Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Proxy in perl

by santosh_wagh (Novice)
on Sep 10, 2012 at 06:53 UTC ( #992680=perlquestion: print w/ replies, xml ) Need Help??
santosh_wagh has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I am new in perl.I need some guidance for creating http proxy in perl my proxy will be listening on span(mirror) port of switch where i can capture all the http request & need to block certain URLs. i am able to view the all urls but dont understand how to block it. i am highly appreciate if i some one will help me for the same. thanks in advance.

Comment on Proxy in perl
Re: Proxy in perl
by Anonymous Monk on Sep 10, 2012 at 06:59 UTC

    i am able to view the all urls but dont understand how to block it.

    Where?

    proxy?

      All users are connected to one port switch this port is mirror where i have connected single machine with freebsd operating system.I am using Sniffer::HTTP module to catch the url.i want to block xyz.com for all users . i dont know how i can do it please find the following codes for your reference

      #!/usr/bin/perl use strict; use Net::Pcap; use Sniffer::HTTP; use Net::RawIP; my $VERBOSE = 0; my $sniffer = Sniffer::HTTP->new( callbacks => { request => sub { my ($req,$conn) = @_; my $src = $conn->tcp_connection->src_host; my $sport = $conn->tcp_connection->src_port; my $dst = $conn->tcp_connection->dest_host; my $dport = $conn->tcp_connection->dest_port; my $myurl = $req->uri; if ( $myurl =~ "http://xyz.com" ) { system("/usr/bin/perl /myscripts/socket3.pl $dst $dport $src $sport"); } print "Request: $src:$sport -> $dst:$dport -> $myurl \n"; } }, ); $sniffer->run('alc0'); # uses the "best" default device

      code of /usr/bin/perl /myscripts/socket3.pl

      use Net::RawIP; $src_host = $ARGV[0]; # The source IP/Hostname $src_port = $ARGV[1]; # The Source Port $dst_host = $ARGV[2]; # The Destination IP/Hostname $dst_port = $ARGV[3]; # The Destination Port. $n = Net::RawIP->new({ ip => { saddr => "$src_host" , daddr => "$dst_host", }, tcp => { source => "$src_port", dest => "$dst_port", rst => 1, }, }); $n->send; $n->ethnew("alc0"); $n->ethset(source => "$src_host", dest => "dst_host" ); $n->ethsend;

        Please learn about TCP, and learn about what Sniffer::HTTP does.

        There is no way to modify the network connection or data using Sniffer::HTTP.

        Have you looked at the HTTP proxy modules on CPAN?

Re: Proxy in perl
by Corion (Pope) on Sep 10, 2012 at 07:06 UTC

    Read the documentation of your switch, and maybe a good book about TCP.

    I highly doubt that you can influence the network traffic from the mirror port, because the mirror port just gets a copy of all data, but cannot take part in the network communication.

      i mean to implement pass by filtering like http://smoothwallweb.s3.amazonaws.com/WhitePaper/PassBy%20White%20Paper%20-%2006-2011.pdf

        Have you read that paper? Even that paper tells you that what you want does not work, and also even tells you why. Even with pretty pictures. And it is a paper telling its readers that "pass by" filtering is a thing of the past.

        I suggest you learn about the topic, like I already suggested, two times.

Re: Proxy in perl
by rpnoble419 (Pilgrim) on Sep 10, 2012 at 17:18 UTC
    This is not a Perl issue. You need to read the documentation on your router and see if it supports url blocking or filtering. If it does, then you could write a Perl program to read the logs from the router and keep the blocked URL list up to date....

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://992680]
Approved by ww
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (6)
As of 2014-08-01 05:12 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (256 votes), past polls