Python代理-> dansguardian:如何發送原始源ip?
[英]Python proxy -> dansguardian: How to send original source ip?
問題描述
我有一個DNS的python代理。 當我收到DNS請求時,我需要代表原始源將http請求傳遞給dansguardian,讓它決定對請求的處理方式,獲取結果,並根據dansguardian的響應將客戶端重定向到其他地方。
網絡骨架是這樣的:
Client -> DNS Proxy -> DG -> Privoxy -> Web.
客戶端請求A ,DNS代理攔截,代表客戶端詢問DG,得到答案:1.如果DG對其進行了過濾,則代理發送本地IP地址而不是A問題的實際IP。 2.如果DG沒有過濾,DNS代理服務器將使客戶端的網絡自然流動。
這是我嘗試過的示例python代碼:
data,addr = sock.recvfrom(1024)
OriginalDNSPacket = data
# I get OriginalDNSPacket from a socket
# to which iptables redirected all port 53 packets
UDPanswer = sendQues(OriginalDNSPacket, '8.8.8.8')
proxies = {'http': 'http://127.0.0.1:8080'} # DG Port
s = requests.Session()
d = DNSRecord.parse(UDPanswer)
print d
ques_domain = str(d.questions[0].get_qname())[:-1]
ques_tld = tldextract.extract(ques_domain)
ques_tld = "{}.{}".format(ques_tld.domain, ques_tld.suffix)
print ques_tld
for rr in d.rr:
try:
s.mount("http://"+ques_tld, SourceAddressAdapter(addr[0])) # This was a silly try, I know.
s.proxies.update(proxies)
response = s.get("http://"+ques_tld)
print dir(response.content)
print response.content
if "Access Denied" in response.content:
d.rr = []
d.add_answer(*RR.fromZone(ques_domain + " A " + SERVER_IP))
d.add_answer(*RR.fromZone(ques_domain + " AAAA fe80::a00:27ff:fe4a:c8ec"))
print d
socket.sendto(d.pack(), addr)
return
else:
socket.sendto(UDPanswer, addr)
return
except Exception, e:
print e
pass
問題是如何將請求發送給DG,並欺騙請求(例如,請求來自客戶端)?
1 個解決方案
解決方案1
0 已采納 2016-05-23 13:51:32
在dansguardian.conf中,需要啟用usexforwardedfor 。
因此,conf現在看起來像這樣:
...
# if on it adds an X-Forwarded-For: <clientip> to the HTTP request
# header. This may help solve some problem sites that need to know the
# source ip. on | off
forwardedfor = on
# if on it uses the X-Forwarded-For: <clientip> to determine the client
# IP. This is for when you have squid between the clients and DansGuardian.
# Warning - headers are easily spoofed. on | off
usexforwardedfor = on
...
在代理服務器上,我只需要添加以下內容(我之前曾嘗試過),但是由於DG conf的原因,它不起作用:
response = s.get("http://"+ques_tld, headers={'X-Forwarded-For': addr[0]})
它像魅力一樣運作。
謝謝@boardrider。
如何驗證IP是否替換為代理服務器(selenium,python)
[英]How to verify if the IP is replaced with proxy server(selenium, python)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.