[zorp] Stacking programs doesn’t work and how to modify POST parameters?

Balazs Scheidler bazsi at balabit.hu
Mon Jun 30 16:16:16 CEST 2008 

On Sun, 2008-06-29 at 23:32 +0200, thomas.wenz at gmx-topmail.de wrote:
> Hi,
> 
> I installed zorp 3.1.14 (GPL) in Debian Etch a few days ago. It 
> works fine and is a really great program but I’ve got 2 problems 
> with the http-proxy-module Iwhich I just can't find a soluation.
> Perhaps someone can help me, I don't know what to try further...

You are correct about the program-stacking feature, it does not work,
because it was only relased as a part of the commercial Zorp version.

However since you were interested, we're willing to release the
accompanying work under the GPL as well.

You are also right about the fact that Zorp GPL 3.3 does not yet exist,
it is simply a matter of time.

> 
> 1.
> I want to be able to block sites with specific contents and in
> some cases modify the content.
> But I can't stack a program on the request or response. I always get
> an “Invalid Request” when I want to modify the request stack or an
> “Invalid Response” when I want to modify the response stack.
> 
> I think this should normally work as there’s a test in
> tests/functional/http/transfer/chunked-conversion.test in the
> source package of Zorp. I used the following code from the
> example there and it does not work:
> 
> class MyHttp(HttpProxy):        
>         def config(self):
>                 HttpProxy.config(self)
>                 self.timeout_request=30000
>                 self.request_stack["GET"] = (HTTP_STK_DATA,
> "/bin/cat")
>                 self.response_stack["GET"] = (HTTP_STK_DATA,
> "/bin/cat")
> 
> The other possibility I found in a doc at
> http://www.balabit.com/dl/white_papers/zorp-gateway-v3.1-tutorial-https-en.pdf
> and at
> http://www.balabit.hu/dl/html/zorp-reference-guide.html/ch01s01.html#embedded_analysis
> doesn’t work either and shows the same error messages. The code looks
> like this:
> self.response_stack["GET"] = (HTTP_STK_DATA, (Z_STACK_PROGRAM,
> "/bin/sed '/http:/s//https:/g'"))
> 
> Exchangig HTTP_STK_DATA with HTTP_STK_MIME doesn't change anything
> either.
> 
> Exchanging self.request_stack["GET"] with self.request_stack["POST"]
> just shows the difference that the error only occurs on POST-Requests
> and not on normal GET because it's just ignored or so.
> 
> The strange thing is that it seems like the external program isn’t
> even called because when I insert the command
> “touch /home/testuser/test”, the file is not touched. I also
> couldn’t find anything corresponding in strace output.
> 
> 2. 
> Is it somehow possible to modify/block POST-Parameters? Modifying
> the GET-Requests using the self.request_url-Parameter is easy but
> I could not find any way to do this with POST-data. I tried passing
> it to an external program for analyzing/modifying but this does not
> work (see 1)?
> 
> 
> I also tried an upgrade to 3.3 but it seems like common-gpl isn't
> included yet. When I left it out of my sources.list I then ran into 
> problems concerning the locales package (could not be installed 
> because of errors). Is 3.3 for another Debian version or Ubuntu? 
> Could the 3.3 solve my problems above?

We have some pre-published tutorials that describe how validate GET/POST
parameters while they are going through the HTTP proxy of Zorp. This is
all implemented in the "AnyPy" proxy, that can be used to write proxy
modules for Zorp in Python. (other proxies are written in C for
performance).

The reasons these are not yet published is that they depend on some
patches against the Zorp core which have not yet been integrated. If you
are interested, I can send you these tutorials as well.

So in summary:
  * Zorp 3.3 is coming RSN :)
  * we are willing to add program stacking into Zorp 3.3 GPL



-- 
Bazsi

More information about the zorp mailing list