search

Quantalytics / pulledpork

Automatically exported from code.google.com/p/pulledpork
GNU General Public License v2.0
0 stars 0 forks source link

PulledPork does not honour HTTP proxy environment settings #120

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. find a working http proxy
2. set the http_proxy and https_proxy variables 
3. run pulledpork

What is the expected output? What do you see instead?
If you observe the network traffic, pulledpork tries to connect directly as 
opposed to via the proxy

What version of the product are you using? On what operating system?
0.6.1 on Ubuntu 12.04

Please provide any additional information below.
Adding $ua->env_proxy directive forces it to honour the env variables.

Original issue reported on code.google.com by konrads....@gmail.com on 4 Oct 2012 at 12:45

GoogleCodeExporter commented 9 years ago 
Had the same issue, remember that you need to export as well as set the 
variables. Works fine with version 0.6.1 then.

Original comment by nullsgot...@gmail.com on 12 Oct 2012 at 12:10

GoogleCodeExporter commented 9 years ago 
I am certain that environment variables are properly set. Debug statements show 
that perl gets those values.
It looks like LWP::UserAgent ignores proxy settings that are set "manually" - 
not using $ua->env_proxy or at object creation.

Original comment by konrads....@gmail.com on 12 Oct 2012 at 12:47

GoogleCodeExporter commented 9 years ago 
Hello,

I also got this issue with the same version of pulledpork. Tcpdump confimed 
that too.

Where exactly should I add the $ua->env_proxy directive in pulledpork.pl ?

Thanks

Original comment by mat.b...@gmail.com on 30 Oct 2012 at 3:16

GoogleCodeExporter commented 9 years ago 
are you guys defining your base urls as http or https ?

Original comment by Cummin...@gmail.com on 2 Nov 2012 at 4:17

GoogleCodeExporter commented 9 years ago 
I am using http as my base urls and having the same problem.  I also tried 
setting the CGI_HTTP_PROXY env setting as per the suggestion here: 
http://search.cpan.org/~gaas/libwww-perl-6.04/lib/LWP/UserAgent.pm and no dice.

Original comment by joel_ros...@msn.com on 15 Nov 2012 at 4:07

GoogleCodeExporter commented 9 years ago 
I have updated the code in SVN to allow for better proxy handling, can you also 
verify that your proxy does not have a trailing slash?

Original comment by Cummin...@gmail.com on 15 Nov 2012 at 4:34

GoogleCodeExporter commented 9 years ago

Original comment by Cummin...@gmail.com on 15 Nov 2012 at 6:56

GoogleCodeExporter commented 9 years ago 
Yes, I can verify there is no trailing slash in my proxy settings.  Thank you 
for the response!  :)

Original comment by joel_ros...@msn.com on 15 Nov 2012 at 6:59

GoogleCodeExporter commented 9 years ago 
Hi, I downloaded 0.6.2 version from SVN as well as the updated conf files.  
Tried with this version and got the same result.  Checking the firewall logs 
confirms PP is not using the proxy when trying to retrieve rule files.  Here is 
my output:

# /usr/local/snort/pulledpork/pulledpork.pl -c 
/usr/local/snort/pulledpork/etc/pulledpork.conf -T

    http://code.google.com/p/pulledpork/
      _____ ____
     `----,\    )
      `--==\\  /    PulledPork v0.6.2dev the Cigar Pig <////~
       `--==\\/
     .-~~~~-.Y|\\_  Copyright (C) 2009-2012 JJ Cummings
  @_/        /  66\_  cummingsj@gmail.com
    |    \   \   _(")
     \   /-| ||'--'  Rules give me wings!
      \_\  \_\\

Checking latest MD5 for snortrules-snapshot-2930.tar.gz.... Error 500 when fetching http://www.snort.org/reg-rules/snortrules-snapshot-2930.tar.gz.md5 at /usr/local/snort/pulledpork/pulledpork.pl line 476 main::md5file('177506896c85a808394c1441e62aa1d8cd4b6f7c', 'snortrules-snapshot-2930.tar.gz', '/var/tmp/', 'http://www.snort.org/reg-rules/') called at /usr/local/snort/pulledpork/pulledpork.pl line 1886


Original comment by `joel_ros...@msn.com` on 15 Nov 2012 at 7:18