developer3000S / honeyd

Automatically exported from code.google.com/p/honeyd
0 stars 0 forks source link

Add mechanism for proxied services to look up original source and destination #20

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
One feature that is nice to have in Honeyd is the ability for proxied services 
to look up the source and destination IP of incoming requests. This way, they 
can tailor their responses based on the destination IP address and port. This 
would provide similar function to the HONEYD_IP_SRC, HONEYD_IP_DST, 
HONEYD_SRC_PORT, and HONEYD_DST_PORT that are passed to subsystems.

I have attached a patch which causes Honeyd to create a new unix domain socket 
(/var/run/honeyd-proxy.sock) which can be used to subscribe to information 
about proxied requests. Using this interface, a backend server providing 
proxied services can look up the original source and destination ip address and 
port. It receives two types of messages - one when the proxied connection is 
initiated, and another when the proxied connection is closed.

The patch file also makes the following changes:
- Allows users to provide CFLAGS via configure instead of always using 
hardcoded CFLAGS.
- Lower logging level of syslog messages which are sent on every connection.
- Set the permissions on the Honeyd UI and proxy sockets to allow 
administration of these from the UID/GID that Honeyd runs under.

Original issue reported on code.google.com by pkwar...@gmail.com on 1 Sep 2010 at 8:09

GoogleCodeExporter commented 8 years ago
Here is an updated patch that fixes a conflict with the UI ev_accept event and 
renames proxy* to proxy_notify* to avoid any conflicts with existing proxy code.

Original comment by pkwar...@gmail.com on 9 Sep 2010 at 3:11

Attachments: