NAME
Net::DNAT - Psuedo Layer7 Packet Processer
SYNOPSIS
use Net::DNAT;
run Net::DNAT <settings...>;
DESCRIPTION
This module is intended to be used for testing applications designed for load balancing systems. It listens on specified ports and forwards the incoming connections to the appropriate remote applications. The remote application can be on a separate machine or on the same machine listening on a different port and/or address.
PEER SOCKET SPOOF
This implementation does not actually translate the destination address in the packet headers and resend the packet, like true DNAT does. It is implemented like a port forwarding proxy. When a client connects, a new socket is made to the remote application and the connection is tunnelled to/from the client. This causes the peer side of the socket to appear to the remote application like it is coming from the Net::DNAT box instead of the real client. This peer modification side effect is usually fine for testing and developmental purposes, though.
HTTP
If you do not care about where the hits on your web server are coming from, then you do not need to worry about this section. If the remote application is the Apache 1.3.x web server, ( see http://httpd.apache.org/ ), then the Apache::DNAT module can be used to correctly and seemlessly UnDNATify this peer munging described above. If mod_perl is enabled for Apache, then add this line to its httpd.conf:
PerlModule Apache::DNAT
PerlInitHandler Apache::DNAT
If you cannot do this, (because it is a web server other than Apache, or you do not have mod_perl enabled, or you do not have access to the web server, or you just do not want the CPU overhead to fix the peer back to normal, or for whatever reason), then it will still function fine. Just the server logs will be inaccurate and the CGI programs will run with the wrong environment variables pertaining to the peer (i.e., REMOTE_ADDR and REMOTE_PORT).
INSTALL
See INSTALL document.
EXAMPLES
See demo/* from the distribution for some working examples.
TODO
Support for HTTP/1.1 protocol conversion to 1.0 protocol and back again.
Support for HTTP/1.1 KeepAlive timeout and KeepAliveRequests.
Support for SSL protocol conversion to plain text.
Support for html error pages for internal errors like Server outages.
Support for error logs.
Support for access logs.
Support for CVS protocol.
Support for FTP protocol.
Support for OOB channel data correctly.
Support for DNS protocol.
Support for periodic service checks (Net::Ping)
to disable and enable forwarding.
LAYER
More information on network layers:
http://uwsg.iu.edu/usail/network/nfs/network_layers.html
COPYRIGHT
Copyright (C) 2002,
Rob Brown, rob@roobik.com
This package may be distributed under the same terms as Perl itself.
All rights reserved.
SEE ALSO
L<Apache::DNAT>,
L<Net::Server>,
L<IO::Multiplex>