Hi, I was using the kernel from the latest ZorpOS which worked for 3.14. I've compiled a new kernel with kernel-patchtree-2.6.17-zorpos-4.1.4. This loads up TProxy 4.0 and now it works! The old kernel had TProxy 3.0 so this was the problem.
The "GET" request has no data payload, that's why it is not stacking anything. For POST it should start the stacked program before connecting to the destination.
From my limited point of view, it looks like it's after the connect (see log below). Do you know a possibility how to move it up so that it's called before "Filtering request and headers;"? Or can I alternatively perform own changes in the "Request postfilter header;"-section (meaning: moving the "Filtering request and headers;" section down)? Is there also a possibility to activate it for GET and emtpy requests(in fact, if a tamper a POST so that it contains no payload it's also not handled over)? I think I need to remove some checks in the C-code to achieve this, correct?
I actually need the aboce for the following scenario: 1. The whole request is handled over to an external program no matter what it contains. (I first tried it with an AnyPy in front but I couldn't stack http on it...) 2. The external program decides what needs to be changed (headers and data) and logs the whole requests. 3. I've already managed to include some code in http.c so that a python-function is called just before headers are modified through Zorp. Based on the result of the external program I know how to change the headers (not in the config-function like normally where I have no information about the request). The link between the external program and the python function is done by asking for an ID in a database which returns the changes to be made. This also makes it possible to filter headers which are unknown before the request arrives. It's not really a performance solution but the normal rules are a little bit too static for me and security is considered higher as performance for me... I surely could do that by running some kind of tcpdump but this doesn't work with SSL and it's difficult to synchronize (Zorp could have already sent before the changes are calculated!). Thomas Wenz http.debug(6): (svc/HTTP_instance:0/http): processing request and headers; http.debug(6): (svc/HTTP_instance:0/http): Filtering request and headers; http.debug(6): (svc/HTTP_instance:0/http): Reprocessing filtered request; http.accounting(4): (svc/HTTP_instance:0/http): Accounting; command='POST', url='http://10.1.1.9/test.php' http.debug(6): (svc/HTTP_instance:0/http): Sending request and headers, copying request data; core.debug(6): (svc/HTTP_instance:0/http): Attribute fetched; attribute='server_local_tos', value='0' core.debug(7): (svc/HTTP_instance:0/http): Connecting to remote host; protocol='1', local='AF_INET(10.1.1.1:4345)', remote='AF_INET(10.1.1.9:80)' core.debug(7): (svc/HTTP_instance:0/http): Initiating connection; from='AF_INET(10.1.1.1:4345)', to='AF_INET(10.1.1.9:80)' core.debug(6): (svc/HTTP_instance:0/http): Established connection; protocol='1', remote='AF_INET(10.1.1.9:80)', local='AF_INET(10.1.1.1:4345)', dest='AF_INET(10.1.1.9:80)' core.session(3): (svc/HTTP_instance:0/http): Server connection established; server_fd='18', server_address='AF_INET(10.1.1.9:80)', server_zone='Zone(attack, 10.1.1.0/24)', server_local='AF_INET(10.1.1.1:4345)', server_protocol='TCP' core.debug(6): (svc/HTTP_instance:0/http): Attribute fetched; attribute='request_method', value=''POST'' core.debug(6): (svc/HTTP_instance:0/http): Stacking program; client='19:20', server='21:22', control='23:24', program='/bin/echo' core.debug(6): (svc/HTTP_instance:0/http/client_downstream): Shutdown channel; fd='19', mode='0' core.debug(6): (svc/HTTP_instance:0/http/server_downstream): Shutdown channel; fd='21', mode='1' core.debug(7): (svc/HTTP_instance:0/http): Eofmask is updated; old_mask='0000', eof_mask='0000' core.debug(7): (svc/HTTP_instance:0/http): Eofmask is updated; old_mask='0000', eof_mask='0000' core.dump(7): (svc/HTTP_instance:0/http/client): Reading stream; stream='ZStreamLine', count='12' core.dump(9): (svc/HTTP_instance:0/http/client): data line 0x0000: 74 65 73 74 3D 64 64 66 67 64 66 67 test=ddfgdfg core.dump(7): (svc/HTTP_instance:0/http/client): Reading stream; stream='ZStreamLine', count='12' core.dump(9): (svc/HTTP_instance:0/http/client): data line 0x0000: 74 65 73 74 3D 64 64 66 67 64 66 67 test=ddfgdfg core.debug(7): (svc/HTTP_instance:0/http): Eofmask is updated; old_mask='0000', eof_mask='0400' core.dump(7): (svc/HTTP_instance:0/http/client_downstream): Writing stream; stream='ZStreamFD', count='12' core.dump(9): (svc/HTTP_instance:0/http/client_downstream): data line 0x0000: 74 65 73 74 3D 64 64 66 67 64 66 67 test=ddfgdfg core.debug(6): (svc/HTTP_instance:0/http/client_downstream): Shutdown channel; fd='19', mode='1' core.debug(7): (svc/HTTP_instance:0/http): Eofmask is updated; old_mask='0400', eof_mask='0500' core.dump(7): (svc/HTTP_instance:0/http/server_downstream): Reading stream; stream='ZStreamFD', count='12' core.dump(9): (svc/HTTP_instance:0/http/server_downstream): data line 0x0000: 74 65 73 74 3D 64 64 66 67 64 66 67 test=ddfgdfg http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Host', value='10.1.1.9' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='User-Agent', value='Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9) Gecko/2008052906 Firefox/3.0' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Accept', value='text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Accept-Language', value='de-de,de;q=0.8,en-us;q=0.5,en;q=0.3' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Accept-Encoding', value='gzip,deflate' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Accept-Charset', value='ISO-8859-1,utf-8;q=0.7,*;q=0.7' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Keep-Alive', value='300' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Connection', value='keep-alive' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Referer', value='http://10.1.1.9/test.php' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Content-Type', value='application/x-www-form-urlencoded' http.request(7): (svc/HTTP_instance:0/http): Request postfilter header; hdr='Transfer-Encoding', value='chunked' -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser