A forward proxy acts as a service endpoint  to clients on an internal network for services available on the Internet or some other external network.  An HTTP forward proxy intercept users' requests and can performs actions that protect the network or enforce enterprise policy.

Continuing on our LineRate Lightning Series, here's an example of using LineRate's forward proxy feature in your organization.  The power of custom Node.js scripts can be used take policy enforcement from basic to a more advanced level.

This scripting example will show you how LineRate can perform simple client request redirects in forward proxy operation. For example, this redirect page may be an authentication page for authentication, authorizing, and accounting. It can also be used to inform the user that their request has been blocked due to policy violation.

 


/*************************************************************************************************
* Description: 
* HTTP redirection in a forward-proxy context. A forward-proxy is useful for filter 
* connections particularly outbound to the internet for clients sitting behind a 
* firewall for example. In this example below, any user HTTP request from clients 
* results in a redirection to the specified site (in this case a bland example.com site).
* More sophistication can be added like a login page for authenticating outbound/internet 
* access and other enterprise policy enforcement.
*/
 
"use strict";
 
var fpm = require('lrs/forwardProxyModule');
var redirectHost = 'www.example.com';
 
/* Handler for client requests - this pulls out the host field value */
function onClientReq(servReq, servResp, next) {
  /* extract the full URL request from the header */
  var requestedHost = servReq.headers.host || '';
  
  /* Test if the URL request matches the redirection.
   * Forward the request along on such a match thereby preventing
   * a redirect loop.
   */
  if(requestedHost == redirectHost) {
    next();
  }
  else {
    servResp.setHeader('Content-Type', 'text/html');
    servResp.writeHead(301, {'Location' : 'http://' + redirectHost, 'Server' : 'LineRate'});
    servResp.end();
  }
}
 
var onExists = function(fp) {
  fp.on('request', onClientReq);
};
 
fpm.on('exist', 'fp1', onExists);

Here is the gist.