0

I'm looking for a way to obfuscate a request to a web server and instead pull data from a CDN

I believe I need to create a transparent proxy on the web server and pass the request off to the CDN, like so:

client ===> webserver:80 ====> proxy:someport ===> cdn.example.com

What I don't know is if the response is routed back through the proxy, effectively charging me for bandwidth twice, like this:

cdn.example.com ====> proxy:someport ====> webserver:80 ====> client

Or if the request essentially bypasses the proxy and responds to the client:

cdn.example.com ===> client

I'm also pretty sure that the endpoint of the proxy request is not sniffable, but if someone knows otherwise I'd appreciate it!

gadhra
  • 21
  • 1

1 Answers1

0

Not that I'm entirely proficient in this, but can't you just return 302 found and let the client contact the cdn in the first place (maybe even change the url of the files in question, so the client never contacts webserver:80)? Replying like this:

cdn.example.com ===> client

would only be possible by forging the source addresses of the IP packets to the cdn. I'm not sure the ISP of your webserver would allow that.

jpalecek
  • 47,058
  • 7
  • 102
  • 144
  • The 302 redirect will unfortunately tell the requester where the file is located (I'm essentially trying to obfuscate the ultimate location of a file). But I think this answers my question - I'd have to forge the source addy of the IP packet, which isn't tenable. – gadhra Apr 16 '12 at 21:05