Regular Expression Parsing of TCP Session

Andrew Lauder andrew at mylanguage.me
Sat Aug 6 22:27:21 UTC 2011


Hi,

** This is a very important project, with a very short timeline. If
any developers are interested in building this, and potentially
releasing it as open source, please contact me asap! My contact
details are included below. **

I'm attempting to configure a reverse TCP proxy which is able to
provide seamless authentication for a partner company's API. The API
has no per-user granular access control capability, so I'm hoping to
add this control by inspecting the first non-handshake packet (after
SYN, SYN/ACK, ACK).

I'm looking for the value between <uid> and </uid>, which is always
sent as the first non-handshake packet.
Possible regex: <uid>(.*)</uid>

So far, I've successfully compiled nginx w/ TCP Proxy module,
configured it to allow me to access partner API, and it works great.
Now, I'm attempting to read the first non-handshake packet, looking
for <uid>(.*)</uid>
Once I have this uid value, I will use drizzle module to connect
directly to MySQL cluster to see if uid has access to API. If it has
access, nginx should simply forward the request. If not, nginx should
block the request with an error message.

I've tried looking at form-input module, because it is able to parse
POST variables. I've also looked at HTTP Header parsing code in nginx
core, but I haven't figured out how to get pointer to TCP payload. I
believe once I have a pointer, it will be possible to find the value
I'm looking for.

Another note - If the packet is not #4 in the stream, I don't want to
process it. Otherwise it will become very CPU intensive.


I'm a complete newbie to nginx, however I am already quite impressed,
and I would like to support future development of the product (both
open source and paid).

Cheers!

-- 
Andrew Lauder
CEO, Founder
myLanguage, Inc.
http://www.myLanguage.me

t: +1 408 982 6515 | f: +1 408 856 2534
e: andrew at mylanguage.me



More information about the nginx-devel mailing list