I am searching for a method to script a transparent forward proxy like the ones that customers point their browsers to in proxy configurations.

I have discovered a definite tradeoff in forward proxies between scriptability and robustness. For instance, their are numerous proxies coded in Ruby and Python where you can inspect each request response and log, modify, filter when needed ... however, these either neglect to proxy delicately or crash after twenty minutes useful.

However I suspect that Squid and Apache are very robust and stable, but also for the existence of me I can not figure out how I'm able to develop dynamic behavior through scripting. Ultimately I must set quota's and dynamically filter on that quota. A part of me feels as though mixing mod_proxy and mod_perl?? could allow interesting dynamic proxies, nevertheless its tough to know where to start and determine if its even possible.

Please advise.

Squid and Apache have systems to call exterior scripts for allow/deny choices per-request. This enables you to employ because of their proxy engines, but call your exterior script per request processing of arbitrary complexity. Your code only needs to manage the company logic, not the heavy-lifting.

In Apache, I have not used at all mod_proxy in by doing this, but I have tried personally mod_rewrite. mod_rewrite also enables you to definitely proxy demands. The RequestMap directive enables you to definitely pass the choice to an exterior script:

MapType: prg, MapSource: Unix filesystem road to valid regular file

Here the origin is really a program, not really a map file. To produce it use a language of your liking, however the result needs to be an executable program (either object-code or perhaps a script using the miracle cookie trick '#!/path/to/interpreter' because the first line).

The program is began once, once the Apache server is began, after which conveys using the spinning engine via its stdin and stdout file-handles. For every map-function research it'll get the answer to research like a newline-ended string on stdin. After that it needs to hand back the looked-up value like a newline-ended string on stdout or even the four-character string ``NULL'' whether it fails (i.e., there's no corresponding value for that given key).

With Squid, you will get similar functionality through the exterior_acl_type directive:

This tag defines the way the exterior acl classes utilizing a assistant program need to look in the status.


Should you searching for a Perl solution then have a look at HTTP::Proxy

Unsure associated with a mod_perl solutions though. CPAN does mention Apache::Proxy and Searching raises MyProxy. However note, these two are a little old so YMMV but you might find them a helpful advantage.


I have been focusing on a HTTP library in python, written with proxy servers particularly in your mind like a use situation. It is not very mature at this time (certainly needs more testing, and unit tests), but it is complete enough which i think it is helpful. I'm not sure whether it would meet all of your needs or otherwise.

The library is known as httpmessage, the google-code website is found here. There's a good example of writing a proxy server around the good examples page.

I am pleased to receive feedback and/or bug fixes.

I'd use squid, which could execute other programs to alter the demands quickly.