Sending TCP packets to proxy - go

I've familiar with HTTP_PROXY and defining a DefaultTransport to proxy HTTP requests. But I can't find anything about how to do the same for TCP. Is this possible? Or do I have to rely on on the proxy itself to forward the packet?

This is possible but not with an HTTP Proxy. You want a SOCKS proxy. Check out the https://godoc.org/golang.org/x/net/proxy package that provides a SOCKS5 Dialer.
package main
import (
"fmt"
"os"
"golang.org/x/net/proxy"
)
var (
proxy_addr = "my.socks.proxy.local:8088"
remote_addr = "chat.freenode.net:6697"
)
func main() {
dialer, err := proxy.SOCKS5("tcp", proxy_addr, nil, proxy.Direct)
if err != nil {
fmt.Fprintln(os.Stderr, "proxy connection error:", err)
os.Exit(1)
}
conn, err := dialer.Dial("tcp", remote_addr)
if err != nil {
fmt.Fprintln(os.Stderr, "remote connection error:", err)
os.Exit(1)
}
defer conn.Close()
// communicate with remote addr here
}

Related

go network traffic GRE encapsulation

I want to write an application using golang that will intercept any traffic from the NIC to an application and from the application to the nic running on the machine. For example, we are running an HTTP server.
This application will look into the packet, and if the packet has a GRE header from a specific IP, it will decapsulate the traffic and forward using the inner IP header. With traffic from the application to the NIC, I want to encapsulate the packet with a GRE header.
I have no idea where to start and need some advice.
Update my findings:
So I have the following:
package main
import (
"fmt"
"io"
"net"
)
func main() {
ln, err := net.Listen("tcp", "0.0.0.0:8000")
if err != nil {
panic(err)
}
for {
conn, err := ln.Accept()
if err != nil {
panic(err)
}
go handleRequest(conn)
}
}
func handleRequest(conn net.Conn) {
fmt.Println("new client")
proxy, err := net.Dial("tcp", "10.10.1.1:80")
if err != nil {
panic(err)
}
fmt.Println("proxy connected")
go copyIO(conn, proxy)
go copyIO(proxy, conn)
}
func copyIO(src, dest net.Conn) {
defer src.Close()
defer dest.Close()
io.Copy(src, dest)
}
I believe that I have to have the logic in this go copyIO(proxy, conn) call.

How to extract the connected local ip address using http.Client in Go?

My PC has multiple IP addresses(ex: 10.1.1.20, 192.168.123.30, ...).
Can I extract the connected local ip address when connecting to remote server using http.Client?
If this is not possible with http.Client, is there any other possible way?
package main
import (
"fmt"
"io/ioutil"
"net/http"
)
func main() {
req, err := http.NewRequest("GET", "https://www.google.com", nil)
if err != nil {
panic(err)
}
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
// extract the local ip address???
// getsockname(?????)
data, err := ioutil.ReadAll(resp.Body)
if err != nil {
panic(err)
}
fmt.Printf("StatusCode=%v\n", resp.StatusCode)
fmt.Printf("%v\n", string(data))
}
You can either:
loop through all network interfaces
or retrieve the preferred outbound ip address
But in both case, the fact that you are in the middle of using an http.Client and making a GET would not matter: you could get those IP addresses independently.
You can provide your own Transport implementation that extracts the outgoing local IP address right after establishing the TCP connection, e.g. like this:
client := &http.Client{
Transport: &http.Transport{
Dial: func(network, addr string) (net.Conn, error) {
conn, err := net.Dial(network, addr)
if err == nil {
localAddr := conn.LocalAddr().(*net.TCPAddr)
fmt.Println("LOCAL IP:", localAddr.IP)
}
return conn, err
},
},
}

Different behaviors of golang tcp socket on different OS

I want to simulate the http server with tcp socket written in Go. The program runs well on Linux or Mac, but has some problems on Windows. I have configured the built-in firewall to allow connections on the port. On Windows, when the browser requests the program, it shows me "This site can’t be reached. The connection was reset." Instead, it can response "Hello world" correctly on Linux or Mac. As follows.
// implement http server with tcp socket
package main
import (
"log"
"net"
"os"
)
var content = []byte(`HTTP/1.1 200 OK
Content-type: text/plain
Hello world!`)
func handleConn(conn net.Conn) {
conn.Write(content)
defer conn.Close()
}
func main() {
addr := "localhost:10000"
listener, err := net.Listen("tcp", addr)
checkErr(err)
defer listener.Close()
for {
conn, err := listener.Accept()
if err != nil {
log.Fatal(err)
continue
}
go handleConn(conn)
}
}
func checkErr(err error) {
if err != nil {
log.Fatal(err)
os.Exit(1)
}
}
I try to change some code to read all the bytes from the connection on Windows, after that, the program responses correctly.
func handleConn(conn net.Conn) {
var buf = make([]byte, 1024)
_, err := conn.Read(buf)
checkErr(err)
conn.Write(content)
defer conn.Close()
}
But I don't know why must I read all the bytes of connection on Windows.

What is the best way to keep a TCP server with GO listening?

I found this example https://play.golang.org/p/zyZJKGFfyT
package main
import (
"fmt"
"net"
"os"
)
// echo "Hello server" | nc localhost 5555
const (
CONN_HOST = "localhost"
CONN_PORT = "5555"
CONN_TYPE = "tcp"
)
func main() {
// Listen for incoming connections.
l, err := net.Listen(CONN_TYPE, CONN_HOST+":"+CONN_PORT)
if err != nil {
fmt.Println("Error listening:", err.Error())
os.Exit(1)
}
// Close the listener when the application closes.
defer l.Close()
fmt.Println("Listening on " + CONN_HOST + ":" + CONN_PORT)
for {
// Listen for an incoming connection.
conn, err := l.Accept()
if err != nil {
fmt.Println("Error accepting: ", err.Error())
os.Exit(1)
}
// Handle connections in a new goroutine.
go handleRequest(conn)
}
}
// Handles incoming requests.
func handleRequest(conn net.Conn) {
// Make a buffer to hold incoming data.
buf := make([]byte, 1024)
// Read the incoming connection into the buffer.
reqLen, err := conn.Read(buf)
reqLen = reqLen
if err != nil {
fmt.Println("Error reading:", err.Error())
}
// Send a response back to person contacting us.
conn.Write([]byte("hello") )
conn.Close()
}
echo "test" | nc 127.0.0.1 5555
What is the best way to keep a TCP server with GO listening in production?
in localhost work fine but production
Taking out my crystal ball: I believe your problem is that your server is only listening on localhost, but you want to be able to connect to it from other machines. Change CONN_HOST from "localhost" to "" (empty string), so that net.Listen will be listening on :5555. That means that connections will be accepted on any interface on port 5555.

GO: Why does dialing from the address on which the client is listening not work, but the opposite does?

I wonder why dialing from the address on which the client is also listening does not work (Version A) but listening on the connection address the client is dialing to the server does actually work (Version B)?!
Can someone explain this to me. Go is new to me and I still learning a lot of things.
Here is an example:
Server Programm:
package main
import . "fmt"
import "net"
import "os"
func main() {
Println("server")
var listener, listenerError = net.Listen("tcp", "localhost:8080")
if listenerError != nil {
Println(listenerError)
os.Exit(1)
}
for {
con, _ := listener.Accept() // I don't care about the error in this example
Printf("LocalAddr: %v\n", con.LocalAddr())
Printf("RemoteAddr: %v\n", con.RemoteAddr())
}
}
Client version A (not working):
package main
import "net"
import . "fmt"
import "os"
func main() {
var listener, listenerError = net.Listen("tcp", "localhost:0")
if listenerError != nil {
Println(listenerError)
os.Exit(1)
}
var dialer = new(net.Dialer)
dialer.LocalAddr = listener.Addr()
con, err := dialer.Dial("tcp", "localhost:8080")
if err != nil {
// dial tcp 127.0.0.1:60229->127.0.0.1:8080: bind: address already in use
Println(err)
os.Exit(2)
}
Printf("LocalAddr: %v\n", con.LocalAddr())
Printf("RemoteAddr: %v\n", con.RemoteAddr())
}
Client version B (working):
package main
import "net"
import . "fmt"
import "os"
func main() {
Println("client")
con, err := net.Dial("tcp", "localhost:8080")
if err != nil {
Println(err)
os.Exit(2)
}
// magic happens here
var listener, listenerError = net.Listen("tcp", con.LocalAddr().String())
if listenerError != nil {
Println(listenerError)
os.Exit(1)
}
Println("LISTENING")
conn, _ := listener.Accept() // will accept on con.LocalAddr()
Printf("LocalAddr: %v\n", conn.LocalAddr())
Printf("RemoteAddr: %v\n", conn.RemoteAddr())
}
"Version B" works as a side effect of the Go's POSIX default of setting SO_REUSEADDR, which will allow binding to an addr:port pair even if it's in use by an existing connection. The 2 sockets can be differentiated, because the established connection is identified by the 4-tuple of (LocalAddr, LocalPort, RemoteAddr, RemotePort).
"Version A" doesn't work, because when setting up the connection it needs to call bind to set the requested local address, and there is already a listening socket bound to that port.
There's no need to try and exploit this loophole, and you should use 2 ports for your client and server connections.

Resources