We have written a tool to proxy telnet traffic, and fork the inbound/outbound streams for recording purposes (this is a testing tool to test a legacy system). However, we hit a snag. The legacy system relies on knowing a client’s ip address in certain cases, but when we use our proxy the clients’ addresses are all changed to the proxy’s address. Since we control what machine the legacy systems uses as a gateway, I’m wondering if there isn’t some way via iptables or some other packet mangling tech to spoof this. So, in other words, without the proxy we have:
[CLIENT A - 172.16.2.2]------| [CLIENT B - 172.16.2.3]------|------------[SERVER sees CLIENT A as 172.16.2.2, B as 2.3, so on] [CLIENT C - 172.16.2.4]------| With the proxy we get:
[CLIENT A - 172.16.2.2]---| [CLIENT B - 172.16.2.3]---|---[PROXY 172.16.2.5]--[SERVER sees all clients as 172.16.2.5] [CLIENT C - 172.16.2.4]---| What we need:
[CLIENT A - 172.16.2.2]---| [CLIENT B - 172.16.2.3]---|---[PROXY 172.16.2.5]--[SERVER sees CLIENT A as 172.16.2.2, so on] [CLIENT C - 172.16.2.4]---| Is there any possible way to accomplish this?
Thanks!
This question is not really programming-related.
But you can do it with the Linux kernel facility TPROXY, which I believe is distributed separately from Linux.
TPROXY lets you transparently proxy traffic, making the client and server see their own original IP addresses. You can do other tricks too.