Create Proxy Server in CPP

Question

I want to write a proxy server which can forward the client request to server. My problem is, the server validates the client's src ip. is there any possible way to retain the src ip and forward it to the server?

Answer 1

Using Linux Packet Sockets, you can send and receive the entire ethernet frames. If you leave the source and destination MAC addresses intact, and set your own IP to 0.0.0.0 so the kernel doesn't respond to traffic for you, there is no way for other systems to detect that your system is inline. This is called a Man-In-The-Middle (MITM) attack, but there are non-evil uses for it.

This is a good example of how to use a packet socket, but you would use the original source MAC address instead of your own.

struct ether_header* hdr( reinterpret_cast< const struct ether_header* >( recvd_msg_ptr ) );
memcpy( m_sockaddr.sll_addr, hdr->ether_dhost, ETH_ALEN );

Answer 2

Presumably, since you're asking about a proxy, you want traffic to go in both directions. While, with some tricks, you can spoof the source IP address, you wouldn't get the traffic back from the server (assuming the Internet) to the proxy though because your "return address" is somewhere else. You'll also likely get the attention of DoS scanners...

Answer 3

This is named "spoofing" and is generally a Bad Thing (and quite difficult for TCP/HTTP, unless you're within the same network as the server or the client).

Technically, on Linux you can try to play with so-called "raw sockets" (where you construct the whole IP packet yourself, including creating fake IP headers), but chances are that your spoofed packets will run into ingress/egress corporate and/or ISP filters (which in turn may attract attention of admins, especially if done within corporate network).