General purpose TCP proxy?

Hi,

I'm trying to figure out if there's a gem or software available in Ruby
which allows me to act as a general purpose in-between proxy between a
server and multiple clients?

Basically:

<some tcp server> -- <ruby tcp propxy> -- <client1>
                                       \- <client2>
                                       \- <client3>
                                       etc.

It's not an HTTP server, pure TCP with it's own (documented) protocol.
My idea is to be able to act in-between and put certain restrictions on
clients that the server itself is not capable of.

Connections can be long-running, hours or days. I'm not planning on high
traffic (although real traffic requirements are not known to me yet),
but the number of clients will max around 15 or 20, not yet decided.

So, before I start into action on my own I was wandering if there's
something out there?

thanks for pointer,
- Markus

Afternoon Markus,

···

On Mon, Sep 27, 2010 at 3:47 PM, Markus Fischer <markus@fischer.name> wrote:

Hi,

I'm trying to figure out if there's a gem or software available in Ruby
which allows me to act as a general purpose in-between proxy between a
server and multiple clients?

Transparent proxy - GitHub - mojombo/proxymachine: A simple TCP routing proxy built on EventMachine that lets you configure the routing logic in Ruby.

Transparent or Intercepting - GitHub - igrigorik/em-proxy: EventMachine Proxy DSL for writing high-performance transparent / intercepting proxies in Ruby

John

Hi!

Transparent or Intercepting - GitHub - igrigorik/em-proxy: EventMachine Proxy DSL for writing high-performance transparent / intercepting proxies in Ruby

This one looks very promising based on the slides and the documentation.

However I've instantly ran into troubles outlined here:
Issues · igrigorik/em-proxy · GitHub . Any idea?

Another thing I'm not sure: when I look at the simply forwarding example
in the README.rdoc, I see that I basically have hook methods (on_data,
on_response, etc.) onto which I can attach my own code.

What I would need is a per client/connection logic. I.e. a client
connects, I inspect and forward the traffic. I also my intercept some
requests from the client and send back my own stuff. Ultimately I have a
state per client.

From the examples it's unclear to me how would I be able to identify the
different clients through the whole connection process?

thanks,
- Markus

···

On 28.09.2010 01:16, John W Higgins wrote:

This will probably (be hackable to) do what you want:
<http://github.com/cjheath/loggingproxy>

Clifford Heath, Data Constellation. http://dataconstellation.com
Agile Information Management and Design

Hi!

> Transparent or Intercepting - GitHub - igrigorik/em-proxy: EventMachine Proxy DSL for writing high-performance transparent / intercepting proxies in Ruby

This one looks very promising based on the slides and the documentation.

However I've instantly ran into troubles outlined here:
Issues · igrigorik/em-proxy · GitHub . Any idea?

I would chalk it up to probably just a mistake in the sample code - yes,
it's not the best first impression but it does happen. It may very well be
conn.unbind instead of unbind but I'm not certain (unbind is a method of the
connection object).

Another thing I'm not sure: when I look at the simply forwarding example
in the README.rdoc, I see that I basically have hook methods (on_data,
on_response, etc.) onto which I can attach my own code.

What I would need is a per client/connection logic. I.e. a client
connects, I inspect and forward the traffic. I also my intercept some
requests from the client and send back my own stuff. Ultimately I have a
state per client.

Try looking at the smtp_whitelist example. It shows intercepting a request -
looking at it and sending back a response without the proxy actually passing
it on to the backend server. If you return nil from the on_data call then
nothing is forwarded along.

You do have a state - the "conn" object, which EventMachine creates per
connection and passes into the outer block that then calls into the on_data,
on_response et al. blocks.

My guess for your case would be that you would want to extend the connection
class (see connection.rb) to hold more information that would be available
to you during the lifetime of the connection.

If nothing else this is around 200 or so lines of code that gives a nice
starting point to anything more custom that you believe you would need/want.
I would be rather impressed if something else gave you more flexibility than
this and lived in the ruby world. You may find very well that a few helper
methods would help you along the way or perhaps the opposite in that you
don't want the blocks but rather to work in a custom connection object that
eliminates the block calls. But I do assure you that this is the right road
to be on.....

John

···

On Mon, Sep 27, 2010 at 11:51 PM, Markus Fischer <markus@fischer.name>wrote:

On 28.09.2010 01:16, John W Higgins wrote:

Whats wrong with haproxy ?

Works for raw TCP sockets.

···

On Tue, Sep 28, 2010 at 2:30 PM, Clifford Heath <no@spam.please.net> wrote:

This will probably (be hackable to) do what you want:
<http://github.com/cjheath/loggingproxy&gt;

Clifford Heath, Data Constellation. http://dataconstellation.com
Agile Information Management and Design

--
Let them talk of their oriental summer climes of everlasting
conservatories; give me the privilege of making my own summer with my
own coals.

http://gnufied.org

And sorry for top posting.

···

On Tue, Sep 28, 2010 at 4:14 PM, hemant <gethemant@gmail.com> wrote:

Whats wrong with haproxy ?

Works for raw TCP sockets.

I don't know .. does it allow my to have per Client connection logic and
traffic interception, scripted, custom answers and rejection? Ideally in
Ruby.

- Markus

···

On 28.09.2010 12:44, hemant wrote:

Whats wrong with haproxy ?

Works for raw TCP sockets.

Don't apologize, the anti-top posting nazis need to learn TIMTOWTDI some day

···

On Tue, Sep 28, 2010 at 4:45 AM, hemant <gethemant@gmail.com> wrote:

On Tue, Sep 28, 2010 at 4:14 PM, hemant <gethemant@gmail.com> wrote:
> Whats wrong with haproxy ?
>
> Works for raw TCP sockets.

And sorry for top posting.

--
Tony Arcieri
Medioh! A Kudelski Brand