nathanwoodburn/fireproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
92f4f19d3233ede7b8fe546c4a2a28dcf82e8eb6
fireproxy/TESTING.md

4.4 KiB
Raw Blame History

Testing FireProxy

This document provides instructions for testing the FireProxy server.

Building the Proxy

First, build the proxy server:

make clean
make

Running the Proxy

Start the proxy server on port 8080 (or another port of your choice):

./fireproxy 8080

Testing with a Web Browser

Firefox Configuration

  1. Open Firefox and go to Settings
  2. Search for "proxy" and click on "Settings" in the Network Settings section
  3. Select "Manual proxy configuration"
  4. Set HTTP Proxy to "localhost" and Port to "8080"
  5. Leave other proxy fields empty
  6. Check "Also use this proxy for HTTPS"
  7. Click "OK"

Chrome Configuration

  1. Open Chrome and go to Settings
  2. Search for "proxy" and click on "Open your computer's proxy settings"
  3. Enable proxy settings according to your operating system:
    • Windows: Set the HTTP proxy to "localhost:8080"
    • macOS: Set the Web Proxy (HTTP) to "localhost" with port "8080"
    • Linux: Set the HTTP proxy to "localhost" with port "8080"

Testing with cURL

You can use cURL to test your proxy:

# Test HTTP request through proxy
curl -v --proxy http://localhost:8080 http://example.com/

# Test HTTPS request through proxy (if supported)
curl -v --proxy http://localhost:8080 https://example.com/

HTTPS Support

The proxy now correctly supports HTTPS connections through the HTTP CONNECT method. When using HTTPS:

  1. The browser establishes a tunnel through the proxy to the destination server
  2. The proxy resolves the hostname using DoH
  3. All traffic is forwarded between the client and server without modification

For secure browsing, you must:

  • Configure your browser to trust the connection (you may see certificate warnings)
  • Make sure your proxy settings are applied to both HTTP and HTTPS traffic

Verifying HTTPS Support

To verify HTTPS support is working:

  1. Configure your browser to use the proxy
  2. Visit an HTTPS site like https://example.com
  3. Check the proxy logs for CONNECT requests
  4. You should see messages like: 
    Proxying request to: example.com (port 443)
DoH response received, size: XXX bytes
Resolved example.com to XXX.XXX.XXX.XXX

If you see certificate warnings, this is normal - your browser is correctly verifying the security of the connection.

Verifying DoH Functionality

To verify that your proxy is using the DoH server for DNS resolution:

  1. Run the proxy with increased verbosity (if available)
  2. In another terminal, monitor the proxy output while making requests
  3. You should see messages indicating DoH lookups to hnsdoh.com
  4. The proxy should log the resolved IP addresses

Troubleshooting

Common Issues

  1. Connection refused: Make sure the proxy is running and listening on the configured port
  2. DNS resolution failures: Check your internet connection and access to hnsdoh.com
  3. Memory leaks: For long-running tests, monitor memory usage to ensure proper cleanup

HTTP and HTTPS Troubleshooting

If only HTTPS or only HTTP is working:

HTTP Issues

  • Ensure correct Host header extraction in HTTP requests
  • Try a simple curl command: curl -v --proxy http://localhost:8080 http://example.com/
  • Check proxy logs for any HTTP-specific errors
  • Verify that the proxy correctly forwards the entire HTTP request, including all headers

HTTPS Issues

  • HTTPS uses the CONNECT method which creates a tunnel without modifying content
  • Try a simple curl command: curl -v --proxy http://localhost:8080 https://example.com/
  • Certificate warnings are expected and don't indicate proxy failure
  • Ensure your browser's security settings allow connecting through the proxy

Common Fix for Both

If either HTTP or HTTPS isn't working, you can restart the proxy server and try again with verbose logging enabled.

Using Network Monitoring Tools

You can use tools like Wireshark to monitor the traffic:

# Capture traffic on loopback interface
sudo tcpdump -i lo port 8080 -vv

Performance Testing

For load testing the proxy:

# Install Apache Bench (ab) if not already installed
# Then test with multiple concurrent connections
ab -n 1000 -c 10 -X localhost:8080 http://example.com/

Security Testing

Since your proxy handles web traffic, consider testing for:

  1. Buffer overflow vulnerabilities using oversized requests
  2. Handling of malformed HTTP requests
  3. Proper handling of connection termination
Reference in New Issue View Git Blame Copy Permalink