How to configure the proxy bypass for a range of internal ip by no_proxy environment variable

[chucklu]

Setup

• Which version of Git for Windows are you using? Is it 32-bit or 64-bit?

$ git --version --build-options

git version 2.20.1.windows.1
cpu: x86_64
built from commit: 7c9fbc07db0e2939b36095df45864b8cda19b64f
sizeof-long: 4
sizeof-size_t: 8

• Which version of Windows are you running? Vista, 7, 8, 10? Is it 32-bit or 64-bit?

$ cmd.exe /c ver

Microsoft Windows [Version 10.0.16299.904]

• What options did you set as part of the installation? Or did you choose the
  defaults?

$ cat /etc/install-options.txt

Editor Option: Notepad++
Custom Editor Path:
Path Option: Cmd
SSH Option: OpenSSH
CURL Option: WinSSL
CRLF Option: CRLFAlways
Bash Terminal Option: MinTTY
Performance Tweaks FSCache: Enabled
Use Credential Manager: Enabled
Enable Symlinks: Disabled

• Any other interesting things about your environment that might be related
  to the issue you're seeing?

I have configured the http.proxy for "git for windows", it was used to exchange data with github, and it can not communicate with intranet.
And I have internal git servers with intranet ip 172.31.212.149 and 172.31.212.138.

I first tried with 172.31.212.* to do the bypass, it did not work.

Then I found Set a network range in the no_proxy environment variable, I configured the no_proxy as

C:\WINDOWS\system32>set no_proxy
NO_PROXY=localhost,127.0.0.1,172.31.212.{1..255}

The bypass still did not work.

By the way, currently I can enum the ips(172.31.212.149 and 172.31.212.138) above to do the bypass successfully. I am just wondering if it is possible to configure the bypass for a range of ip instead of enum all of them.

Details

• Which terminal/shell are you running Git from? e.g Bash/CMD/PowerShell/other

Bash

• What commands did you run to trigger this issue? If you can provide a
  Minimal, Complete, and Verifiable example
  this will help us understand the issue.

git fetch

• What did you expect to occur after running these commands?

fetch from internal server successfully

• What actually happened instead?

the cmd stucked first, then failed with 502 error

$ git_trace=1 gcm_trace=1 git fetch v5
18:06:54.570118 exec-cmd.c:236          trace: resolved executable dir: C:/Program Files/Git/mingw64/bin
18:06:54.579141 git.c:418               trace: built-in: git fetch v5
18:06:54.598192 run-command.c:643       trace: run_command: GIT_DIR=.git git remote-http v5 http://172.31.212.149:8080/r/Test/Test_5.0.0.0.git
18:06:54.670388 exec-cmd.c:236          trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
18:06:54.676403 git.c:675               trace: exec: git-remote-http v5 http://172.31.212.149:8080/r/Test/Test_5.0.0.0.git
18:06:54.676403 run-command.c:643       trace: run_command: git-remote-http v5 http://172.31.212.149:8080/r/Test/Test_5.0.0.0.git
18:06:54.757623 exec-cmd.c:236          trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
fatal: unable to access 'http://172.31.212.149:8080/r/Test/Test_5.0.0.0.git/': The requested URL returned error: 502

[dscho]

See https://curl.haxx.se/libcurl/c/CURLOPT_NOPROXY.html:

The only wildcard available is a single * character, which matches all hosts, and effectively disables the proxy.

You could list them individually:

The string consists of a comma separated list of host names that do not require a proxy to get reached, even if one is specified.

Or if you can use a domain name:

If the name in the noproxy list has a leading period, it is a domain match against the provided host name. This way ".example.com" will switch off proxy use for both "www.example.com" as well as for "foo.example.com".

Alternatively, you can configure git config http.proxy "" for all remotes in a repository, or finer-grained git config http.<url>.proxy "" for individual remotes (identified by their ).

[chucklu]

@dscho Thanks very much.