tcpproxy | Intercepting TCP proxy to modify raw TCP streams | Proxy library
kandi X-RAY | tcpproxy Summary
kandi X-RAY | tcpproxy Summary
This tool opens a listening socket, receives data and then runs this data through a chain of proxy modules. After the modules are done, the resulting data is sent to the target server. The response is received and again run through a chain of modules before sending the final data back to the client. To intercept the data, you will either have to be the gateway or do some kind of man-in-the-middle attack. Set up iptables so that the PREROUTING chain will modify the destination and send it to the proxy process. The proxy will then send the data on to whatever target was specified. This tool is inspired by and partially based on the TCP proxy example used in Justin Seitz' book "Black Hat Python" by no starch press.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Start a proxy thread
- Log a message
- Process data
- Check if the client is a clientHello
- Update source and destination hosts
- Receive data from a socket
- Returns True if local_socket is used to start TLS
- Prints a message
- Enable SSL
- Evaluate response
- Detect line break
- Generates a list of module instances
- Parse module options
- Print module help text
- Generate a list of modules from a string
- Check if an ip is a valid IPv4 address
- Parse command line arguments
- List proxy modules
- Print a message
tcpproxy Key Features
tcpproxy Examples and Code Snippets
Community Discussions
Trending Discussions on tcpproxy
QUESTION
I am trying to develop a tcp proxy, in this tcp proxy I will have to manipulate both http and tcp requests.
At the moment for the incoming request I detect if it is an http or tcp request, if it is an http then I parse it into an http.Request:
ANSWER
Answered 2021-Sep-05 at 08:20An http.Request object has a Write method:
QUESTION
I am trying to set TCP idleTimeout via an Envoy Filter, so that outbound connections external domain some.app.com will be terminated if they are idle for 5s:
ANSWER
Answered 2021-May-11 at 09:41This is a community wiki answer. Feel free to expand it.
As already discussed in the comments, the EnvoyFilter was not yet supported in Istio version 1.2 and actually that version is no longer in support since Dec 2019.
I strongly recommend upgrading to the latest Istio and Envoy versions. Also, after you upgrade please notice that the filter name you want to use was deprecated and replaced. You should now use envoy.filters.network.tcp_proxy instead of envoy.tcp_proxy.
Please remember that things are getting deprecated for a reason and keeping the old versions will sooner or later bring you more trouble. Try to keep things more up-to-date.
More details can be found in the latest docs.
QUESTION
I have TCP proxied a service, using envoy. How can I add external authorization to it?
following is my envoy.yaml:
ANSWER
Answered 2021-Apr-21 at 14:41You'll need to insert the envoy.filters.network.ext_authz filter into the filter chain before the envoy.filters.network.tcp_proxy and setup a cluster that will actually make the Authz decision.
The envoy docs have a good example to follow.
QUESTION
We have set up Istio, and we are using ISTIO ingress gateway for inbound traffic. We have set up TLS for TCP port. Sample code can be found here.
We also enabled logs by following this ISTIO guide
We tested the TLS connection using openssl and it works fine.
However, when we try to connect from an application, the TLS negotiation fails. I have provided more details with wireshark here
We would like to get logs from ISTIO on the TLS negotiation ... and find why it fails.
Istio Gateway YAML
...ANSWER
Answered 2020-Aug-14 at 15:09After getting the message of no matching filter chain, I found the filter chain for the port 31020 with the domain that I have provided in my Gateway config. It looks like while connecting my application(ODBC), the host was not being provided.
The solution is simply to replace the host domain by '*'
QUESTION
I am trying to develop a TCP proxy library using Python 3. I have based my code on Python 2 example code, written by LiveOverflow. His original code is found in his video. My proxy library is intended to work like this: there is a proxy object containing a server-side object and a client-side object. The client-side object mimics a server, while the server-side object mimics a client. The two pass data to each other through the parent proxy object. To initiate the proxy, the script using the library instantiates the proxy with the port the client side is going to host on and the ip address and port the server side is going to connect to. Here is the code:
TCP.py:
...ANSWER
Answered 2020-Aug-02 at 02:15I have solved the issue. Browsers use a random port to send http/https requests. As I understand, this can be circumvented by adding a colon and the desired port number to the end of the url.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install tcpproxy
You can use tcpproxy like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
