I decided to test how proxy server anonymity looks like and how to control it. The purpose was to get HTTP request header which server receives from proxy when proxy settings are anonymous, semi-anonymous or what ever. I installed squid proxy server on one Linux machine and started to play with its settings located in /etc/squid/squid.conf file. After every modification of squid.conf squid was restarted. The wget utility was used as HTTP client and on destination HTTP server I uploaded the following php script to receive all HTTP request header fields from HTTP server:
|
<?php echo "<pre>\n"; foreach (getallheaders() as $name => $value) { echo "$name: $value\n"; } echo "</pre>\n"; ?> |
wget command I used was:
|
wget -d -e use_proxy=yes -e http_proxy=10.19.69.11:8080 http://russianmafia.ru/headers.php |
where 192.168.13.110 is IP address of machine where the squid proxy was installed, 8080 listening port and http://russianmafia.ru/headers.php is destination point.
The request header sent by wget client looked like:
|
GET http://russianmafia.ru/headers.php HTTP/1.0 User-Agent: Wget/1.12 (linux-gnu) Accept: */* Host: russianmafia.ru |
Test 1
forwarded_for and via are “off”, “follow_x_forwarded_for deny all” and “request_header_access X-Forwarded-For deny all” are uncommented:
|
via off forwarded_for off follow_x_forwarded_for deny all request_header_access X-Forwarded-For deny all |
Request header on the destination HTTP server (header does not contain IP address of client machine):
|
User-Agent: Wget/1.12 (linux-gnu) Accept: */* Host: russianmafia.ru Cache-Control: max-age=259200 Connection: keep-alive |
Test 2
forwarded_for and via are “off”, follow_x_forwarded_for is uncommented, but request_header_access is commented out:
|
via off forwarded_for off follow_x_forwarded_for deny all # request_header_access X-Forwarded-For deny all |
Request header on the destination HTTP server (header does not contain IP address of client machine, but shows that request has been forwarded fron unknown client):
|
User-Agent: Wget/1.12 (linux-gnu) Accept: */* Host: russianmafia.ru X-Forwarded-For: unknown Cache-Control: max-age=259200 Connection: keep-alive |
Test 3
forwarded_for and via are “off”, follow_x_forwarded_for and request_header_access are commented out:
|
via off forwarded_for off # follow_x_forwarded_for deny all # request_header_access X-Forwarded-For deny all |
Request header on the destination HTTP server (the same as previous, header does not contain IP address of client machine, but shows that request has been forwarded fron unkwon client):
|
User-Agent: Wget/1.12 (linux-gnu) Accept: */* Host: russianmafia.ru X-Forwarded-For: unknown Cache-Control: max-age=259200 Connection: keep-alive |
Test 4
forwarded_for is “on” via is “off”, follow_x_forwarded_for and request_header_access are commented out:
|
/etc/squid/squid.conf via off forwarded_for on # follow_x_forwarded_for deny all # request_header_access X-Forwarded-For deny all |
Request header on the destination HTTP server (header contains IP address of client machine):
|
User-Agent: Wget/1.12 (linux-gnu) Accept: */* Host: russianmafia.ru X-Forwarded-For: 10.19.69.11 Cache-Control: max-age=259200 Connection: keep-alive |
Test 5
forwarded_for is and via are “on”, follow_x_forwarded_for and request_header_access are commented out:
|
/etc/squid/squid.conf via on forwarded_for on # follow_x_forwarded_for deny all # request_header_access X-Forwarded-For deny all |
Request header on the destination HTTP server (header contains IP address of client machine plus presented information about proxy server):
|
User-Agent: Wget/1.12 (linux-gnu) Accept: */* Host: russianmafia.ru Via: 1.0 localhost.localdomain (squid/3.1.23) X-Forwarded-For: 10.19.69.11 Cache-Control: max-age=259200 Connection: keep-alive |
By the way when via is “on” response header received by client also contain data about proxy:
|
HTTP/1.0 200 OK Date: Tue, 04 Jul 2017 16:36:44 GMT Server: Apache/2.4.12 (Ubuntu) Vary: Accept-Encoding Content-Length: 197 Content-Type: text/html; charset=UTF-8 X-Cache: MISS from localhost.localdomain X-Cache-Lookup: MISS from localhost.localdomain:8080 Via: 1.0 localhost.localdomain (squid/3.1.23) Connection: close |
Testing proxy from premproxy.com
| 1. |
|
# wget -d -e use_proxy=yes -e http_proxy=210.35.171.5:8080 http://russianmafia.ru/headers.php |
| HTTP requesrt header on russianmafia.ru |
|
Accept: */* Connection: close Host: russianmafia.ru User-Agent: Wget/1.13.4 (linux-gnu) Via: http/1.1 localhost.localdomain[FE8000000000000092E2BAFFFE841C50] (Ap$ X-Http-Proto: HTTP/1.1 X-Log-6662: 210.35.171.70 X-Real-Ip: 210.35.171.70 |
| 2. |
|
# wget -d -e use_proxy=yes -e http_proxy=206.127.88.18:80 http://russianmafia.ru/headers.php |
| HTTP requesrt header on russianmafia.ru |
|
Accept: */* Connection: close Host: russianmafia.ru User-Agent: Wget/1.13.4 (linux-gnu) Via: 1.1 blogs.lccountymt.gov X-Http-Proto: HTTP/1.1 X-Log-6662: 206.127.88.18 X-Real-Ip: 206.127.88.18 |
| 3. |
| # wget -d -e use_proxy=yes -e http_proxy=193.111.177.51:80 http://russianmafia.ru/headers.php |
| HTTP requesrt header on russianmafia.ru |
|
Accept: */* Connection: close Host: russianmafia.ru User-Agent: Wget/1.13.4 (linux-gnu) X-Http-Proto: HTTP/1.1 X-Log-6662: 193.111.177.51 X-Real-Ip: 193.111.177.51 |
| 4. |
wget -d –header “Connection: keep-alive” -e use_proxy=yes -e http_proxy=103.234.254.164:80 http://russianmafia.ru/headers.php |
| HTTP requesrt header on russianmafia.ru. (Proxy replaces its IP) |
|
Accept: */* Connection: close Host: russianmafia.ru User-Agent: Wget/1.13.4 (linux-gnu) Via: 1.1 10.10.10.2 (Mikrotik HttpProxy) X-Http-Proto: HTTP/1.1 X-Log-6662: 43.247.15.216 X-Proxy-Id: 953367358 X-Real-Ip: 43.247.15.216 |