使用Jpcap创建反向代理

Question

我需要创建一个程序来接收HTTP请求并将这些请求转发给Web服务器。

Diagram http://img269.imageshack.us/img269/1862/h98trsly.jpg

我已经成功地使这个只使用Java的套接字，但客户需要JPCAP要实施的计划。我想知道这是否可能，以及我应该为这个项目阅读哪些文献。

这是我现在已经从JPCAP教程片拼接起来：

import java.net.InetAddress; 
import java.io.*; 
import jpcap.*; 
import jpcap.packet.*; 


public class Router { 
    public static void main(String args[]) { 
     //Obtain the list of network interfaces 
     NetworkInterface[] devices = JpcapCaptor.getDeviceList(); 

     //for each network interface 
     for (int i = 0; i < devices.length; i++) { 
      //print out its name and description 
      System.out.println(i+": "+devices[i].name + "(" + devices[i].description+")"); 

      //print out its datalink name and description 
      System.out.println(" datalink: "+devices[i].datalink_name + "(" + devices[i].datalink_description+")"); 

      //print out its MAC address 
      System.out.print(" MAC address:"); 
      for (byte b : devices[i].mac_address) 
       System.out.print(Integer.toHexString(b&0xff) + ":"); 
      System.out.println(); 

      //print out its IP address, subnet mask and broadcast address 
      for (NetworkInterfaceAddress a : devices[i].addresses) 
       System.out.println(" address:"+a.address + " " + a.subnet + " "+ a.broadcast); 
     } 

     int index = 1; // set index of the interface that you want to open. 

     //Open an interface with openDevice(NetworkInterface intrface, int snaplen, boolean promics, int to_ms) 
     JpcapCaptor captor = null; 
     try { 
      captor = JpcapCaptor.openDevice(devices[index], 65535, false, 20); 
      captor.setFilter("port 80 and host 192.168.56.1", true); 
     } catch(java.io.IOException e) { 
      System.err.println(e); 
     } 

     //call processPacket() to let Jpcap call PacketPrinter.receivePacket() for every packet capture. 
     captor.loopPacket(-1,new PacketPrinter()); 

     captor.close(); 
    } 
} 

class PacketPrinter implements PacketReceiver { 
    //this method is called every time Jpcap captures a packet 
    public void receivePacket(Packet p) { 
     JpcapSender sender = null; 
     try { 
      NetworkInterface[] devices = JpcapCaptor.getDeviceList(); 
      sender = JpcapSender.openDevice(devices[1]); 
     } catch(IOException e) { 
      System.err.println(e); 
     } 


     IPPacket packet = (IPPacket)p; 

     try { 
      // IP Address of machine sending HTTP requests (the client) 
      // It's still on the same LAN as the servers for testing purposes. 
      packet.dst_ip = InetAddress.getByName("192.168.56.2"); 
     } catch(java.net.UnknownHostException e) { 
      System.err.println(e); 
     } 

     //create an Ethernet packet (frame) 
     EthernetPacket ether=new EthernetPacket(); 
     //set frame type as IP 
     ether.frametype=EthernetPacket.ETHERTYPE_IP; 
     //set source and destination MAC addresses 

     // MAC Address of machine running reverse proxy server 
     ether.src_mac = new MacAddress("08:00:27:00:9C:80").getAddress(); 
     // MAC Address of machine running web server 
     ether.dst_mac = new MacAddress("08:00:27:C7:D2:4C").getAddress(); 

     //set the datalink frame of the packet as ether 
     packet.datalink=ether; 

     //send the packet 
     sender.sendPacket(packet); 

     sender.close(); 

     //just print out a captured packet 
     System.out.println(packet); 
    } 
} 

任何帮助将不胜感激。谢谢。

Answer 1

为什么？他的原因是什么？他是否真的想为你已经完成的同样事情付出十倍的成本？

您不需要Jpcap来实现HTTP代理。它可以完全在java.net或java.nio中完成。

Answer 2

我不认为你可以做到这一点，至少在Windows的盒子。 JPCAP仅仅是Winpcap的包装，而这背后的机制不能删除观察数据包：

http://www.mirrorservice.org/sites/ftp.wiretapped.net/pub/security/packet-capture/winpcap/misc/faq.htm#Q-17

所以，我不知道如何建立一个反向代理“上线”。难道你必须做到以下几点：

1. 通过分组拼凑在实时和由预期的主机接收投下他们观察传入的HTTP请求。

2. 根据您正在实施的任何代理规则进行备用HTTP请求。

3. 从您的请求中获取响应，并在假冒原始主机响应的线路上推送数据包？

既然你不能丢弃入站数据包，那么预定的主机是不是会试图处理请求并将它自己的数据包扔到网络上作为响应？因为我不是网络专家，所以我可能还不知道更多。这个问题让我对使用这种“垫片”有可能会有什么好奇。