/* 

(C) 1999 - secureroot.com production



this simple c script makes it possible to act as a gateway to

firewall protected network... let say you want to install this script

at http://www.mysite.com/cgi/tunnel.cgi and you want it to redirect

all connections to a server behind firewall with ip 192.168.1.34...

you have to set MY_SERV to 192.168.1.34 and PATH to path on the

protected server (example: /documents/). Everytime someone

access 

http://www.mysite.com/cgi/tunnel.cgi?index.html 

he or she will see the content of

http://192.168.1.34/documents/index.html


Tested on:
	Linux Slackware 3.6
	Linux Red Hat 6.0
	SunOS 5.7


*/





#include <sys/types.h>

#include <sys/socket.h>

#include <netinet/in.h>

#include <arpa/inet.h>

#include <stdio.h>

#include <stdlib.h>

#include <ctype.h>

#include <string.h>

#include <errno.h>

#include <signal.h>

#define MY_SERV "192.168.1.34" /* redirect to this host (behind firewall) */

#define PATH "/documents/" /* redirect to this location */

#define MAXHTMLSIZE 128*1024 /* max 128kb html */

#define TIMEOUT 60 /* seconds */

char *type,*buf;

/*

extern int socket(int domain, int type,int protocol);

extern unsigned long int inet_addr(const char *cp);

extern int connect(int sockfd, struct sockaddr *serv_addr, int addrlen);

*/

extern void timeon();



void timeon () {

 	printf("<HTML><HEAD>\n");

	printf("<TITLE>Error Page.</TITLE></HEAD>\n");

	printf("<BODY TEXT=\"#000000\" BGCOLOR=\"white\" LINK=\"#1FA0FF\" VLINK=\"#1FA0FF\" ALINK=\"#1FA0FF\"><center>\n");

	printf("Can't connect to the server</center>");

	printf("<hr><center><font size=\"-2\" color=#AAAAAA>Programming by <a href=\"http://secureroot.com\">secureroot.com</a></font></center></BODY></HTML>\n");

	exit;

}



int open_http (char *hostaddr, unsigned int port){

int sockfd;

struct sockaddr_in serv_addr;

	bzero((char *) &serv_addr, sizeof(serv_addr));

	serv_addr.sin_family=AF_INET;

	serv_addr.sin_addr.s_addr=inet_addr(hostaddr);

	serv_addr.sin_port=htons(port);

	signal(SIGALRM, *timeon);

	alarm(TIMEOUT);

	if((sockfd = socket(AF_INET,SOCK_STREAM,0)) < 0) {

		signal(SIGALRM,SIG_IGN);

		return(-1);

	}

	if((connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr))) < 0) {

		signal(SIGALRM,SIG_IGN);

		return(-2);

	}

/*	signal(SIGALRM,SIG_IGN);*/

	return(sockfd);

}







int download (char *hostaddr, unsigned int port, char *in){

int fd;

char *s, *content, *temp, *remoteaddr, *ref="";

int size,i;

char str[BUFSIZ]="";

 	printf("Content-type: text/html\r\n\r\n"); 

	if((fd = open_http(hostaddr,port))<0) return(-1);

/*	if (getenv("HTTP_REFERER")!=0) ref=getenv("HTTP_REFERER");*/

	remoteaddr=getenv("REMOTE_ADDR");

	sprintf(str,"GET %s%s&ip=%s\r\n",PATH,in,remoteaddr);

	/* Referer: %s-%s\r\n  ,ref,remoteaddr*/

	strcat(str,"\r\n\r\n");

	if(write(fd,str,strlen(str))<0) return(-1);

	/* read the answer from the server */

	s=buf;

	size=0;i=0;

	while(i=read(fd,s,MAXHTMLSIZE-1-size)){

		size+=i;

		s+=i;

		if(i<0) return(-1);

	}

	close(fd);

	buf[size]=0;

	printf("%s\n",buf);

}





main() {

char *env;

	buf=(char*)malloc(MAXHTMLSIZE);

	env=getenv("QUERY_STRING");    

	if (download(MY_SERV,8080,env)<0) timeon;

}