You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am trying to create a proxy which takes any traffic (on loopback addresses and http1.1) and converts it to http 2. So basically 127.0.0.10:7777 gets transferred to 127.0.0.10:7777 after a http2 conversion and so on.
I have solved the part of http2 converson with envoy proxy however I am having problems with the sending to the appropriate destination. I was using the original_dst cluster policy / listening filter with none working.
However this code doesnt work either. This code doesnt have the http2 conversion yet and is only supposed to dynamically find the destination. To test this I hosted a python http server with: python3 -m http.server 80.
Then I tried reaching it (first without proxy):
adrian@adrian-virtual-machine:~/Documents/5g-pentesting-project$ curl localhost
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Directory listing for /</title>
</head>
<body>
<h1>Directory listing for /</h1>
<hr>
<ul>
</ul>
<hr>
</body>
</html>
I also know that there is no sort of issue with my envoy because when i am running my other envoy configuration for the http2 conversion (config code following). I get these results:
###endpoint that only can get http2 packets. With proof using --http2-prior-knowledge and withotu using it###
adrian@adrian-virtual-machine:~/Documents/5g-pentesting-project$ curl 'http://127.0.0.10:7777/nnrf-disc/v1/nf-instances?target-nf-type=AMF&requester-nf-type=SMF' --http2-prior-knowledge
{"validityPeriod":30,"nfInstances":[{"nfInstanceId":"452b4c46-9076-41ef-a30b-053a47f5ba84","nfType":"AMF","nfStatus":"REGISTERED","heartBeatTimer":10,"plmnList":[{"mcc":"999","mnc":"70"}],"ipv4Addresses":["127.0.0.5"],"allowedNfTypes":["SCP","SMF","AMF"],"priority":0,"capacity":100,"load":0,"amfInfo":{"amfSetId":"001","amfRegionId":"02","guamiList":[{"plmnId":{"mcc":"999","mnc":"70"},"amfId":"020040"}],"taiList":[{"plmnId":{"mcc":"999","mnc":"70"},"tac":"000001"}]},"nfServices":[{"serviceInstanceId":"452d0450-9076-41ef-a30b-053a47f5ba84","serviceName":"namf-comm","versions":[{"apiVersionInUri":"v1","apiFullVersion":"1.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"127.0.0.5","port":7777}],"allowedNfTypes":["SMF","AMF"],"priority":0,"capacity":100,"load":0}],"nfProfileChangesSupportInd":true}]}
adrian@adrian-virtual-machine:~/Documents/5g-pentesting-project$ curl 'http://127.0.0.10:7777/nnrf-disc/v1/nf-instances?target-nf-type=AMF&requester-nf-type=SMF'
curl: (1) Received HTTP/0.9 when not allowed
###Request works using my proxy config###
adrian@adrian-virtual-machine:~/Documents/5g-pentesting-project$ curl 'http://127.0.0.10:7777/nnrf-disc/v1/nf-instances?target-nf-type=AMF&requester-nf-type=SMF' -x http://127.0.0.1:8082
{"validityPeriod":30,"nfInstances":[{"nfInstanceId":"452b4c46-9076-41ef-a30b-053a47f5ba84","nfType":"AMF","nfStatus":"REGISTERED","heartBeatTimer":10,"plmnList":[{"mcc":"999","mnc":"70"}],"ipv4Addresses":["127.0.0.5"],"allowedNfTypes":["SCP","SMF","AMF"],"priority":0,"capacity":100,"load":0,"amfInfo":{"amfSetId":"001","amfRegionId":"02","guamiList":[{"plmnId":{"mcc":"999","mnc":"70"},"amfId":"020040"}],"taiList":[{"plmnId":{"mcc":"999","mnc":"70"},"tac":"000001"}]},"nfServices":[{"serviceInstanceId":"452d0450-9076-41ef-a30b-053a47f5ba84","serviceName":"namf-comm","versions":[{"apiVersionInUri":"v1","apiFullVersion":"1.0.0"}],"scheme":"http","nfServiceStatus":"REGISTERED","ipEndPoints":[{"ipv4Address":"127.0.0.5","port":7777}],"allowedNfTypes":["SMF","AMF"],"priority":0,"capacity":100,"load":0}],"nfProfileChangesSupportInd":true}]}adrian@adrian-virtual-machine:~/Documents/5g-pentesting-project$
I would very much appreciate it if someone could tell me what I am doing wrong in the first part of the issue. I am literally using the example in the github repo and it is not working for me with the error codes which I have shown. I wish to have a proxy which just forwards the requests further to their destination.
I am also open to other solutions to this without the original_dst if they work too.
Thank you very much for the help :)
The text was updated successfully, but these errors were encountered:
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions.
Hello Dear Envoy Team,
I am trying to create a proxy which takes any traffic (on loopback addresses and http1.1) and converts it to http 2. So basically 127.0.0.10:7777 gets transferred to 127.0.0.10:7777 after a http2 conversion and so on.
I have solved the part of http2 converson with envoy proxy however I am having problems with the sending to the appropriate destination. I was using the original_dst cluster policy / listening filter with none working.
At some point I tried out the example configuration of this code from the envoy github repository found here: https://github.com/envoyproxy/envoy/blob/main/configs/original-dst-cluster/proxy_config.yaml
However this code doesnt work either. This code doesnt have the http2 conversion yet and is only supposed to dynamically find the destination. To test this I hosted a python http server with:
python3 -m http.server 80
.Then I tried reaching it (first without proxy):
As you see its working fine.
Now I use the code from the before mentioned link as config for my proxy (https://github.com/envoyproxy/envoy/blob/main/configs/original-dst-cluster/proxy_config.yaml) (please note i changed the listener address to 127.0.0.1:8082):
With the envoy proxy showing this in stdout:
I also know that there is no sort of issue with my envoy because when i am running my other envoy configuration for the http2 conversion (config code following). I get these results:
MY PROXY CONFIG:
I would very much appreciate it if someone could tell me what I am doing wrong in the first part of the issue. I am literally using the example in the github repo and it is not working for me with the error codes which I have shown. I wish to have a proxy which just forwards the requests further to their destination.
I am also open to other solutions to this without the original_dst if they work too.
Thank you very much for the help :)
The text was updated successfully, but these errors were encountered: