search

elazarl / goproxy

An HTTP proxy library for Go
BSD 3-Clause "New" or "Revised" License
5.98k stars 1.09k forks source link

IP filter + Auth + https #239

Open lexesv opened 7 years ago

lexesv commented 7 years ago

Hello.

auth.ProxyBasic(proxy, "Auth", func(user, passwd string) bool {
        if len(Conf.AuthHttp) > 0 {
            for _, a := range Conf.AuthHttp {
                t := strings.Split(a, ":")
                if user == t[0] && passwd == t[1] {
                    return true
                }
            }
        }
        Log(Now(), "Auth failed", user, passwd)
        return false
    })

RejectAction := &goproxy.ConnectAction{
        Action: goproxy.ConnectHijack,
        Hijack: func(req *http.Request, client net.Conn, ctx *goproxy.ProxyCtx) {
            client.Close()
        },
    }
proxy.OnRequest().
        HandleConnectFunc(func(host string, ctx *goproxy.ProxyCtx) (*goproxy.ConnectAction, string) {
            ip := strings.Split(ctx.Req.RemoteAddr, ":")[0]
            // AllowedIP
            if len(Conf.AllowedIP) > 0 {
                if ok, err := CheckIP(ip, Conf.AllowedIP); ok == false {
                    Log(Now(), "deny [443]", ip, host, err)
                    return RejectAction, host
                }
            }
            return goproxy.OkConnect, host
        })

There is either authentication or IP filter. And vice versa.

qZanity commented 6 years ago

What is your problem here? Or are you just sharing your code?

lexesv commented 6 years ago

I want to say that both authorization and IP filtering do not work at the same time.