Re: Changing REMOTE_ADDR passing to a request.
On Sun, Nov 12, 2000 at 09:09:49PM +0800, Alson Wong wrote: > > The $ENV{'REMOTE_ADDR'}of server B still return the real ip address of > server A. Check out the link I sent to The Guide (tm), there's a Perl snippet to recover the IP and do the ->remote_ip() call: > From: barries <[EMAIL PROTECTED]> > > > > To catch the header on the backend, you can have a look at the > > Guide: > > > > > http://thingy.kcilink.com/modperlguide/scenario/Getting_the_Remote_Server_IP_in_.html - Barrie
Re: Changing REMOTE_ADDR passing to a request.
Hello , If I understand well what you want , you want to spoof the real IP adress of server A to make server B think that he is speaking to A' . Lets see the apache.pm pod : =item $c->remote_ip The dotted decimal representation of the remote client's IP address. This is set by the server when the connection record is created so is always defined. You can also set this value by providing an argument to it. This is helpful if your server is behind a squid accelerator proxy which adds a X-Forwarded-For header. 1)How this make you think that adding the X-Forwarded-For header will change the value of $c->remote_ip ? and this : =item $c->remote_addr A packed SOCKADDR_IN in the same format as returned by L, containing the port and address on the remote host that the server is connected to. This is set by the server when the connection record is created so it is always defined. 2) This mean that if the server B use $c->remote_addr method he will get the real ip that he is connected to , so no way to spoof it . (and if I understand well this method is used by apache to set $ENV) 3) In my way the only way to change the value of $c->remote_addr is to create an proxy server between : B<-->PROXY<>A and remove X-Forwarded-For at the proxy , so B will never know that he is speaking to A. Good luck ! Best CB - Original Message - From: "Alson Wong" <[EMAIL PROTECTED]> To: "barries" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Sunday, November 12, 2000 2:09 PM Subject: Re: Changing REMOTE_ADDR passing to a request. > hi, > I have not use mod_proxy_add_forward before. I have download the source code > and have a look at it. > It seems like just passing "X-Forwarded-For" in a header of a request. I > think > this is same as my code here: > > use LWP::UserAgent; > $ua = new LWP::UserAgent; > my $reqq = > HTTP::Request->new('GET','http://www.serverB.com/cgi-bin/ip.cgi'); > $reqq->header('X-Forwarded-For'=>'1.2.3.4'); > $reqq->header('Remote_Addr'=>'1.2.3.4'); # this line won't work. > my $ress = $ua->request($reqq); > print $ress->as_string; > > The $ENV{'REMOTE_ADDR'}of server B still return the real ip address of > server A. > So, how do I change the $ENV{'REMOTE_ADDR'}of server B to 1.2.3.4 without > changing anything at server B ? > > If I am wrong with the mod_proxy_add_forward, please point it out. Because I > have no idea how to implement the mod_proxy_add_forward in to mod_proxy of > Apache. > > And no idea how to use it too. If you got some clue, please tell me how to > start using that module, if it really works. > > Thanks. > > [EMAIL PROTECTED] > > > > > - Original Message - > From: barries <[EMAIL PROTECTED]> > To: Alson Wong <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Sunday, November 12, 2000 11:34 AM > Subject: Re: Changing REMOTE_ADDR passing to a request. > > > > On Sun, Nov 12, 2000 at 11:07:59AM +0800, Alson Wong wrote: > > > > > > So, how do I pass/set the environment variable of REMOTE_ADDR from > > > server A ? So that I can control the env of remote_addr at the server > > > B ? > > > > Well, you could do it several ways. The "normal" way is to set a > > header in the request that A sends to be, usually the same one that > > various caching proxy servers do, namely X-Forwarded-For. You won't > > be able to do that with LWP::Simple, have a look at the main LWP > > page for details on how to make more sophisticated requests. I'm > > assuming you've ruled out using Apache's mod_proxy, and therefore that > > you won't be wanting to use mod_proxy_add_forward. > > > > Then, in the B server, you can peel it out of the Apache request > > object manually as part of your script, or you can do it in an earlier > > handler phase and make a $r->remote_ip() call like the one you were > > making in the A server. > > > > To catch the header on the backend, you can have a look at the > > Guide: > > > > > http://thingy.kcilink.com/modperlguide/scenario/Getting_the_Remote_Server_IP > _in_.html > > > > > my $r = shift; > > > $r->connection->remote_ip('1.2.3.4'); > > > > > > it only works in server A, meaning, > > > $ENV{'REMOTE_ADDR'} in Server A return 1.2.3.4, but $ENV > > > {'REMOTE_ADDR'} in server B still return the Server A ip address. > > > > Right: nothing passes environment variables between the servers. You > > need to establish your own channel (the header mentioned above) for > > passing that value and tweak the B server to recover the value and > > stuff it in the environment variable. > > > > HTH, > > > > Barrie > > >
Re: Changing REMOTE_ADDR passing to a request.
hi, I have not use mod_proxy_add_forward before. I have download the source code and have a look at it. It seems like just passing "X-Forwarded-For" in a header of a request. I think this is same as my code here: use LWP::UserAgent; $ua = new LWP::UserAgent; my $reqq = HTTP::Request->new('GET','http://www.serverB.com/cgi-bin/ip.cgi'); $reqq->header('X-Forwarded-For'=>'1.2.3.4'); $reqq->header('Remote_Addr'=>'1.2.3.4'); # this line won't work. my $ress = $ua->request($reqq); print $ress->as_string; The $ENV{'REMOTE_ADDR'}of server B still return the real ip address of server A. So, how do I change the $ENV{'REMOTE_ADDR'}of server B to 1.2.3.4 without changing anything at server B ? If I am wrong with the mod_proxy_add_forward, please point it out. Because I have no idea how to implement the mod_proxy_add_forward in to mod_proxy of Apache. And no idea how to use it too. If you got some clue, please tell me how to start using that module, if it really works. Thanks. [EMAIL PROTECTED] - Original Message - From: barries <[EMAIL PROTECTED]> To: Alson Wong <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Sunday, November 12, 2000 11:34 AM Subject: Re: Changing REMOTE_ADDR passing to a request. > On Sun, Nov 12, 2000 at 11:07:59AM +0800, Alson Wong wrote: > > > > So, how do I pass/set the environment variable of REMOTE_ADDR from > > server A ? So that I can control the env of remote_addr at the server > > B ? > > Well, you could do it several ways. The "normal" way is to set a > header in the request that A sends to be, usually the same one that > various caching proxy servers do, namely X-Forwarded-For. You won't > be able to do that with LWP::Simple, have a look at the main LWP > page for details on how to make more sophisticated requests. I'm > assuming you've ruled out using Apache's mod_proxy, and therefore that > you won't be wanting to use mod_proxy_add_forward. > > Then, in the B server, you can peel it out of the Apache request > object manually as part of your script, or you can do it in an earlier > handler phase and make a $r->remote_ip() call like the one you were > making in the A server. > > To catch the header on the backend, you can have a look at the > Guide: > > http://thingy.kcilink.com/modperlguide/scenario/Getting_the_Remote_Server_IP _in_.html > > > my $r = shift; > > $r->connection->remote_ip('1.2.3.4'); > > > > it only works in server A, meaning, > > $ENV{'REMOTE_ADDR'} in Server A return 1.2.3.4, but $ENV > > {'REMOTE_ADDR'} in server B still return the Server A ip address. > > Right: nothing passes environment variables between the servers. You > need to establish your own channel (the header mentioned above) for > passing that value and tweak the B server to recover the value and > stuff it in the environment variable. > > HTH, > > Barrie >
Re: Changing REMOTE_ADDR passing to a request.
On Sun, Nov 12, 2000 at 11:07:59AM +0800, Alson Wong wrote: > > So, how do I pass/set the environment variable of REMOTE_ADDR from > server A ? So that I can control the env of remote_addr at the server > B ? Well, you could do it several ways. The "normal" way is to set a header in the request that A sends to be, usually the same one that various caching proxy servers do, namely X-Forwarded-For. You won't be able to do that with LWP::Simple, have a look at the main LWP page for details on how to make more sophisticated requests. I'm assuming you've ruled out using Apache's mod_proxy, and therefore that you won't be wanting to use mod_proxy_add_forward. Then, in the B server, you can peel it out of the Apache request object manually as part of your script, or you can do it in an earlier handler phase and make a $r->remote_ip() call like the one you were making in the A server. To catch the header on the backend, you can have a look at the Guide: http://thingy.kcilink.com/modperlguide/scenario/Getting_the_Remote_Server_IP_in_.html > my $r = shift; > $r->connection->remote_ip('1.2.3.4'); > > it only works in server A, meaning, > $ENV{'REMOTE_ADDR'} in Server A return 1.2.3.4, but $ENV > {'REMOTE_ADDR'} in server B still return the Server A ip address. Right: nothing passes environment variables between the servers. You need to establish your own channel (the header mentioned above) for passing that value and tweak the B server to recover the value and stuff it in the environment variable. HTH, Barrie