Intercept HTTP CONNECT Method / Tunnel only

cerberus247 · September 29, 2021, 9:35am

Hi,

I’m fairly new to HAProxy and trying to establish if it is possible to replicate something that we can do within Fiddler Fiddler Classic but move to HAProxy…

Essentially, all I want to do is let all traffic pass through to another internal/internet proxy and intercept only a specific HTTP CONNECT method.

E.G. If host = example.com then rewrite to host = example.co.uk.
As a result, all traffic will tunnel to the new host…

For example in Fiddler I can script like this :

// Capture only example.com and rewrite host to example.co.uk for the CONNECT method and tunnel
if (oSession.HTTPMethodIs("CONNECT") && (oSession.host == "example.com:443")) { 
	oSession.host = "example.co.uk:443";
}

Client → HAProxy [Intercept CONNECT / Rewrite ] → Internal Proxy → Internet

Is this even possible with HAProxy…???
I cannot seem to find exact similar use-cases…

Thanks!
J

rhada · October 1, 2021, 3:12pm

Hello,

You can try to set up un acl, to send requests to defined backend and then rewrite Host Header :

acl mydomain hdr(host) -i mydomain.com
use_backend example.com if mydomain

backend example.com
    http-request set-header Host example.com
    server example.com example.com:80 check

This config replace host header when forwarding the request to the backend. We use it with clear http and it just works. not sur with ssl backend.

Topic		Replies	Views
HTTP CONNECT method handling Help!	1	2155	April 11, 2024
Convert proxy connect request Help!	2	1152	February 13, 2018
Aliasing or Redirecting the Web URLS Help!	15	15451	March 26, 2020
How can I filter http/1.0 connection Help!	1	706	October 14, 2016
Proxy CONNECT aborted error during SSL Pass-through Help!	10	13137	September 12, 2017

Intercept HTTP CONNECT Method / Tunnel only

Related topics