firefox: add vpn bypass instructions

firefox/bypass/README.md

@@ -0,0 +1,50 @@
+# VPN bypass handling
+
+There are certain sites I need to connect to directly rather than through my system-wide VPN. Rather than struggling with configuring the VPN client itself to do this, I run a Linux VM in bridged networking mode. I open a dynamic forwarded port into the VM, and configure my browser to use the local port as a SOCKS proxy for the appropriate hosts.
+
+## Installing Alpine Linux
+
+These instructions should work roughly the same on VMware Player, VMware Workstation, VirtualBox, and probably others.
+
+Create a new VM from the `alpine-virt-*.iso` image. Set its network adapter to run in bridged mode. Start the VM and sign in.
+
+Run `setup-alpine` and go through the prompts. Most of the questions can be answered with the default answers. But when asked which disk to use, make sure you don't select `none`. And when asked what the disk should be used for, answer `sys`. Don't set a password. Reboot. Make note of the VM's local network IP address.
+
+## Configuring `sshd`
+
+In the VM, edit `/etc/ssh/sshd_config` and find and edit the appropriate lines to set the following config values:
+
+```
+PermitRootLogin yes
+PermitEmptyPasswords yes
+AllowTcpForwarding yes
+```
+
+Restart the SSH server with `service sshd restart` (or restart the whole VM).
+
+## Configuring `ssh`
+
+On the real machine, add an entry to `~/.ssh/config` with something like:
+
+```
+Host bypass
+HostName 1.2.3.4
+User root
+DynamicForward 8000
+```
+
+## Configuring PAC
+
+Point the browser to use a manual proxy configuration file containing something like:
+
+```js
+function FindProxyForURL(url, host) {
+	return /(^|\.)(example\.com|example\.net)$/.test(host) ? 'SOCKS 127.0.0.1:8000' : 'DIRECT';
+}
+```
+
+## Using the VPN bypass
+
+- Start the VM
+- `ssh` into the VM
+- Browse to the website