hmgle / graftcp

A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
GNU General Public License v3.0
2.14k stars 179 forks source link

mgraftcp doesn't pick up the http_proxy at all. #41

Closed hongyi-zhao closed 3 years ago

hongyi-zhao commented 3 years ago

On Ubuntu 20.04, I try to test the mgraftcp with a local http proxy, but it seems that it doesn't use the proxy at all:

$ ./local/mgraftcp --version
mgraftcp version v0.4.0-2-ge6daf52
$ ./local/mgraftcp --enable-debug-log --http_proxy 127.0.0.1:8080 curl -Ivs www.google.com -o /dev/null
[2021-08-11 16:37:18] [INFO] graftcp-local start listening :0...
*   Trying 172.217.24.4:80...
* TCP_NODELAY set
* Connected to www.google.com (127.0.0.1) port 80 (#0)
> HEAD / HTTP/1.1
> Host: www.google.com
> User-Agent: curl/7.68.0
> Accept: */*
> 
[2021-08-11 16:37:18] [INFO] Request PID: 1902024, Source Addr: 127.0.0.1:53722, Dest Addr: 172.217.24.4:80
^C

At the same time, no traffic is observed on the proxy port:

$ sudo tcpdump -i any port 8080

But it works well with the socks5 proxy.

Any hints for this problem?

Regards, HY

hmgle commented 3 years ago

The default proxy_mode(auto) will try the socks5 proxy first. To use http_proxy you can set the proxy_mode to only_http_proxy mode:

./local/mgraftcp --enable-debug-log --select_proxy_mode=only_http_proxy --http_proxy 127.0.0.1:8080 curl -Ivs www.google.com -o /dev/null
hongyi-zhao commented 3 years ago

Still failed:

$ ./local/mgraftcp --enable-debug-log --select_proxy_mode=only_http_proxy --http_proxy 127.0.0.1:8080 curl -Ivs www.google.com -o /dev/null
[2021-08-11 21:49:10] [INFO] graftcp-local start listening :0...
*   Trying 108.160.169.46:80...
* TCP_NODELAY set
* Connected to www.google.com (127.0.0.1) port 80 (#0)
> HEAD / HTTP/1.1
> Host: www.google.com
> User-Agent: curl/7.68.0
> Accept: */*
> 
[2021-08-11 21:49:10] [INFO] Request PID: 930782, Source Addr: 127.0.0.1:38262, Dest Addr: 108.160.169.46:80
* Empty reply from server
* Connection #0 to host www.google.com left intact
[2021-08-11 21:49:20] [ERROR] accept err: accept tcp [::]:42147: use of closed network connection

The 108.160.169.46 seems to be a bogus IP, so the problem is still relevant to DNS.

$ dig +short www.google.com
172.217.160.100

I'm confused. Sometimes the test succeeds, sometimes it fails:

$ ./local/mgraftcp --enable-debug-log --select_proxy_mode=only_http_proxy --http_proxy 127.0.0.1:8080 curl -Ivs www.google.com -o /dev/null
[2021-08-11 21:54:10] [INFO] graftcp-local start listening :0...
*   Trying 172.217.160.100:80...
* TCP_NODELAY set
* Connected to www.google.com (127.0.0.1) port 80 (#0)
> HEAD / HTTP/1.1
> Host: www.google.com
> User-Agent: curl/7.68.0
> Accept: */*
> 
[2021-08-11 21:54:10] [INFO] Request PID: 1142350, Source Addr: 127.0.0.1:49594, Dest Addr: 172.217.160.100:80
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: text/html; charset=ISO-8859-1
< P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
< Date: Wed, 11 Aug 2021 13:54:10 GMT
< Server: gws
< X-XSS-Protection: 0
< X-Frame-Options: SAMEORIGIN
< Transfer-Encoding: chunked
< Expires: Wed, 11 Aug 2021 13:54:10 GMT
< Cache-Control: private
< Set-Cookie: 1P_JAR=2021-08-11-13; expires=Fri, 10-Sep-2021 13:54:10 GMT; path=/; domain=.google.com; Secure
< Set-Cookie: NID=221=PsfFe1v1Gvzz0tjtq7uZiuiz8gkRJXE-7dd3CB1v5fQ1Y4u54EIvjQy1_81fgghBiTb7_aAsjJh_KJHhZMULI2awxGYRS8djrsQpg0JdO7YAYyVz3OaGE4U7XpCi7UH-Y6NU2uLeZRNzgD7PdrYzrBmGHayccHcMmqpfzhrnXaE; expires=Thu, 10-Feb-2022 13:54:10 GMT; path=/; domain=.google.com; HttpOnly
< 
* Connection #0 to host www.google.com left intact
[2021-08-11 21:54:11] [ERROR] accept err: accept tcp [::]:41977: use of closed network connection
hmgle commented 3 years ago

This is caused by DNS cache pollution, which is out of graftcp's scope.