NAME
Net::Proxy - Framework for proxying network connections in many ways
SYNOPSIS
use Net::Proxy;
# proxy connections from localhost:6789 to remotehost:9876
# using standard TCP connections
my $proxy = Net::Proxy->new(
{ in => { type => tcp, port => '6789' },
out => { type => tcp, host => 'remotehost', port => '9876' },
}
);
# register the proxy object
$proxy->register();
# and you can setup multiple proxies
# and now proxy connections indefinitely
Net::Proxy->mainloop();DESCRIPTION
A Net::Proxy object represents a proxy that accepts connections and then relays the data transfered between the source and the destination.
The goal of this module is to abstract the different methods used to connect from the proxy to the destination.
A proxy is a program that transfer data across a network boundary between a client and a server. Net::Proxy introduces the concept of "connectors" (implemented as Net::Proxy::Connector subclasses), which abstract the server part (connected to the client) and the client part (connected to the server) of the proxy.
This architecture makes it easy to implement specific techniques to cross a given network boundary, possibly by using a proxy on one side of the network fence, and a reverse-proxy on the other side of the fence.
See "AVAILABLE CONNECTORS" for details about the existing connectors.
METHODS
If you only intend to use Net::Proxy and not write new connectors, you only need to know about new(), register() and mainloop().
Class methods
- new( { in => { ... }, { out => { ... } } )
-
Return a new
Net::Proxyobject, with two connectors configured as described in the hashref.The connector parameters are described in the table below, as well as in each connector documentation.
- mainloop( $max_connections )
-
This method initialises all the registered
Net::Proxyobjects and then loops on all the sockets ready for reading, passing the data through the variousNet::Proxy::Connectorobjets to handle the specifics of each connection.If
$max_connectionsis given, the proxy will stop after having fully processed that many connections. Otherwise, this method does not return. - add_listeners( @sockets )
-
Add the given sockets to the list of listening sockets.
- watch_reader_sockets( @sockets )
-
Add the given sockets to the readers watch list.
- watch_writer_sockets( @sockets )
-
Add the given sockets to the writers watch list.
- remove_writer_sockets( @sockets )
-
Remove the given sockets from the writers watch list.
- close_sockets( @sockets )
-
Close the given sockets and cleanup the related internal structures.
- set_verbosity( $level )
-
Set the logging level.
0means not messages except warnings and errors. - notice( $message )
-
Log $message to STDERR if verbosity level is equal to
1or more. - info( $message )
-
Log $message to STDERR if verbosity level is equal to
2or more. - debug( $message )
-
Log $message to STDERR if verbosity level is equal to
3or more.(Note: throughout the
Net::Proxysource code, calls todebug()are commented with##.)
Some of the class methods are related to the socket objects that handle the actual connections.
- get_peer( $socket )
- set_peer( $socket, $peer )
-
Get or set the socket peer.
- get_connector( $socket )
- set_connector( $socket, $connector )
-
Get or set the socket connector (a
Net::Proxy::Connectorobject). - get_state( $socket )
- set_state( $socket, $state )
-
Get or set the socket state. Some
Net::Proxy::Connectorsubclasses may wish to use this to store some internal information about the socket or the connection. - get_nick( $socket )
- set_nick( $socket, $nickname )
-
Get or set the socket nickname. Typically used by
Net::Proxy::Connectorto give informative names to socket (used in the log messages). - get_buffer( $socket )
- set_buffer( $socket, $data )
-
Get or set the content of the writing buffer for the socket. Used by
Net::Proxy::Connectorinraw_read_from()andranw_write_to(). - get_callback( $socket )
- set_callback( $socket, $coderef )
-
Get or set the callback currently associated with the socket.
- add_to_buffer( $socket, $data )
-
Add data to the writing buffer of the socket.
Instance methods
- register()
-
Register a
Net::Proxyobject so that it will be included in themainloop()processing. - unregister()
-
Unregister the
Net::Proxyobject. - in_connector()
-
Return the
Net::Proxy::Connectorobjet that handles the incoming connection and handles the data coming from the "client" side. - out_connector()
-
Return the
Net::Proxy::Connectorobjet that creates the outgoing connection and handles the data coming from the "server" side.
Statistical methods
The following methods manage some statistical information about the individual proxies:
- stat_inc_opened()
- stat_inc_closed()
-
Increment the "opened" or "closed" connection counter for this proxy.
- stat_opened()
- stat_closed()
-
Return the count of "opened" or "closed" connections for this proxy.
- stat_total_opened()
- stat_total_closed()
-
Return the total count of "opened" or "closed" connection across all proxy objects.
CONNECTORS
All connection types are provided with the help of specialised classes. The logic for protocol xxx is provided by the Net::Proxy::Connector::xxx class.
Connector hooks
There is a single parameter that all connectors accept: hook. Given a code reference, the code reference will be called when data is received on the corresponding socket.
The code reference should have the following signature:
sub callback {
my ($dataref, $connector) = @_;
...
}$dataref is a reference to the chunk of data received, and $connector is the Net::Proxy::Connector object that created the socket. This allows someone to eventually store data in a stash stored in the connector, so as to share data between sockets.
Available connectors
tcp (
Net::Proxy::Connector::tcp)This is the simplest possible proxy connector. On the "in" side, it sits waiting for incoming connections, and on the "out" side, it connects to the configured host/port.
connect (
Net::Proxy::Connector::connect)This proxy connector can connect to a TCP server though a web proxy that accepts HTTP CONNECT requests.
dual (
Net::Proxy::Connector::dual)This proxy connector is a Y-shaped connector: depending on the client behaviour right after the connection is established, it connects it to one of two services, handled by two distinct connectors.
dummy (
Net::Proxy::Connector::dummy)This proxy connector does nothing. You can use it as a template for writing new
Net::Proxy::Connectorclasses.
Summary
This table summarises all the available Net::Proxy::Connector classes and the parameters their constructors recognise.
N/A means that the given Net::Proxy::Connector cannot be used in that position (either in or out).
Connector | in parameters | out parameters
------------+-----------------+-----------------
tcp | host | host
| port | port
------------+-----------------+-----------------
connect | N/A | host
| | port
| | proxy_host
| | proxy_port
| | proxy_user
| | proxy_pass
| | proxy_agent
------------+-----------------+-----------------
dual | host | N/A
| port |
| timeout |
| server_first |
| client_first |
------------+-----------------+-----------------
dummy | N/A | N/A
------------+-----------------+-----------------
ssl | host | host
| port | port
| start_cleartext | start_cleartextNet::Proxy::Connector::dummy is used as the out parameter for a Net::Proxy::Connector::dual, since the later is linked to two different connector objects.
AUTHOR
Philippe 'BooK' Bruhat, <book@cpan.org>.
BUGS
Please report any bugs or feature requests to bug-net-proxy@rt.cpan.org, or through the web interface at http://rt.cpan.org/. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
TODO
Here's my own wishlist:
Write a connector fully compatible with GNU httptunnel (http://www.nocrew.org/software/httptunnel.html).
This one will probably be named
Net::Proxy::Connector::httptunnel.Enhance the httptunnel protocol to support multiple connections.
Implement RFC 3093 - Firewall Enhancement Protocol (FEP), as
Net::Proxy::Connector::FEP. This RFC was published on April 1, 2001.This is probably impossible with
Net::Proxy, since the FEP driver is a rather low-level driver (at the IP level of the network stack).Implement DNS tunnel connectors.
See http://savannah.nongnu.org/projects/nstx/, OzymanDNS, http://www.doxpara.com/slides/BH_EU_05-Kaminsky.pdf. http://thomer.com/howtos/nstx.html for examples.
Implement an UDP connector. (Is it feasible?)
Implement a connector that can be plugged to the STDIN/STDOUT of an external process, like the
ProxyCommandoption of OpenSSH.Implement
Net::Proxy::Connector::unix, for UNIX sockets.Implement ICMP tunnel connectors.
See http://www.linuxexposed.com/Articles/Hacking/Case-of-a-wireless-hack.html, http://sourceforge.net/projects/itun, http://www.cs.uit.no/~daniels/PingTunnel/, http://thomer.com/icmptx/ for examples.
Since ICMP implies low-level packet reading and writing, it may not be possible for
Net::Proxyto handle it.Look for inspiration in the Firewall-Piercing HOWTO, at http://fare.tunes.org/files/fwprc/.
Look also here: http://gray-world.net/tools/
Implement a
Net::Proxy::Connector::starttlsconnector that can upgrade upgrade a connection to SSL transparently, even if the client or server doesn't support STARTTLS.Martin Werthmöller provided a full implementation of a connector that can handle IMAP connections and upgrade them to TLS if the client sends a
STARTTLScommand. My implementation will split this in two partsNet::Proxy::Connector::sslandNet::Proxy::Connector::starttls, that inherits from the former.
COPYRIGHT
Copyright 2006 Philippe 'BooK' Bruhat, All Rights Reserved.
LICENSE
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
1 POD Error
The following errors were encountered while parsing the POD:
- Around line 697:
Non-ASCII character seen before =encoding in 'Werthmöller'. Assuming CP1252