commit 672cb84dab369f005d0f2dbb34a75edbf2776d11 Author: Michal Szczepanski Date: Thu Sep 12 22:06:48 2019 +0200 Breaking some internet traffic for fun diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..bff2d76 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.iml diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..7c84354 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +The MIT License + +Copyright (c) 2019 Michal Szczepanski (michal@vane.pl) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..296f7c2 --- /dev/null +++ b/README.md @@ -0,0 +1,19 @@ +blocking-http-proxy +==== + +## Description + +Just blocking stuff that is in ```block.yaml``` +This code is ugly as hell and I know it but works with http/https traffic and is +keeping me away from unwanted websites that save data on my computer. + +## Install +```bash +go build main.go +./main +``` +## Usage +Point your computer http/https traffic to ```localhost``` port ```11666``` open browser and cry with blocked internet + +## Tips +Wanna go to facebook - remove last line in block.yaml diff --git a/block.yaml b/block.yaml new file mode 100644 index 0000000..364977f --- /dev/null +++ b/block.yaml @@ -0,0 +1,86 @@ +block: + - '.*.driftt.com.*' + - '.*.drift.com.*' + - '.*.gemius.pl.*' + - '.*.hotjar.com.*' + - '.*.itunes.apple.com.*' + - '.*.meetrics.net.*' + - '.*.scorecardresearch.com.*' + - '.*google-analytics.com.*' + - '.*.mtalk.google.com.*' + - '.*.quantserve.com.*' + - '.*.exactag.com.*' + - '.*.doubleclick.net.*' + - '.*.adnxs.com.*' + - '.*.adform.net.*' + - '.*.googlesyndication.com.*' + - '.*.criteo\..*' + - '.*mtalk.google.com.*' + - '.*.pushpushgo.com.*' + - '.*.amazon-adsystem.com.*' + - '.*adservice.google.*' + - '.*smartadserver.com.*' + - '.*.efigence.com.*' + - '.*.adocean.pl.*' + - '.*.etargetnet.com.*' + - '.*.bbelements.com.*' + - '.*.outbrain.com.*' + - '.*.outbrainimg.com.*' + - '.*.onetrust.com.*' + - '.*.postrelease.com.*' + - '.*.pubmatic.com.*' + - '.*.casalemedia.com.*' + - '.*.adomik.com.*' + - '.*.ocdn.eu.*' + - '.*googletagservices..*' + - '.*ads.linkedin.com.*' + - '.*.rubiconproject.com.*' + - '.*.creativecdn.com.*' + - '.*.snrbox.com.*' + - '.*.erne.co.*' + - '.*.ad.360yield.com.*' + - '.*.gamoshi.io.*' + - '.*.adscale.de.*' + - '.*.adxcore.com.*' + - '.*.bidswitch.net.*' + - '.*.admanmedia.com.*' + - '.*.openx.net.*' + - '.*.everesttech.net.*' + - '.*.demdex.net.*' + - '.*.sectigo.com.*' + - '.*.nsaudience.pl.*' + - '.*.mmstat.com.*' + - '.*analytics.twitter.*' + - '.*.quiet.ly.*' + - '.*.hs-analytics.net.*' + - '.*.usemessages.com.*' + - '.*.truste.com.*' + - '.*.go-mpulse.net.*' + - '.*.trustarc.com.*' + - '.*.truste-svc.net.*' + - '.*.akstat.io.*' + - '.*.leadfeeder.com.*' + - '.*.emsecure.net.*' + - '.*.moatads.com.*' + - '.*.powerlinks.com.*' + - '.*.mfadsrvr.com.*' + - '.*.adsrvr.org.*' + - '.*.nr-data.net.*' + - '.*.crwdcntrl.net.*' + - '.*.agkn.com.*' + - '.*.bluekai.com.*' + - '.*.redintelligence.net.*' + - '.*.advertising.com.*' + - '.*.perfectmarket.com.*' + - '.*.bkrtx.com.*' + - '.*.edgekey.net.*' + - '.*.chartbeat.net.*' + - '.*.optimizely.com.*' + - '.*.sharethrough.com.*' + - '.*.qualtrics.com.*' + - '.*.cedexis.com.*' + - '.*.btrll.com.*' + - '.*.quantcast.com.*' + - '.*.atwola.com.*' + - '.*iteratehq.com.*' + - '.*.facebook.*' diff --git a/main.go b/main.go new file mode 100644 index 0000000..4e7089b --- /dev/null +++ b/main.go @@ -0,0 +1,140 @@ +package main + +import ( + "crypto/tls" + "gopkg.in/yaml.v2" + "fmt" + "io" + "io/ioutil" + "log" + "net" + "net/http" + "regexp" + "time" +) +/*Based on +https://github.com/bechurch/reverse-proxy-demo +https://github.com/txn2/p3y/blob/master/p3y.go +https://medium.com/@mlowicki/http-s-proxy-in-golang-in-less-than-100-lines-of-code-6a51c2f2c38c +*/ + +type conf struct { + Entries []string `yaml:"block"` +} + +//https +func handleTunneling(res http.ResponseWriter, req *http.Request) { + dest_conn, err := net.DialTimeout("tcp", req.Host, 10*time.Second) + if err != nil { + http.Error(res, err.Error(), http.StatusServiceUnavailable) + return + } + res.WriteHeader(http.StatusOK) + hijacker, ok := res.(http.Hijacker) + if !ok { + http.Error(res, "Hijacking not supported", http.StatusInternalServerError) + return + } + client_conn, _, err := hijacker.Hijack() + if err != nil { + http.Error(res, err.Error(), http.StatusServiceUnavailable) + } + go transfer(dest_conn, client_conn) + go transfer(client_conn, dest_conn) +} +func transfer(destination io.WriteCloser, source io.ReadCloser) { + defer destination.Close() + defer source.Close() + io.Copy(destination, source) +} + +// http +func copyHeader(dst, src http.Header) { + for k, vv := range src { + for _, v := range vv { + dst.Add(k, v) + } + } +} + +func handleRequestCustom(res http.ResponseWriter, req *http.Request) { + transport := http.DefaultTransport + out, err := transport.RoundTrip(req) + if err != nil { + http.Error(res, err.Error(), http.StatusServiceUnavailable) + return + } + copyHeader(res.Header(), out.Header) + res.WriteHeader(out.StatusCode) + _, err = io.Copy(res, out.Body) + if err != nil { + http.Error(res, err.Error(), http.StatusInternalServerError) + return + } + err = out.Body.Close() + if err != nil { + http.Error(res, err.Error(), http.StatusInternalServerError) + return + } +} + + +func loadBlockedList(filename string) []regexp.Regexp { + var c conf + yamlFile, err := ioutil.ReadFile(filename) + if err != nil { + log.Printf("yamlFile.Get err #%v ", err) + } + err = yaml.Unmarshal(yamlFile, &c) + regexps := []regexp.Regexp{} + for _, condition := range c.Entries { + //log.Printf("%s", condition) + r := regexp.MustCompile(condition) + regexps = append(regexps, *r) + } + return regexps +} + +func shouldBlock(regList []regexp.Regexp, url string) bool { + for _, condition := range regList { + if condition.MatchString(url) { + return true + } + } + return false +} + +func main() { + port := "0.0.0.0:11666" + log.Printf("Server will run on: %s\n", port) + http.HandleFunc("/", handleRequestCustom) + regList := loadBlockedList("block.yaml") + server := &http.Server{ + Addr: port, + Handler: http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) { + if shouldBlock(regList, req.Host) { + //log.Printf("Blocked %s\n", req.Host) + if wr, ok := res.(http.Hijacker); ok { + conn, _, err := wr.Hijack() + if err != nil { + fmt.Fprint(res, err) + } + conn.Close() + } + } else { + if req.Method == http.MethodConnect { + log.Printf("proxy_url: %s\n", req.Host) + handleTunneling(res, req) + } else { + log.Printf("proxy_url: %s%s\n", req.Host, req.RequestURI) + handleRequestCustom(res, req) + } + } + + }), + // Disable HTTP/2. + TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler)), + } + + server.ListenAndServe() +}