browser does not go to the site I expected ...

My MacBook's WIFI is off and is connected to the company LAN:

 IP address:  192.168.8.250
 Subnet mask: 255.255.255.0
 Router:      192.168.8.1
 DNS server:  8.8.8.8

Be default, there is not internet access.

There a Linux development box (192.168.12.128) which has access to the internet, so I set up an instant SOCKS proxy to gain internet access for my MacBook:

 ssh -fND localhost:30000 [email protected]

Then in my MacBook's System Preferences > Network > Proxies

 (Enable) SOCKS Proxy
 SOCKS Proxy sever: 127.0.0.1:30000
 Bypass proxy settings for these Hosts & Domains:
   *.local, 169.254/16, 127.0.0.1

Now I can surf the web, so far so good.

For development, I set up a few entries in /etc/hosts for virtual hosts purpose:

 127.0.0.1 air.company.com

In bash:

 $ ping air.company.com
 PING air.ohho.es (127.0.0.1): 56 data bytes
 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.046 ms

 $ curl air.company.com
 <html>OK</html>

It looks good and curl returns the content of the index.html nicely.

However, if I try to open the site:http://air.company.com in the browsers (Safari/Chrome/Firefox), none of them returns the result like curl did. Chrome give an error:

This webpage is not available The webpage at http://air.company.com/ might be temporarily down or it may have moved permanently to a new web address. Error 120 (net::ERR_SOCKS_CONNECTION_FAILED): Unknown error.

If I add another entry in /etc/hosts:

 127.0.0.1 www.microsoft.com

In bash:

 $ ping www.microsoft.com
 PING www.microsoft.com (127.0.0.1): 56 data bytes
 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.047 ms
 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.128 ms
 ^C
 --- www.microsoft.com ping statistics ---
 2 packets transmitted, 2 packets received, 0.0% packet loss
 round-trip min/avg/max/stddev = 0.047/0.087/0.128/0.041 ms

 $ curl www.microsoft.com
 <html>OK</html>

However, the browsers returns the content from the web server of the real Microsoft site, instead of the content from my MacBook (127.0.01). Why?

p.s.

If I disable the SOCKS proxy, the browser returns the content from 127.0.0.1 correctly.

If I disconnect the LAN cable, the browser returns the content from 127.0.0.1 correctly.


Solution 1:

Your browser is asking the SOCKS proxy for the sites, it is not connecting directly. Therefore putting the IP address in the exceptions list doesn't work, as your computer is not performing the look up of air.company.com to 127.0.0.1. The SOCKS proxy is.

To avoid this, place the full domain name of what you are accessing locally in the exceptions list in System Preferences > Network > Proxies.

So for air.company.com you'd see an exception list (from your example above) of:

  *.local, 169.254/16, 127.0.0.1, air.company.com

Your computer will now connect to air.company.com directly, and therefore make use of /etc/hosts.