2

I am trying to find (or write) a caching proxy tool that accepts all traffic from a specific container in my localhost (using Iptables). What I want to do with this traffic is to save it and cache the response, and later, if I see that a request was already sent to a server, return the cached response to the requesting party (and not sending the request to the server again, because a previous similar request was already sent).

Here's a diagram to demonstrate what I'm trying to do:

enter image description here

I'm not sure exactly how big is the problem I'm trying to deal with here. I want to do it for all traffic, including HTTP, TLS and other TCP based traffic (database connections and such). I tried to check mitmproxy, and it seems to deal pretty good with HTTP and the TLS part, but intercepting raw TCP traffic (for databases etc.) is not possible.

Any advices or resources I can use to accomplish that? (Not necessarily in Python). How complex do you think this problem is? Do you think I can find a generic solution?

Thanks in advance!

Gal Shahar
  • 2,695
  • 1
  • 21
  • 29
  • Such a proxy can not exists because you can only read a request and send the cached response if you are able to parse the request+response. But for "all protocols" it is impossible to implement a protocol parser for each and every protocol therefore such a proxy can not exist. – Robert Jun 10 '21 at 13:48
  • There's not a way to intercept raw tcp? I saw that mitmproxy are working on it... Do you think that a proxy will have to be built for each kind of protocol? @Robert – Gal Shahar Jun 10 '21 at 14:52
  • As far as I remember Mitmproxy is working on the ability to pass through RAW TCP connections, but how should you cache a response if you just has a raw stream of bytes you don't understand? – Robert Jun 10 '21 at 14:58
  • I cannot identify a tcp stream by looking at its data section (is it a tcp fragment?). I don’t necessarily need to read it no? Or I’m missing out entirely here…? @Robert – Gal Shahar Jun 10 '21 at 15:04
  • 1
    TCP has no fragments by default, only packets, but the packet size is variable, you can send every byte in an own packet if you want. Usually the packet size is just selected by the OS based on the data available to send. – Robert Jun 10 '21 at 15:35

0 Answers0