Network Security Fall 2000: Homework 1

This homework is due at 5 pm on September 21, 2000 (email time stamp). The non-programming part of the homework will follow shortly. A review of sockets may be helpful.

  1. Write a simple HTTP "firewall"/proxy. Your firewall should accept an HTTP GET request on port 8080 (TCP) and forward it to the correct destination, returning the result from the web server. You only need to parse the first line of the HTTP request to obtain the host and path of the desired web page. Briefly, an HTTP/1.1 request for to has the following form:
    GET HTTP/1.1
    Proxy-Connection: Keep-Alive
    User-Agent: Mozilla/4.5 [en] (X11; I; SunOS 5.6 sun4u)
    Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
    Accept-Encoding: gzip
    Accept-Language: en
    Accept-Charset: iso-8859-1,*,utf-8

    The end of the request is indicated by a blank line.

    In this example, your proxy would then establish a TCP connection to and send the same request, but with the first line as

    GET /index.html HTTP/1.1

    The server may close the connection when it is done, but you shouldn't rely on that. (Modern servers leave the connection open for efficiency.)

    Be sure that the version number of the request (HTTP/1.0 or HTTP/1.1) remains the same when crossing the proxy.

    You should configure your web browser to use your proxy server. (In Netscape, use Edit/Preferences/Advanced/Proxies.)

    Details of the HTTP protocol can be found in RFC 2616.

    You might find the host2ip.c routine handy to translate host names into IP addresses. You may use either C(++) or Java to implement the proxy. Please do not use Perl, Tcl or VisualBasic. Your proxy only has to support the HTTP GET request, not POST or PUT, but it should be able to deal with web servers listening on ports other than the default port of 80 (e.g.,

    (35 pts.)

Last updated by Henning Schulzrinne